Related:

28 March 2016, US District Court, Central District CA: In the Matter of the Search of an Apple iPhone Seized During the Execution of a Search Warrant on a Black Lexus IS300, California License Plate #5KGD203 (Government's Status Report) (PDF)

21 March 2016, WP: FBI may not need Apple to unlock San Bernardino shooter's iPhone

1 March 2016, WP: FBI director: Victory in the fight with Apple could set a precedent, lead to more requests


https://www.washingtonpost.com/world/national-security/fbi-has-accessed-san-bernardino-shooters-phone-without-apples-help/2016/03/28/e593a0e2-f52b-11e5-9804-537defcc3cf6_story.html

FBI has accessed San Bernardino shooter's phone without Apple's help

By Matt Zapotosky

March 28, 2016

The Justice Department is abandoning its bid to force Apple to help it unlock the iPhone used by one of the shooters in the San Bernardino terrorist attack because investigators have found a way in without the tech giant's assistance, prosecutors wrote in a court filing Monday.

In a three-sentence filing, [1] prosecutors wrote that they had "now successfully accessed the data" stored on Syed Rizwan Farook's iPhone and that they consequently no longer needed Apple's court-ordered help getting in. The stunning move averts a courtroom showdown pitting Apple against the government -- and privacy interests against security concerns -- that many in the tech community had warned might set dangerous precedents.

It is unclear how, precisely, investigators got into the phone, or what FBI agents learned about the plot from the materials they were able to review. On the eve of a hearing in the case last week, the FBI had signaled that it might have found a way into Farook's device, [2] writing in a court filing that "an outside party demonstrated to the FBI a possible method." But government officials said they wanted to test that method further before employing it in Farook's case, and they did not offer details about who proposed it or how it would work.

The Justice Department declined to comment on Monday. In a statement, Apple said: "From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. This case should never have been brought."

The government will now be left to decide whether it will outline the method to Apple in keeping with a little-known process [3] in which federal officials are supposed to consider disclosing security vulnerabilities they find.

Michael Daniel, special assistant to the president and cybersecurity coordinator, wrote in a White House blog post published [4] in April 2014 that "disclosing vulnerabilities usually makes sense," given how much people rely on the Internet and connected devices.

"But there are legitimate pros and cons to the decision to disclose, and the trade-offs between prompt disclosure and withholding knowledge of some vulnerabilities for a limited time can have significant consequences," Daniel wrote. "Disclosing a vulnerability can mean that we [forgo] an opportunity to collect crucial intelligence that could thwart a terrorist attack, stop the theft of our nation's intellectual property, or even discover more dangerous vulnerabilities that are being used by hackers or other adversaries to exploit our networks."

Agents and prosecutors were focused for now on the San Bernardino case, and no decision had been made on disclosing the vulnerability, said a federal official who spoke on the condition of anonymity because the investigation is ongoing.

Mark Bartholomew, a professor at SUNY Buffalo Law School who specializes in intellectual property and technology law, said he expected Apple would fight to learn about it so the company could fix the problem.

"They're going to pursue this in the courts, and I don't know where this will end up," Bartholomew said.

Farook and his wife, Tashfeen Malik, were killed in a shootout with police after they launched an attack that killed 14 people at the Inland Regional Center in San Bernardino, Calif., in December. Prosecutors have said their neighbor, Enrique Marquez Jr., was involved in terrorist plots and had discussed with Farook possibly targeting a nearby community college and highway. He is facing charges in federal court.

The bid to access Farook's phone was meant to further the FBI's investigation, though it was controversial from the start. The Justice Department obtained a court order compelling Apple's assistance under the All Writs Act, a centuries-old law that gives courts the power to "issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law."

David Bowdich, assistant director in charge of the FBI's Los Angeles field office, said in a statement, "We promised to explore every investigative avenue in order to learn whether the San Bernardino suspects were working with others, were targeting others, or whether or not they were supported by others. While we continue to explore the contents of the iPhone and other evidence, these questions may not be fully resolved, but I am satisfied that we have access to more answers than we did before and that the investigative process is moving forward."

If allowed to stand, the order in Apple's case would have forced company engineers to create software to disable a phone security feature so that the FBI could try its hand at unlocking the device by cracking a numeric password. Apple quickly resisted, arguing that forcing it to create such software would violate the company's constitutional rights and weaken privacy for users around the world.

Federal prosecutors and the FBI had sought to characterize the dispute as limited to only Farook's phone, though FBI Director James B. Comey acknowledged that it could set a precedent if the government won. [5] They argued that Apple, which creates its software, was the only party that was in a position to help.

Monday's filing squarely contradicts that claim -- although federal authorities have said someone came forward with the new technique only after the FBI began its high-profile legal battle with Apple. Neither side backed down from its arguments, but with Monday's filing a legal resolution will remain on hold.

That means it might take another case to determine to what extent the All Writs Act permits a court to order a company to provide technical assistance in unlocking encrypted devices.

Aaron Levie -- co-founder and chief executive of cloud-computing company Box, which filed a legal brief supporting Apple's case -- said he didn't see a winner in the FBI's decision to withdraw the case. "I can't anoint any winner," he said in an interview. "This entire experience has brought to the fore a much bigger problem that remains unresolved."

Bartholomew, the law professor, said Congress might even be spurred to weigh in.

The technique the government found to get into the phone, though, might see immediate re-use. In a court filing last week, Apple told a federal judge that if the solution worked, it wanted to see if it could also be used to unlock an iPhone used by a drug dealer in a Brooklyn case and eliminate the need for the company's help there.Notably, the two phones run on different operating systems -- Farook's on iOS 9 and the drug dealer's on the older iOS 7. And Apple has previously extracted data from locked phones running older operating systems.

A federal official said the new technique has been demonstrated to work only on iOS 9, though Apple has said in previous court filings that it would like to test that claim.

Elizabeth Dwoskin and Ellen Nakashima contributed to this report.

[1] http://apps.washingtonpost.com/g/documents/national/governments-status-report/1913/

[2] https://www.washingtonpost.com/world/national-security/apple-hearing-in-san-bernardino-over-locked-iphone-has-been-canceled/2016/03/21/1141a56e-efb8-11e5-85a6-2132cf446d0a_story.html

[3] http://www.bloomberg.com/news/articles/2016-03-23/thank-you-for-hacking-iphone-now-tell-apple-how-you-did-it

[4] https://www.whitehouse.gov/blog/2014/04/28/heartbleed-understanding-when-we-disclose-cyber-vulnerabilities

[5] https://www.washingtonpost.com/news/post-nation/wp/2016/03/01/fbi-apple-bringing-fight-over-encryption-to-capitol-hill/