According to a new court filing, government prosecutors have formally asked a federal judge to cancel her prior order that would have compelled Apple to assist efforts to unlock a seized iPhone linked to the San Bernardino attacks in late 2015.
Apple had publicly said in court that it would resist all efforts to force its compliance. Last week, however, the hearing between prosecutors and Apple was postponed less than 24 hours before it was set to take place, because the Department of Justice said it was evaluating a new method to access the phone's data.
"The government has now successfully accessed the data stored on [terrorist Syed Rizwan] Farook’s iPhone and therefore no longer requires the assistance from Apple Inc.," prosecutors wrote in the Monday filing, which does not explain precisely what was done. The government has also not explained what, if any data was recovered.
Thom Mrozek, a DOJ spokesman, did not respond to Ars' questions as to whether this technique would be disclosed to the court, to Apple, or even to the public.
Apple did not immediately respond to Ars' request for comment.
In a Monday evening call with reporters, a law enforcement official who was granted anonymity, said that the DOJ would not comment on the possibility of future disclosures to Apple, adding that it would also not explain what data was accessed, nor what non-government entity helped prosecutors. He also said that the FBI would continue to assist state and local law enforcement partners in lawfully accessing data held on mobile devices—suggesting that this technical and legal tactic could continue in the future.
The DOJ had previously told the judge they needed this new version of iOS as a way to get into the seized iPhone 5C that was used by Farook. The iOS 9 phone was encrypted with a four-digit passcode, and investigators were afraid that if they enter the wrong passcode 10 times, it would auto-delete all the data on the phone. The initial order would have forced Apple to create a customized version of iOS that would disable this lockout feature, enabling the government to brute force passcodes until it could get in.
The government relied on its interpretation of an obscure 18th-century law known as the All Writs Act, which allows courts to compel people and companies to do certain actions. Last month, Apple put forward its first formal legal arguments, based on a rejection of a 1977 Supreme Court decision United States v. New York Telephone, the prominent case that relies on the All Writs Act. There, authorities demanded that the utility implement a surveillance tool known as a pen register trap and trace device to investigate a gambling operation.
"This shows that Apple was right all along that it was not necessary for the government to make it weaken its encryption to get what it needed pursuant to its warrant," Neil Richards, a law professor at Washington University in St. Louis, told Ars. "It’s an implicit concession by the government that its All Writs Act argument wasn’t a good one."
Last Friday, Jonathan Zdziarski, a well-known iOS security and forensics expert, detailed a NAND mirroring attack, which demonstrates "how copying back disk content could allow for unlimited passcode attempts."
reader comments
240