Friday, 11 March 2016

The FBI Vs Apple Inside Story

The FBI Vs Apple Inside Story

Mark Pickavance reveals some of the very telling subtext to a story that mainstream media and politicians can’t grasp

After the war on terrorism, the new target seems to be the war on privacy – or more specifically the war on encryption.

A recent focal point for these events is a spat between the FBI and Apple, because the agency would like Apple to hack its own encryption, which it designed to be unbreakable. Understandably, Apple doesn’t want to use its resources to do that, to prove that it lied to its customers when it told them their information was 100% secure.


If you’ve watched the news on this subject, you’ll already have a handle on how important these events are, even if very few people commenting appear to have any handle on what this argument is really about.

When those bidding to become president of the USA were quizzed on the issue, it soon became very apparent that not one of them actually understood it or had anything useful to contribute at all.

There is, however, plenty about this story that hasn’t been well publicised, which might well put a fresh perception on it if people realised what really went on.

If you haven’t followed this story, then I should explain that the FBI is investigating a terrorist incident in which Rizwan Farook and his wife killed 14 co-workers in San Bernardino, California, before themselves being gunned down by local law enforcement.

Afterwards, Farook’s iPhone became a critical piece of evidence, as those investigating the case wished to find out who might have known about the couple’s intentions or perhaps aided in its inception and execution.

The phone technically wasn’t owned by Farook; it was a device provided to him by the San Bernardino Health Department, so Apple considered it to be the device’s ‘owner’.

But Farook did secure the iPhone with a four-digit numeric password, a protection that has entirely stumped the collective resources of the FBI. Therefore, it has asked Apple to circumvent the protection, so it can access the contents of the phone. Apple has refused, despite the FBI getting a court order.

That pretty much sums up the story as presented in mainstream press, but those facts are actually the least interesting aspects of this tale.

Countdown To Fiasco


For those who don’t own an iPhone, I should point out that Apple’s encryption on it is pretty sophisticated stuff, and by default all phones come pre-encrypted.

Four digits also might not sound like much to hack, with just 10,000 possibilities, but you only get ten chances to guess right before what’s on that phone is lost forever.

But surely that’s not a problem, because the phone backs itself up to Apple’s own cloud services, and Apple does have access to that, so you can buy a new phone and then have all your data magically appear on your new device!

Given this basic information, which even I understand, and I’ve never owned an iPhone, surely all the data on that phone should be sitting in the inbox of the lead FBI agent on this case by now? It isn’t, so why is that?

When the FBI first got hold of the phone, it contacted Apple and explained its dilemma. Apple told it that the phone would back itself up as soon as it was brought near a wi-fi access point that it had previously used. Apple suggested to the FBI that it take the phone to Farook’s house and use the wi-fi there.

Unfortunately, the FBI had already swooped on that location and taken all the equipment away, undermining the investigation.

Apple suggested instead that they take it to his place of work and get it to sync there. But magically by the time it got there, it was stuffed. How did that happen?

Someone at the San Bernardino Health Department took it upon themselves, as the ‘owner’ to send a reset request to the phone’s iCloud password.

Once this was done, the phone wouldn’t sync, as it didn’t have a verified password until a new one was created, and to do that you’d need the pass number to unlock the phone to enter that new password creation cycle.

Why would someone do something so stupid? Well, according to a tweet that the San Bernardino County sent out, “The county was working cooperatively with the FBI when it reset the iCloud password at the FBI’s request.”

Eh? So the FBI told these people to do something that stymied the case, and now it’s all Apple’s fault, because it won’t spend millions and use its best people to undo what was done?

That’s like the FBI taking a pile of ashes that was once a book to a forensic scientist and demanding to know what was on it, having previously set it on fire.

Final Thoughts


When events like these unfold, we’re given a rather stark choice between the cockup theory or the failure-by-design option. Neither in this case paints the FBI in a very good light, because its either quite inept or conspiring to get encryption removed from phones by nefarious means.

Assuming that it’s inept, which is probably the nicer option of the two, I’m very curious about why it didn’t just ring its buddies at the NSA or CIA and ask them what they do when they want data off an iPhone?

Surely they have a method that works for them, or do terrorists only need encrypted phones to be untouchable? I think not.

Perhaps they were too embarrassed to call. Whatever the reason, security services in the USA in general have been trying to get encryption outlawed in the USA (and the rest of the world) for some time.

The general view is that it would be easier for them if it didn’t exist and, oddly, organised crime is fully with them on this point.

There is also some evidence that this wasn’t entirely a cockup. In the court paper that the FBI issued when it went after a Motion to Compel, it revealed that although it told everyone that the house Farook lived in had been fully processed, it now turns out it wasn’t.

The suspicion that is most obvious is that the FBI knows enough about Farook and his partner to know that there is very little on his iPhone that they don’t already know, and that the entire purpose of making this mess was to corner Apple into doing something it’s repeatedly resisted.

Apple isn’t likely to give up its security bone, because telling everyone that there is a special FBI backdoor is effectively the same as saying that their phones have no security.

Given the number of legal levels we have to go through before we get to the Supreme Court, this could take some time – unless a crazy person becomes US president and uses executive powers to compel Apple to do the government’s bidding.

Should that happen, the market for Apple products could take a sudden dip, especially outside the USA.