Apple says the FBI changed terrorists’ iPhone password

iPhone 5c pocket

It appears the reason for the entire battle between the FBI and Apple is the fact that the Apple ID password on the iPhone in question was changed less than 24 hours after the government took possession of it. A senior Apple executive told reporters during a conference call on Friday, Feb. 19 that if that hadn’t happened, the company wouldn’t need to create a backdoor into the device, as the information would have been easily accessible via iCloud.

According to the unnamed executive, Apple was in discussions with the FBI since early January and proposed four different ways to recover the information. Apple even sent engineers to try these methods. One method involved connecting the iPhone to a known Wi-Fi network while plugged in. This could be at Farook’s home or office. The idea is that it would trigger an automatic backup to iCloud, which Apple would gladly turn over to the FBI. When this failed, Apple investigated the situation further and found out the ID password was changed online by someone from the county health department. Unfortunately there is no way to enter the new password on the locked iPhone, which would allow it to be backed up to iCloud.

The FBI was able to recover some of the device’s data since Farook’s iPhone was backed up to iCloud six weeks prior to the attack. While Apple did turn over that data to authorities, the FBI still needs the data between the last backup and the attack. Unfortunately Farook didn’t initiate a backup during those six weeks, and it’s unclear whether the phone was set to auto-backup or not.

The San Bernardino County’s official Twitter account chimed in with “The County was working cooperatively with the FBI when it reset the iCloud password at the FBI’s request.”

The next day, the FBI confirmed it did change the password: “The FBI worked with San Bernardino County to reset the iCloud password on December 6th, as the county owned the account and was able to reset the password in order to provide immediate access to the iCloud backup data.”

However, the FBI doesn’t believe this has any affect on the fact that it wants the data on the phone, stating the reset “[does] not impact Apple’s ability to assist with the the court order under the All Writs Act,” and adding that “the government’s objective was, and still is, to extract as much evidence as possible from the phone.”

Apple isn’t buying this argument as a senior engineer reiterated that changing the password prevented the auto backup and closed the door on being able to obtain the information.

The court order was made through the use of a 227-year-old law — the All Writs Act of 1789, which lets federal courts issue court orders that force third-parties to cooperate and be helpful to other court orders. Apple’s argument is that what the FBI is offering is “burdensome,” as it would tarnish its reputation and would cause its customers to lose trust in the company.

In support of the FBI, the Justice Department filed a motion with a federal district court seeking to compel Apple to cooperate with the FBI in decrypting Syed Rizwan Farook’s iPhone. Apple originally had five business days to officially respond to the FBI’s court order, but in light of the DOJ’s recent request, it now has until February 26.

U.S. Attorney Eileen Decker wrote that “the order does not, as Apple’s public statement alleges, require Apple to create a ‘backdoor’ to every iPhone, it does not provide ‘hackers and criminals’ access to iPhones, it does not require Apple to ‘hack [its] own users’ or to ‘decrypt its own phones’; it does not give the government ‘the power to reach into anyone’s device’ without a warrant or court authorization, and it does not compromise the security of personal information.”

FBI Director James Comey reiterated Decker’s points Sunday in an op-ed in Lawfare titled, “We Could Not Look the Survivors in the Eye if We Did Not Follow this Lead.”

“We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That’s it,” noted Comey. He went on to say candidly that the FBI is not interested in back doors, breaking encryption, or anything outside trying to guess Farook’s password. He also pointedly remarked that as the tension continues to grow between the dialogue over privacy and safety, “that tension should not be resolved by corporations that sell stuff for a living.”