Last month the stage was set for a battle of the Titans starting on 16th March 2016 with an Order by a Federal judge in California to Apple to assist the FBI to bypass security on an iPhone owned by US San Bernardino gunman, Rizwan Farook.
Shortly after this request was received, CEO of Apple, Tim Cook published an open letter on their website explaining his concerns with the requests and calling it an ‘unprecedented step’.
The iPhone in question was a 5C with a pin lock, which enables encryption, set with limited login attempts before the phone would wipe itself. The FBI request was for Apple to update this phone with custom firmware to be created by Apple that would remove the limited login attempts. The FBI would then apply brute force login techniques to get through the pin lock.
Tim Cook stressed in his letter inviting comment from the public, that creating such software would involve rewriting their own encryption technology which would “weaken those protections and make our users less safe”.
Following the posting of the letter, numerous other technology companies came out to support Apple’s stance against the FBI request, including competitor Google’s CEO, Sundar Pichai stated “Forcing companies to enable hacking could compromise users’ privacy”.
March 21st 2016 was the date of Apple’s March event which saw the reveal of both smaller iPhones and iPad Pros. Apple kicked off the event however addressing the current conflict between them and the FBI and reinforced its stance of protecting user’s privacy and continuing to fight the FBI on this request.
Later in the day the FBI responded in a surprising way asking for an upcoming crunch hearing to be postponed with proceedings suspended at least until the following month. The FBI would then seek to use that time to test an alternate method for unlocking the iPhone that would not involve, as it had originally sought, Apple building a specially crafted version of the iOS firmware.
On March 29th 2016 the Department of Justice dropped its case against Apple, reasoning that pursuit of the case was no longer required as they had successfully, with the assistance of a third party, cracked and retrieved data out of the iPhone 5C. They have since said that the technique used on the iPhone 5C would not work on new iPhone models.
Where it could all have been simpler
It is important to note that the terrorist’s iPhone was in fact a work phone, the terrorists personal phone having been destroyed. This entire legal back-and-forth could have been entirely avoided if the work device was enrolled in corporate Mobile Device Management at which point it could simply have been legally unlocked by the employee’s IT team.
With the FBI confirming the technique used this time would not work on the latest iPhones, we could see a similar saga arise if a newer, more secure iPhone needs to be opened up by the FBI in the future.