Apple opposes judge's order to unlock iPhone used by San Bernardino attacker

The FBI said it was unable to access password-coded encrypted content on the iPhone 5c.

iPhone 5C
iPhone 5C phones await sale at the Apple Store in Palo Alto, California, on September 20, 2013 Credit: Martyn Williams

Updated at 12:56 a.m. Pacific to add Apple’s statement.

Apple was ordered Tuesday by a federal judge in California to provide assistance to the FBI to search a locked iPhone 5c that was used by Syed Rizwan Farook, one of the terrorists said to have been involved in an  attack in San Bernardino, California, on Dec. 2.

The government’s request under a statute called the All Writs Act will likely give a boost to attempts by law enforcement to look for vendor-provided backdoors to encrypted devices and communications.  

Apple is fighting in a New York federal court a similar move by the Department of Justice to get the company’s help in unlocking the iPhone 5s smartphone of an alleged methamphetamine dealer. On Friday, it asked the New York court to give a final order as it has received additional similar requests from law enforcement agencies, and was advised that more such requests could come under the same statute.

U.S. Attorney Eileen M. Decker had filed before U.S. Magistrate Judge Sheri Pym of the U.S. District Court for the Central District of California that despite a warrant authorizing the search and permission of Farook’s employer, who owned the phone, law enforcement had not been able to access encrypted content on the device because of its passcode.

The officials said that they could not make attempts to crack the password because of a user-enabled auto-erase function in the device that would erase all encrypted data after 10 failed tries. It was not evident from the outside of the device whether the auto-erase function had been enabled.

The government’s case

Apple has the ability to bypass the password on some of its devices, including turning off the auto-erase function, and it would not be unduly burdensome on the company to do so as it is in the business of writing software code and would be reasonably reimbursed for its effort, according to the government filing. The phone used by Farook runs iOS 9 and the company still has the ability to assist the government despite its claims that it has written the software differently, it added. 

The All Writs Act gives federal courts the authority to issue orders that are “necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law,” but civil rights groups like the Electronic Frontier Foundation point to a Supreme Court order that set limits to the use of the statute, including requiring that a court cannot use it to bypass other laws or the Constitution, or require third parties to assist in ways that would be “unreasonably burdensome.”

Apple has been ordered by Judge Pym to offer its technical assistance, including, if required, to provide signed software, to bypass or disable the auto-erase function whether or not it has been turned on, to enable the FBI to submit passcodes to the device for testing electronically via the physical device port available on the phone, and to ensure that when the FBI tests passcodes on the phone, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.

Court-ordered malware

“What the court is essentially ordering Apple to do is custom-build malware to undermine its own product’s security features, and then cryptographically sign that software so the iPhone will trust it as coming from Apple,” wrote Kevin S. Bankston, director of New America’s Open Technology Institute in an emailed statement.

Bankston said it wasn’t clear at the point whether Apple would be technically able to do what the judge ordered. “But if a court can legally compel Apple to do that, then it likely could also legally compel any other software provider to do the same, including compelling the secret installation of malware via automatic updates to your phone or laptop’s operating system or other software,” he said.

Fourteen people were killed and 22 others were injured in the shootout at the Inland Regional Center in San Bernardino.

The company is right to fight the order, Bankston said. “A line must be drawn here: The government must not be allowed to force tech companies to undermine the security of their own products, especially with nothing but a vague catch-all statute that’s over a century old to back up its argument,” he added.

Apple’s response

Apple has up to five business days from the receipt of the order to appeal to the court if it finds that compliance with the ruling could be “unreasonably burdensome.” Apple released a statement signed by Tim Cook just hours after the news broke. “We oppose this order, which has implications far beyond the legal case at hand,” it reads in part. While Apple has assisted “when the FBI has requested data that’s in our possession,” complying with subpoenas and search warrants as required by law, the company doesn’t have your passcode, and refuses to build a backdoor into iOS to get around tha passcode security, even for this case.

“The FBI may use different words to describe this tool,” Cook writes, “but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control. ... While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”

Subscribe to the Best of Macworld Newsletter