FBI didn’t tell the whole truth about cracking encrypted iPhone

by Steve Blum • , ,

When a pair of shooters attacked an employee party at a San Bernardino County facility in 2015, killing 14 people before being shot by police themselves, one of the attackers left behind an encrypted iPhone that might or might have had information relevant to the subsequent investigation.

Publicly, the Federal Bureau of Investigation’s solution was to force Apple to rewrite its iOS operating system so law enforcement could crack not only the San Bernardino phone, but any iPhone thereafter. Privately, though, the FBI was well on the way to finding a technical solution to the problem, according to a report from the bureau’s inspector general. The report concluded that FBI director James Comey didn’t lie to a U.S. congressional panel when he said his investigators were locked out of the phone, but he also didn’t tell the whole story, apparently because he didn’t know it himself.

According to Politico’s Morning Tech newsletter, the FBI’s priority doesn’t appear to have been unlocking one particular iPhone…

The IG report “raises the question of how seriously the FBI has really been thwarted when devices are locked — and how much of the going dark debate is the FBI simply seeking easier ways to do investigations,” said Susan Landau, a Tufts University computer science professor. “The inspector general is clearly concerned that the whole of the FBI is not committed to finding technical solutions that do not involve the weakening of encryption,” added Greg Nojeim, director of the Freedom, Security and Technology Project at the Center for Democracy and Technology.

So far, both the courts and congress have held the line against the FBI and other police agencies that want a back door into any data that attracts their interest. Although law enforcement officials have legitimate needs, the idea that a back door can remain safe in their hands is ridiculous. Even the supposedly ultra-secure National Security Agency has let exploits slip into criminal hands. Anyone, good or evil, can walk in through a back door. One congressional study concluded that “any measure that weakens encryption works against the national interest”. Just so.