US AG Lynch says FBI not asking Apple to break into iPhone, simply disable 'password blocker'

By Mikey Campbell

In a follow-up interview to her appearance at Tuesday's RSA security conference, U.S. Attorney General Loretta Lynch said the FBI is not asking Apple to break into an iPhone linked to last year's San Bernardino shootings, it only wants the company to disable built-in security safeguards.

While technically true, Lynch's statement, aired as part of a one-on-one session with Bloomberg's Emily Chang, typifies what appears to be a fundamental misunderstanding of modern encryption declared in recent days by high-ranking government players. The interview gave Lynch a chance to air Department of Justice concerns over Apple's resistance to comply with a federal court order compelling its assistance in unlocking an iPhone used by terror suspect Syed Rizwan Farook.

As smartphones like iPhone become increasingly ubiquitous on the open market, law enforcement agencies are finding effective digital evidence procurement strategies paramount to successful criminal investigations. A leader in the mobile space, Apple has been called upon to offer assistance in data retrieval operations, which in the past included direct extractions, giving the FBI a clear route to securing deemed crucial material. That changed with the release of iOS 8 when Apple stopped cataloging device encryption keys, making it virtually impossible for the company to crack an iOS device without also breaking its own encryption mechanism.

"By the way, we don't want Apple to break into the phone, we don't want Apple to go into the phone and pull data out. What we want them to do is essentially preserve the information that is on the phone and essentially disable the password blocker that would destroy the data." - US Attorney General Loretta Lynch

As Apple's chief lawyer Bruce Sewell said in a congressional hearing earlier on Tuesday, the FBI is asking the company to create and sign an intentionally flawed version of iOS that suppresses the subject phone's passcode attempt counter, passcode attempt timer and touchscreen input module. Once the specialized OS is loaded onto Farook's device, government agents will be able to conduct a brute-force attack without fear of permanently destroying the stored encryption key.

Stronger encryption means a more secure device for customers, but a much more difficult nut to crack for the FBI. Unfortunately, the Justice Department is unwilling, or unable, to adapt its operational tactics and toolset to a rapidly shifting security landscape. Lynch said as much in the Bloomberg interview, but did so as an argument in favor of forcing Apple's hand.

"We're applying the same principles that if we were trying to go into a home and look at a file full of certain kinds of papers, we go to a court and we say there's a narrow set of evidence that we need and here's where it's located," she said.

Since the FBI is conducting business as usual, Lynch implies Apple should do likewise and comply with the request as it has done many times before. She glosses over the fact that Apple does not have the software necessary to complete the task, meaning resources would have to be dedicated solely to its creation. Indeed, during yesterday's hearing Rep. Darrell Issa (R-CA) drew an analogy between Apple and a theoretical manufacturer of paper shredders. He asked New York District Attorney Cyrus Vance, who played the yin to Sewell's yang, whether he knew of an instance in which the government conscripted engineers from a shredder company to reassemble a shredded document. Vance said he knew of no such case.

As for a possible solution to the dilemma at hand, Lynch suggests Apple treat the case like it would a normal customer service call. Again, this is technically sound theory considering the San Bernardino County Department of Public Health, Farook's former employer, owns the iPhone in question.

"I think in this case it's really important to note that the customer -- the actual customer of the phone that's an issue in the instant case -- is the one that's requested Apple's help," Lynch said. "So one way to simply resolve this is for Apple to work with its own customer and work out a way to resolve this issue."

Of course, Apple does not and cannot unlock an iPhone for a customer who forgot their passcode. It may be possible to obtain a snapshot of the data on said device by forcing an automated iCloud backup (if so configured), but beyond that there is little recourse. In fact, Apple suggested a similar workaround to gleaning data off Farook's iPhone 5c before it was discovered that the FBI changed the Apple ID password associated with that device, effectively rendering the option moot. FBI Director James Comey admitted the decision was a mistake during his turn in front of the House committee on Tuesday.

Near the end of the interview, Chang asked Lynch to respond to Apple's assertion that the creation of any software workaround, even a one-off that could somehow be destroyed after its intended use, compromises all iOS devices.

"I think that there's some very interesting technical issues here, but this is bigger than a technical issue. In particular, when a company has been able to respond to government requests for help until their previous operating system, so they clearly have the ability to do it," Lynch said.