Boston judge orders Apple help FBI access iPhone 6, falls short of forcing decryption

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Recently unsealed court documents show Apple in February was ordered to assist the FBI in accessing an iPhone tied to a Boston court case, but the government has seemingly abandoned its pursuit as the ruling fell short of forcing Apple to bypass its own security.

In the Massachusetts case, the FBI pursued an All Writs Act motion to compel Apple to extract data from an iPhone 6 belonging to alleged Columbia Point Dawgz gang member Desmond Crawford, reports Motherboard. While Federal Magistrate Judge Marianne Bowler ordered the company to comply, the ruling's language precludes Apple from bypassing the phone's encryption, a decision that reportedly prompted government officials to put the case on hold, the report said.

"Such reasonable technical assistance consists of, to the extent possible, extracting data from the Device, copying the data from the Device onto an external hard drive or other storage medium, and returning the aforementioned storage medium to law enforcement, and/or providing the FBI with the suspect Personal Identification Number (P.I.N.) or Personal Unlock Code (P.U.K.) so that access can be gained to the Target Telephone 1 for this search," the order reads.

Bowler goes on to say that Apple must provide FBI agents with any data extracted data from Crawford's device. However, if said data is encrypted, which it most certainly is, Apple "is not required to attempt to decrypt, or otherwise enable law enforcement's attempts to access any encrypted data."

The case specifics were revealed on Friday after court documents were unsealed in response to an FOIA request from the American Civil Liberties Union.

As noted by Motherboard, Bowler's stipulation regarding encrypted data handling makes the order functionally useless for government officials attempting to thwart Apple's safeguards.

Apple's security system encrypts data with a secret key known only to the user, and without the appropriate passcode, device data cannot be decrypted. To prevent brute force attacks, Apple implemented a passcode counter which, if so configured, destroys the stored key after ten unsuccessful unlock attempts, leaving on-device data unsalvageable. Further complicating the process is a Secure Enclave that comes embedded into all Apple A-series processors. Debuted with the A7, which powered iPhone 5s, Secure Enclave technology offers an added hardware level layer of protection against hacks.

Despite of the order's favorable language — Apple is not being forced to decrypt Crawford's data — the company filed in opposition in February. The government has not responded to Apple's filing.

Whereas federal prosecutors in the recent San Bernardino iPhone case were backed by an order to compel Apple's assistance in creating a software workaround to its own encryption technology, the government appears to have hit a dead end in the Boston case. If it proceeds, however, the case might shed light on the FBI's working iPhone 5c-and-older exploit, presented by an outside party to extract data from a device used by San Bernardino terror suspect Syed Rizwan Farook.

Perhaps more importantly, the Boston case involved an iPhone 6, a smartphone model Apple still sells today. The device is thought to be running iOS 9.1 that, while not Apple's latest version, is a thoroughly modern operating system. One of Apple's main contentions against being forced to create an iPhone workaround is that the exploit's mere existence weakens platform security, putting other users at risk. The Boston action, therefore, specifically targeted a device much more applicable to Apple's core user base than the relatively niche iPhone 5c targeted in San Bernardino.