Footnote Reveals That The San Bernardino Health Dept. Reset Syed Farook's Password, Which Is Why We're Now In This Mess
from the well,-that's-interesting dept
We already discussed the many issues with the DOJ's motion to compel Apple to create a backdoor to let them brute force the passcode on Syed Farook's iPhone. However, eagle-eyed Chris Soghoian caught something especially interesting in a footnote. Footnote 7, on page 18 details four possible ways that Apple and the FBI had previously discussed accessing the content on the device without having to undermine the basic security system of the iPhone, and one of them only failed because Farook's employers reset the password after the attacks, in an attempt to get into the device.... to attempt an auto-backup of the SUBJECT DEVICE with the related iCloud account (which would not work in this cases because neither the owner nor the government knew the password to the iCloud account and the owner, in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup).The "owner" of course, being the San Bernardino Health Department, who employed Farook and gave him the phone. Basically, what this is saying is that if the password hadn't been reset, it would have been possible to try to connect the phone to a "trusted" network, and force an automatic backup to iCloud -- which (as has been previously noted) was available to the FBI. But by "changing" the password, apparently that option went away.
In other words, the San Bernardino Health Dept may have been the ones who really mucked things up for the FBI. But, of course, to be honest, the FBI is probably kind of happy about that. At this point, very few people honestly believe that there's anything of much value on that phone. But this situation allows the FBI to present the most sympathetic case it probably can to try to force backdoors onto tech companies.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: doj, encryption, fbi, password, reset, san bernardino, san bernardino health department, syed farook
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
Passwords are not Backdoors
Tim's hissy fit is just disingenuous. He/she is obvious a marketing person and not a technical queen.
Here is the order. https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf
[ link to this | view in thread ]
[ link to this | view in thread ]
Creative Self Imolation with an Altruistic End Game
Why again doesn't Hollywood employ these guy's. They are a lot more creative than the dorks that are currently writing for them.
[ link to this | view in thread ]
Re: Passwords are not Backdoors
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Passwords are not Backdoors
[ link to this | view in thread ]
Re: Passwords are not Backdoors
While there have been discussions regarding which phones would be 'safe' (e.g. 5s and above due to the Secure Enclave technology), another "writ of do wtf i tell you" could be issued for any version at any time.
As to the "changing the password", unless they're very specific about what password they changed (iCloud, domain password, etc) it is hard to say what effect that would have had. We don't believe, based on the information provided, that the San Bernardino Department Health Department use Mobile Device Management (MDM) software, otherwise they could have changed the iPhone passcode remotely and we wouldn't be having this conversation. I'm also willing to wager that "a few hours after the attack" some hotshot investigator instructed the IT folks at SBDH to change the iTunes password.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
The health department probably did the right thing
[ link to this | view in thread ]
Re: Passwords are not Backdoors
That is not the case. We covered the order and laid out what it specifies: https://www.techdirt.com/articles/20160216/17393733617/no-judge-did-not-just-order-apple-to-break-en cryption-san-bernardino-shooters-iphone-to-create-new-backdoor.shtml
It absolutely does not say they need to pull data at their discretion. It says they need to disable two specific security features by building a new operating system -- and then to enable another features. At no point is Apple actually asked to retrieve anything from the phone. Rather, once they remove those security features, then the FBI will step in and brute force the passcode.
So not sure what you read but you're wrong.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: The health department probably did the right thing
They could have secured the phone to prevent a remote wipe or even gotten an court order asking Apple to lock the account associated with the phone preventing remote wipes.
What I found shocking was that San Bernardino has software that they install on SOME phones owned by the county that lets them unlock the phone. But that policy isn't for all county owned phones, which seems stupid to have a very useful tool that isn't deployed on all of the assets.
www.msn.com/en-us/news/technology/common-mobile-software-could-have-opened-san-bernardino-sho oters-iphone/
[ link to this | view in thread ]
Re: Re: Passwords are not Backdoors
Have I been replaced?!
[ link to this | view in thread ]
Regarding iCloud, it's trivial to change Apple's backend to allow the phone to authenticate successfully.
[ link to this | view in thread ]
How suprising..
I code in my own linux, and it's sorta like OSX but I have no Idea what it all entails
[ link to this | view in thread ]
Re: Passwords are not Backdoors
[ link to this | view in thread ]
Re: The health department probably did the right thing
Turning the phone off would prevent that, would it not?
[ link to this | view in thread ]
Re: Re: The health department probably did the right thing
[ link to this | view in thread ]
He had a buddy in IT?
[ link to this | view in thread ]
Re: The health department probably did the right thing
Good - because they'd have the location of the co-conspirator via how the wipe was preformed.
If the "bad guys" had enough op-sec to destroy passwords and other phones, why would the work phone been used where the employer had the right to inspect?
[ link to this | view in thread ]
http://www.cnbc.com/2016/02/19/john-mcafee-fbi-should-let-me-hack-iphone.html
No opening this phone isn't the real objective. The real objective is to gain a tool that can be used on any iPhone. Otherwise they would have taken Mcafee up on that.
Since Congress is not willing to pass a bill requiring backdoors into encryption this whole dog and pony show is about one thing and one thing only. Getting a new tool, that Apple is to give them free of charge, which could be used on any encrypted iPhone. This is the sneaky way to get what you want when you can't get a law passed.
[ link to this | view in thread ]
Re: Re: Passwords are not Backdoors
[ link to this | view in thread ]
Re: Re: Re: Passwords are not Backdoors
[ link to this | view in thread ]
The FBI Instructed the County to Change the Password
http://www.theguardian.com/technology/2016/feb/20/san-bernadino-county-fbi-gunman-apple-ac count
he San Bernardino County government on Friday night said the FBI told its staff to tamper with the Apple account of Syed Farook, who with his wife, Tashfeen Malik, carried out the December shooting in which 14 people were killed.
[ link to this | view in thread ]
So...
Do they have ANY clue that there is any communication of relevance there? A major fishing expedition which will involve millions of dollars (plus what's already been spent) and yield nothing.
[ link to this | view in thread ]
Say what again?
Say what? When my employer resets my password, they have to communicate the new password to me, or it has to be some dummy default.
1) If they were able to do this then why can't the government just get the eMail that has the new password? It must have been passed by some channel other than the device; you can't sign on to your device if the new password is on the device.
2) If the transmitted password can't be retrieved, then why can't San Bernardino Health Department simply reset it again?
The longer this "episode" runs, the more clear it becomes that this is just an excuse to force Apple to develop a backdoor. Which, of course, the government will keep and use anytime it wishes.
[ link to this | view in thread ]
We are nothing but sheep, cattle, there to work on behalf, to be monitored, to be fucking conditioned.........the politicians work for the government, not the people
Its fucking archaic, the world has changed, but we have not, who decided that being ruled is a natural human state, oh thats right, questionable folks of the past, with questionable folks of the present carrying the batton
The more things change, the more things stay the same
[ link to this | view in thread ]
Re: So...
All terrorists are Muslim.
All violent acts committed by Muslims are terror attacks, regardless of victim count.
All violent attacks by non-Muslims are ordinary crimes, regardless of victim count.
Our rulers created these rules to properly define the enemy we're supposed to be fighting. Bottom line: The enemy is Muslims and no one else. George Orwell demonstrated this type of thought control in 1984.
This case is a perfect example: it appears to be an ordinary (if any can be called that) workplace attack. But it is positively a terrorist act simply because a Muslim was involved. Just ask our rulers.
[ link to this | view in thread ]
Re: Say what again?
[ link to this | view in thread ]
Re: Re: Passwords are not Backdoors
There is both an order compelling and a motion seeking. Both were filed on Feb. 16, 2016. I was referencing the order compelling. See page 3 line 3. The FBI says Apple can use any technology at their discretion if they can give the FBI the data on the phone. Apple did give the FBI the data on the icloud servers and recommended the FBI attempt to force a backup of the device. (see motion seeking; footnote 7)As we know from the media stories, the backup glitched. I just don't see any story here except Tim Cook throwing a hissy fit in a blog about how he doesn't wish to help in an investigation his company has already helped in.
SB-Shooter-Order-Compelling file: https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf
SB-shooter-MOTION-seeking file:http://www.wired.com/wp-content/uploads/2016/02/SB-shooter-MOTION-seeking-asst-iPhone.pdf
It should be noted the first file has [proposed] struck out. But it does have the court clerk's stamp.
[ link to this | view in thread ]
Re: Re: Re: Passwords are not Backdoors
This again?
As has been pointed out time and time and time again, there's a significant difference between providing unencrypted data from a device versus creating a modified version of the OS to undermine key security features and allowing the FBI to attempt to brute-force the password.
One Apple can do with ease and without affecting their security as it requires something that they already have, the other takes a lot more work, provides a bypass for the security on the devices they sell, and opens up a huge can of worms by allowing a precedent to be set that companies can be forced to bypass their own security, effectively creating a 'golden key' requirement without a single law being passed.
[ link to this | view in thread ]
Re: Re: Re: Passwords are not Backdoors
[ link to this | view in thread ]