FBI's Own Actions Likely Made Farook's iPhone Data Inaccessible
from the oops dept
On Friday, we noted that one of the reasons that the FBI was unable to get access to the data on the remaining iPhone from Syed Farook was because after the shooting and after the phone was in the hands of the government, Farook's employer, the San Bernardino Health Department, initiated a password change on his iCloud account. That apparently messed stuff up, because without that, it would have been possible to force the phone to backup data to the associated iCloud account, where it would have been available to the FBI. But, after we published that article, a rather salient point came out: the Health Department only did this because the FBI asked it to do so.From a San Bernardino County Twitter account:
The County was working cooperatively with the FBI when it reset the iCloud password at the FBI's request.
— CountyWire (@CountyWire) February 20, 2016
In short: a big reason why the FBI can't get the info it wants is because of an action taken... by the FBI.
Apple has also provided further information on this, showing how it was perfectly willing to cooperate in reasonable ways with the FBI -- but that it was the FBI that messed things up:
The Apple executive told reporters that the company’s engineers had first suggested to the government that it take the phone to the suspect’s apartment to connect it to the Wi-Fi there. But since reporters and members of the public had swarmed that crime scene shortly after the shootings occurred, it was likely that any Wi-Fi there had been disconnected. So Apple suggested the government take the phone to Farook’s former workplace and connect the phone to a Wi-Fi network there.Two interesting points in there: first, do you remember how there was all this discussion about the insane media scrum that ransacked Farook's house? And lots of people pointed out that useful evidence may have been harmed by it. At the time, the FBI insisted they were all done with the house, but it appears that may have been part of the reason why they couldn't get the backup.
The executive said that Apple walked the government through the entire process to accomplish this, but the government came back about two weeks later and told Apple that it hadn’t worked.
Apple didn’t understand why it had not worked—until the company learned that sometime after the phone had been taken into the custody of law enforcement, someone had gone online and changed the Apple ID that the phone uses to conduct backups.
The second is that Apple had not revealed this tidbit earlier. The company explained that it had felt that its conversations with the government had been confidential until the FBI revealed this detail in the totally unexpected Motion to Compel it filed Friday. It appeared that the FBI was so eager to push its PR stunt that it filed the document (which it had no reason to file), and then revealed even more of its own bungling in this particular case.
Whether intentional or not, this is only going to add support to people who say that the FBI doesn't actually care what's on the phone, but wanted to be able to go after the data in this case because they knew they could set a precedent in a case where their argument will generate the most sympathy. Remember, back in September, after the Intelligence Community lost the fight to get a law banning strong encryption, intelligence officials said out loud that they'd just wait until the next terrorist attack:
Although “the legislative environment is very hostile today,” the intelligence community’s top lawyer, Robert S. Litt, said to colleagues in an August e-mail, which was obtained by The Post, “it could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.”Two months later, you get a "terrorist attack" (or a workplace dispute that can be painted as a terrorist attack) and a sorta, kinda encrypted phone, and voila. Just what the intel community asked for. It would be crazy to suggest that any of this was done on purpose -- it's almost certainly a bit of convenience for the intel and law enforcement communities. But the fact that the FBI directed the Health Department to change the password, and that's part of the reason they're now locked out, really raises some questions about what the FBI's priorities were here. It also raises a separate question of whether or not companies should be forced to hack their own system in cases where the FBI's own bungling was responsible for the loss of information. But, really, that's a minor point, given that the DOJ wants that power even in cases where the FBI didn't mess things up itself.
There is value, he said, in “keeping our options open for such a situation.”
Filed Under: encryption, fbi, icloud, password reset, san bernardino county, syed farook