The government is confident it can hack into the San Bernardino iPhone 5c without Apple’s help, at least according to statements made on Thursday. The FBI and DOJ have not detailed how the hackers who came forward with the proposal to help will do it, and it’s too early to know for sure whether the procedure will work.
Even though you might think it’s great news to hear that Apple doesn’t have to fight a court order to break its own encryption, there are reasons to worry.
First of all the fact that the FBI is using outside help to settle this matter should be disconcerting. It proves what we all suspected: that independent security companies and hackers know how to bypass the safety of the iPhone and other devices if need be. Now, if Cellebrite – or whatever company is helping out – can do it for the FBI, it’s probably safe to assume that the NSA and other highly powerful and well-funded intelligence agencies can do it.
Secondly, the FBI will apparently not use the hack that many experts believe it’s in testing right now; the one that involves physically removing the storage module from the phone, copying it in its encrypted state, and then attempting to guess every possible PIN combination to unlock the screen without worrying about the phone erasing the data after 10 failed attempts.
FBI Director James Comey, a vocal critic of Apple’s iPhone encryption, told reporters on Thursday that the promising hack the FBI is working with does not involve that particular trick. “I’ve heard that [method] a lot,” Comey said. “It doesn’t work.”
He said the company that’s working with the FBI came forward with the idea, without explain whether it collaborated with the Bureau before.
He didn’t explain how the method works either, but if it doesn’t involve hardware and software hacking, and instead can be done using software alone, well, that’s somewhat scary. “We tried it on Sunday,” Comey said, according to The Washington Post. “It looked like it might work.”
“Lots of folks have come to us with potential ideas — it looks like we now have one that may work out. We’re optimistic, and we’ll see,” he said during a news conference on Wednesday.
The third reason FBI cracking the iPhone on its own isn’t necessarily good news concerns the future of encryption. The battle with Apple is not over, and FBI has hinted at that in a politically correct statement.
“San Bernardino… is about that investigation,” Comey told reporters, according to Reuters. “And even if this particular technique makes that go away that litigation, we still have to as a country resolve this conflict.”
Finally, even if the FBI is successful in its attempt, and decides to drop the case against Apple come April, it won’t be required to tell the iPhone maker how it accessed the device. What if the same method works on any encrypted iPhone? Simply circumventing the lock screen practically breaks its encryption, and if this tool works on any iPhone, the FBI could simply reuse it in the future.
It should be noted, though, that the FBI will have to explain how it obtained evidence from the iPhone, in case said evidence will be used in any future trials
“It has always been our goal to extract the information that may be on that phone and determine what information or evidence it may give us about this deadly attack,” Attorney General Loretta Lynch cautiously told reporters. “At this point, it’s really too early to say how that’s going to work out.”