The hackers at the National Security Agency have repeatedly shown themselves to be some of the most talented in the world and have hacked into the private data centers of both Google and Microsoft. Why, then, hasn’t the FBI turned to the NSA for help in unlocking the iPhone 5c used by San Bernardino shooter Syed Rizwan Farook? The Intercept has written an interesting article asking that very question and it concludes that the NSA likely does have the technical means to break into an iPhone that was released all the way back in 2013.
First, it is possible that the NSA really can’t break into the iPhone. The Intercept notes that “it’s conceivable the agency isn’t able to forge Apple’s cryptographic signature, which is required to install a modified operating system on an iPhone,” for example.
There’s also the possibility that the NSA can hack into the device but that it doesn’t want to tell that to the FBI because it never likes to reveal what it’s capable of doing. If that were the case, however, why wouldn’t the NSA help the FBI behind the scenes before the FBI went public with its request for Apple’s assistance? And besides, as The Intercept notes, “courts have affirmed the NSA’s legal right to keep its investigative methods secret.”
In fact, security experts explained to Wired earlier this week that the FBI could recruit the NSA to connect the iPhone 5c to a Stingray-like rogue cellular network as it’s booting up, which could give the agency the ability to control the device before it even gets to the unlock screen.
The most cynical explanation here is that the FBI doesn’t want the NSA’s help and is just using this case to either set a legal precedent for using the All Writs Act to force companies to hack their own devices or to push Congress into passing a new law that would give them broader authority than what they now possess.
This would go along with my theory that the FBI has laid a very clever public relations trap for Apple that will be very hard to escape. The best option at this point would likely be to have Congress pass a new law that clearly outlines what the government can and can’t force tech companies to do, but as we’ve seen over the past several years, Congress isn’t exactly good at doing its job.