FBI Breaks Into iPhone Without Apple, Drops Case
The FBI has successfully accessed the data on the San Bernardino shooter's iPhone and no longer needs Apple's help.
The Apple-FBI stand-off is over — at least for now.
The U.S. Department of Justice today (March 28) dropped its demand that Apple help the FBI break into the iPhone used by San Bernardino shooter Syed Rizwan Farook, ending more than a month of contentious debate.
"The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple Inc.," a three-paragraph filing by federal prosecutors said. "Accordingly, the government hereby requests that the order compelling Apple Inc. to assist agents in search dated February 16, 2016 be vacated."
"This case should never have been brought," Apple said in a statement. "We objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent."
MORE: Apple vs. FBI: What's Going On and Why It Matters
Government officials refused to disclose further details about the successful method of access, which first came to light a week ago. Last week, the DoJ said only that an "outside party" had come forward with a viable method of getting past the iPhone's encryption — a method that has since been classified as secret.
Until last week, the FBI said it believed there was no way to access the data on the iPhone, a 5c model running iOS 9, without new software authorized by Apple. Apple, which had cooperated in the case otherwise, stated that it would not create software that undermined its own devices' security.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
"We will continue to help law enforcement with their investigations, as we have done all along," Apple said today. But the company added that "we will continue to increase the security of our productsd as the threats and attacks on our data become more frequent and more sophisticated."
Farook and his wife, Tafsheen Malik, killed 14 of Farook's co-workers at the San Bernardino County Department of Public Health during a Christmas party on Dec. 2, 2015. The couple were themselves killed in a shootout with police later that day.
Farook and Malik had destroyed their personal cellphones before the shootings, but the iPhone in question, a work phone issued by Farook's employer, was found in one of the couple's vehicles. Its screen was locked with a four-digit PIN, and the FBI wanted Apple to disable security features that would have prevented "brute forcing" the PIN by rapidly typing in all 10,000 numerical possibilities.
This case may have been resolved to all parties' satisfaction, but the debate over widespread, unbreakable encryption is not going away. A U.S. Senate bill that would mandate a "backdoor" for government access is currently being drafted; similar legislation has recently appeared in Britain and France.
"Now the government can see all of the cat pictures Farook was keeping on it," Apple forensics expert Jonathan Zdziarski wryly observed in a blog posting today. An unnamed government official admitted to the New York Times that there might be nothing of value on the device.
Zdziarski said that if the government's successful method involved hacking the hardware, then it could be replicated only on older models such as the iPhone 5c. If it was a software method, then it might work on all iPhones.
"What is certain, however, is that the only reason this was possible is because Farook chose to use a weak form of security on his iOS device — namely, a numeric PIN," Zdziarski wrote. "To protect your device against both a hardware and software attack, use an alphanumeric passcode."
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.