FBI has finally revealed more information regarding the whole iPhone fiasco that has been featured in the headlines all over the media. The iPhone in question belongs to the San Bernardino terror suspect Syed Rizwan Farook and the efforts are being geared towards gaining as much information as possible out of the captured iPhone.
Within hours of Farook’s iPhone being recovered, the password to his iCloud account was reset. This reset was carried out for gaining access to his account, however, this attempt rendered the iPhone unable to perform more auto-backup that could have potentially provided with more information regarding Farook’s activities leading up to the shooting incident.
FBI released a statement on Sunday morning that confirms that the agency was working in collaboration with the San Bernardino County officials when the password was reset. Apple executives stated on Friday that if FBI hadn’t changed the iCloud password, it wouldn’t need a back door creation for accessing the iPhone. That makes it sound like FBI has screwed things up, right? It surely is a complicated situation and we decided to break it down for you all.
FBI approached Apple last week for the creation of a back door to facilitate with the hacking of state-owned iPhone that belonged to Farook – a government worker.
Following the FBI request, the Apple CEO Tim Cook responded with a letter that denied the request on the grounds that creating such a back door would lead to further exploitation of iPhones.
The FBI responded with a motion issued from the Department of Justice on Friday that compelled Apple to help out anyway. FBI revealed in the motion that San Bernardino County officials tried to access the backups by resetting the account password within hours of phone’s recovery.
Apple, upon learning this, held a call with reporters and stated that the resetting of the password has rendered Apple unable to access the backups. Apple further claimed that if the FBI hadn’t reset the password, it would (in all likelihood) have been possible to access the backup contents.
Late Friday night, the San Bernardino Country stated that it had been working in collaboration with FBI and the request to reset the iCloud password came from FBI itself. This statement contradicted FBI’s motion of the same day that blamed a County official for the reset.
The FBI’s full statement has been added below for you to read.
STATEMENT TO ADDRESS MISLEADING REPORTS THAT THE COUNTY OF SAN BERNARDINO RESET TERROR SUSPECT’S IPHONE WITHOUT CONSENT OF THE FBI
Recent media reports have suggested that technicians in the county of San Bernardino independently conducted analysis and took steps to reset the iCloud account password associated with the iPhone 5C that was recovered during a federal search following the attack in San Bernardino that killed 14 people and wounded 22 others on December 2, 2015. This is not true. FBI investigators worked cooperatively with the county of San Bernardino in order to exploit crucial data contained in the iCloud account associated with a county-issued iPhone that was assigned to the suspected terror suspect, Syed Rizwan Farook.
Since the iPhone 5C was locked when investigators seized it during the lawful search on December 3rd, a logical next step was to obtain access to iCloud backups for the phone in order to obtain evidence related to the investigation in the days following the attack. The FBI worked with San Bernardino County to reset the iCloud password on December 6th, as the county owned the account and was able to reset the password in order to provide immediate access to the iCloud backup data. The reset of the iCloud account password does not impact Apple’s ability to assist with the court order under the All Writs Act.
The last iCloud data backup of the iPhone 5C was 10/19 and, based on other evidence, investigators know that Syed Rizwan Farook had been using the phone after 10/19. It is unknown whether an additional iCloud backup of the phone after that date — if one had been technically possible — would have yielded any data.
Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance as required by the All Writs Act order, since the iCloud backup does not contain everything on an iPhone. As the government’s pleadings state, the government’s objective was, and still is, to extract as much evidence as possible from the phone.