Apple posts customer letter in response to FBI's iPhone unlocking demand
Yesterday, the Federal Bureau of Investigation (FBI) issued a request to Apple for technical assistance in accessing data from a passcode-locked iPhone belonging to one of the perpetrators of the terrorist attack at San Bernardino, California, in early December. In response, Apple has now published an open letter to its customers stating unequivocally that it is in opposition to the U.S. government’s order.
The request
Signed by a magistrate judge in Riverside, California, the order is essentially asking Apple to create a custom version of iOS that would facilitate the FBI’s attempts at unlocking the iPhone by “brute force,” i.e., trying millions of passcode combinations using a special peripheral, without the risk of deleting the data on the device.
Should Apple comply with the FBI’s demand, the government agency would send the iPhone to the Cupertino-based company so that the hypothetical custom version of iOS wouldn’t have to be taken outside Apple’s walls.
The catch
At first blush, the FBI’s request seems unfeasible as well as bold. But as pointed out by Trail of Bits, what the FBI is asking Apple to do may very well be technically feasible. And it’s thanks to the simple fact that the recovered iPhone is an iPhone 5c, which lacks the encryption-intensive Secure Enclave hardware component found in newer, Touch ID-enabled iPhones.
“If the San Bernardino gunmen had used an iPhone with the Secure Enclave, then there is little to nothing that Apple or the FBI could have done to guess the passcode,” Trail of Bits notes. “However, since the iPhone 5c lacks a Secure Enclave, nearly all of the passcode protections are implemented in software by the iOS operating system and, therefore, replaceable by a firmware update.”
The response
But Apple, given its commitment to user privacy and security, would have none of that.
Signed by Apple CEO Tim Cook, the company’s response in the form of a public customer letter says in no uncertain terms that it is against FBI’s demand, primarily on the grounds that the order “has implications far beyond the legal case at hand.”
Cook says that as Apple has “no sympathy for terrorists,” it has complied with valid subpoenas and search warrants for data in its possession, and has lent its engineers to advise the FBI to assist the agency in investigating the San Bernardino case.
But this time Apple is adamant that it’s not going to yield to the FBI’s demand because doing so would set a dangerous precedent. “Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation,” Cook notes. “In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.”
“The FBI may use different words to describe this tool,” Cook continues, “but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
In closing, Cook says that as good as the FBI’s intentions are, forcing Apple to create a backdoor into its otherwise heavily protected products doesn’t seem right. “And ultimately,” he concludes, “we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”