The FBI’s battle with Apple over San Bernardino shooter Syed Rizwan Farook’s iPhone continues to divide Americans, with a recent NBC News/Wall Street Journal poll finding that 42 percent of people think Apple should cooperate and 47 percent disagree. Even the intelligence community is divided, with former NSA and CIA director Michael Hayden and former CIA Director James Woolsey siding with Apple against FBI Director James Comey. Barack Obama addressed the subject during this year’s South by Southwest festival, calling upon the tech community to devise a solution that would enable the government to decrypt phones for law enforcement cases without compromising the general public’s privacy. For those trying to follow the controversy, here’s a rundown on the case.
The controversy’s roots date back to the Edward Snowden case, which revealed the NSA had access to iPhone data. Responding, Apple developed better encryption features to make new iPhones so secure that neither the government nor Apple itself could crack them. In September 2014, following the release of the iPhone 6, FBI Director James Comey objected to the phone’s new security features, complaining that Apple was allowing people to hold themselves beyond the law. Following the November 2015 Paris attacks, Comey renewed calls for Apple as well as Google to find a law enforcement workaround for smartphone security features.
Following the December 2015 San Bernardino attack, Comey told the Senate that the FBI had been unable to unlock an iPhone 5c Farook had used. The FBI asked Apple to create a customized version of iOS that would disable certain security features and allow the Bureau to hack Farook’s password. Apple objected, saying that this would open up a backdoor that could be abused by the government or by criminals if the customized software fell into the wrong hands. The FBI offered to let Apple maintain the software and destroy it once the phone had been hacked, but Apple insisted this would still create a backdoor risk as well as a dangerous legal precedent.
The Technical Problem
According to cryptographer Matthew Green, the reason Apple’s recent iPhones are so hard to hack is because Apple uses an innovative approach to encryption. Traditional encryption uses a secret key to transform passwords into long character strings that take normal computers an extremely long time to randomly guess. But some hackers have extremely fast supercomputers, and most people don’t use good passwords. So, to make recent iPhones even harder to hack, the manufacturer builds a unique 256-bit unique identifier key (UID key) into each individual iPhone. This type of encryption is common in cloud services as well as smartphones because it is more secure. The UID is unique to a specific phone and is not known to the manufacturers or to Apple. The phone’s operating system further prevents unauthorized access to the UID by delaying longer and longer the more times someone attempts to randomly guess the user’s passcode. On iPhones using iOS 9 and higher, after 10 failed guesses, the operating system deletes the phone’s data.
Because of this, the FBI risks deleting Farook’s data by trying to hack his phone. To get around this, the FBI wants Apple to load a version of iOS that does not have delay and deletion features onto Farook’s phone so that a computer can hack his password, which is only four numeric digits long. Trail of Bits CEO Dan Guido has concluded that this is technically feasible.
The Legal Debate
The legal side of the case presents the thornier issue. The FBI is trying to convince the court to compel Apple to unlock the iPhone on the basis of the All Writs Act, a federal statute that gives federal courts authority to issue compulsory writs, such as subpoenas, in exercising their jurisdiction. The Bureau cites a 1977 precedent where the Supreme Court compelled the New York Telephone Company to install equipment to help the FBI with a gambling investigation.
Apple’s attorneys counter that compelling the company to write software code would be compelling free speech, a violation of the First Amendment. Additionally, Apple argues that the FBI is trying to use the courts to bypass a 1994 Congressional act which denies the government power to compel telecommunications companies to decrypt customer data, violating the Constitutional separation of powers. Further oral arguments happened March 22.