The FBI can’t access the intel on the phones of the mass jihad murderers in San Bernardino. This act of jihad is almost two months old — the trail is cold.
“Apple must help FBI hack San Bernardino killer’s phone, judge says,” February 16, 2016, Associated Press:
FBI searching for missing hard drive in San Bernardino probe
WASHINGTON – A U.S. magistrate ordered Apple Inc. on Tuesday to help the Obama administration hack into an encrypted iPhone belonging to one of the shooters in the December attack in San Bernardino, California, in a first-of-its-kind ruling that pits digital privacy against national security interests.
The ruling by Magistrate Judge Sheri Pym, a former federal prosecutor, requires Apple to supply highly specialized software the FBI can load onto the county-owned work iPhone to bypass a self-destruct feature, which erases the phone’s data after too many unsuccessful attempts to unlock it. The FBI wants to be able to try different combinations in rapid sequence until it finds the right one.
The decision gives the Justice Department a significant victory in an entrenched technology policy battle, as more-powerful encryption services threaten the ability of federal agents to uncover important evidence in criminal or terrorism cases. The Obama administration, which has embraced stronger encryption as a way to keep consumers safe on the Internet, had struggled to find a compelling example to make its case.
The ruling Tuesday tied the problem to the deadliest terrorist attack on U.S. soil since the 2001 attacks on the World Trade Center and the Pentagon. Farook and his wife, Tashfeen Malik, killed 14 people in a Dec. 2 shooting at a holiday luncheon for Farook’s co-workers. The couple later died in a gun battle with police.
Federal prosecutors told the judge in a court application Tuesday that they can’t access a work phone used by Syed Farook because they don’t know his passcode and Apple has not cooperated. Under U.S. law, a work phone is generally the property of a person’s employer. The judge told Apple to provide an estimate of its cost to comply with her order, suggesting that the government will be expected to pay for the work.
Apple has provided default encryption on its iPhones since 2014, allowing any device’s contents to be accessed only by the user who knows the phone’s passcode.
The Cupertino, California-based company did not immediately respond to messages from The Associated Press asking about the case.
The order requires that the software Apple provides be programmed to work only on Farook’s phone, but it was not clear how readily that safeguard could be circumvented. The order said Apple has five days to notify the court if it believes the ruling is unreasonably burdensome.
It also was not immediately clear what investigators believe they might find on Farook’s work phone or why the information would not be available from third-party service providers, such as Google or Facebook, though investigators think the device may hold clues about whom the couple communicated with and where they may have traveled.
The couple took pains to physically destroy two personally owned cell phones, crushing them beyond the FBI’s ability to recover information from them. They also removed a hard drive from their computer; it has not been found despite investigators diving for days for potential electronic evidence in a nearby lake.
Farook was not carrying his work iPhone during the attack. It was discovered after a subsequent search. It was not known whether Farook forgot about the iPhone or did not care whether investigators found it.
The phone was running the newest version of Apple’s iPhone operating system, which requires a passcode and cannot be accessed by Apple, unlike earlier operating systems or older phone models. San Bernardino County provided Farook with an iPhone configured to erase data after 10 consecutive unsuccessful unlocking attempts. The FBI said that feature appeared to be active on Farook’s iPhone as of the last time he performed a backup.
The California judge didn’t spell out her rationale in her three-page order, but the ruling comes amid a similar case in the U.S. District Court for the Eastern District of New York.
In that case, Magistrate Judge James Orenstein has not yet decided whether the government can compel Apple to unlock an iPhone under the same 18th century law applied to the California case. The All Writs Act has been used to compel a party to help the government in its law enforcement efforts, but Apple has argued that it is not its role to act as a government agent and that doing so would breach trust with its customers.
Investigators are still working to piece together a missing 18 minutes in Farook and Malik’s timeline from Dec. 2. Investigators have concluded they were at least partly inspired by the Islamic State group; Malik’s Facebook page included a note pledging allegiance to the group’s leader around the time of the attack.
In 2014, Apple updated its iPhone operating system to require that the phone be locked by a passcode that only the user knows. Previously, the company could use an extraction tool that would physically plug into the phone and allow it to respond to search warrant requests from the government.
FBI Director James Comey told members of Congress last week that investigators in the case had been unable to access a phone in the California case but provided no details.
“It is a big problem for law enforcement armed with a search warrant when you find a device that can’t be opened even when a judge says there’s probable cause to open it,” Comey said. “It affects our counterterrorism work. San Bernardino, a very important investigation to us, we still have one of those killers’ phones that we have not been able to open, and it’s been over two months and we’re still working on it.”