Skip to main content
Technology

The FBI's iPhone hack: What it means for Apple, and for you

The extraordinary legal fight pitting the Obama administration against Apple Inc. ended unexpectedly Monday after the FBI said it hacked a California mass shooter's iPhone without Apple's help. How did they do it, and what does this mean for privacy? Here's a primer on what the FBI's latest move means


WHAT HAPPENED YESTERDAY?

Government prosecutors asked a federal judge on Monday to vacate a disputed order forcing Apple to help the FBI break into the iPhone used by gunman Syed Farook – who died with his wife in a gun battle with police after they killed 14 people in San Bernardino, Calif., in December – saying the hack was no longer necessary. The FBI reportedly used an unspecified technique to access data on the phone. The Justice Department said agents are now reviewing the information on it.

A July 27, 2014, file photo provided by U.S. Customs and Border Protection shows Tashfeen Malik, left, and her husband, Syed Farook, at O'Hare International Airport in Chicago.

A July 27, 2014, file photo provided by U.S. Customs and Border Protection shows Tashfeen Malik, left, and her husband, Syed Farook, at O’Hare International Airport in Chicago.

ASSOCIATED PRESS

U.S. Magistrate Sheri Pym of California last month ordered Apple to provide the FBI with software to help it hack into Mr. Farook's work-issued iPhone. The Justice Department relied on a 1789 law to argue it had the authority to compel Apple to bypass its security protocols on its phone for government investigators. While Magistrate Judge James Orenstein in New York ruled last month in a separate case that the U.S. was seeking broad powers under that legal argument, the decision wasn't binding in the California case and the Justice Department is appealing.

Story continues below advertisement


HOW DID THE FBI DO IT?

The government's brief court filing, in U.S. District Court for the Central District of California, provided no details about how the FBI got into the phone. Nor did it identify the non-government "outside party" that showed agents how to get past the phone's security defences. Authorities had previously said only Apple had the ability to help them unlock the phone.

MANDEL NGAN/AFP/GETTY IMAGES

The encrypted phone was protected by a passcode that included security protocols: a time delay and auto-erase featured that destroyed the phone's data after 10 tries. The two features made it impossible for the government to repeatedly and continuously test passcodes in what's known as a brute-force attack. But with those features removed, the FBI said it would take 26 minutes to crack the phone.

FBI Assistant Director David Bowdich said Monday that examining the iPhone was part of the authorities' effort to learn if the San Bernardino shooters had worked with others or had targeted any other victims. "I am satisfied that we have access to more answers than we did before," he said in a statement.


WHAT PRECEDENT COULD THIS SET FOR LAW ENFORCEMENT?

Apple CEO Tim Cook had argued that helping the FBI hack the iPhone would set a dangerous precedent, making all iPhone users vulnerable, if Apple complied with the court order. He as well as FBI Director James Comey has said that Congress needs to take up the issue.

Of the wiretaps U.S. law-enforcement agencies normally conduct, the vast majority are for unencrypted devices. There are only a handful of cases where agencies try to access encrypted devices that they're unable to decipher.

Total U.S. reported wiretaps by encryption status, 2001-2014

TypeAmount
Unencrypted32,392
Encrypted and deciphered132
Encrypted and unable to decipher15

SOURCE: MERCATUS CENTER AT GEORGE MASON UNIVERSITY

A backdoor into the iPhone's encryption would give law enforcement even broader access to phone users' communication.

A law enforcement official told Associated Press that the FBI would continue to aid its local and state partners with gaining evidence in cases – implying that their method for gaining access to the iPhone would be shared with them. The official spoke to reporters on condition of anonymity because he wasn't authorized to publicly comment.

Story continues below advertisement

High on the waiting list for assistance likely is Manhattan District Attorney Cyrus Vance, who told a U.S. House panel earlier this month that he has 205 iPhones his investigators can't access data from in criminal investigations. Apple is also opposing requests to help extract information from 14 Apple devices in California, Illinois, Massachusetts and New York.


WHAT DOES APPLE THINK ABOUT MONDAY'S MOVE BY THE FBI?

Apple responded by saying it will continue to increase the security of its products, reiterating its argument that the government's demand for Apple's help was wrong.


THE DIGITAL PRIVACY DEBATE

The dispute had ignited a fierce debate that pitted digital privacy rights against national security concerns and reinvigorated discussion over the impact of encryption on law enforcement's ability to serve the public.

UN on Apple: U.S. authorities risk unlocking ‘Pandora’s box’

1:20

In Washington: Darrell Issa, a Republican in the U.S. House of Representatives, said in a statement that while it was "preferable" that the government gained access to the iPhone without Apple's help, the fundamental question of the extent to which the government should be able to access personal information remains unanswered. Issa, a critic of the administration's domestic surveillance practices, said the government's legal action against Apple raised constitutional and privacy questions and that "those worried about our privacy should stay wary" because this doesn't mean "their quest for a secret key into our devices is over."

In tech circles: Denelle Dixon-Thayer, chief legal and business officer at Mozilla, which makes the Firefox Web browser, said in a statement that "fixing vulnerabilities makes for better products and better security for everyone" and the "government needs to take that into account" and disclose the vulnerability to Apple.

The public: Here's what American respondents said in a Pew Research Center poll last month about what Apple should have done with the FBI's request:

Story continues below advertisement


WHAT'S NEXT FOR APPLE?

Apple CEO Tim Cook.

Apple CEO Tim Cook.

ROBERT GALBRAIT/REUTERS

Monday's surprise development punctured the temporary perception that Apple's security might have been good enough to keep consumers' personal information safe even from the U.S. government. The withdrawal of the court process also takes away Apple's ability to legally request details on the method the FBI used in this case. Apple attorneys said last week that they hoped the government would share that information with them if it proved successful.

Jay Kaplan, a former NSA computer expert who's now CEO of cyber-security firm Synack, said it is likely Apple will pursue avenues to further lock down their operating systems and hardware, especially as a result of the public announcement of some new technique to crack their phones.


With reports from Evan Annett and Tom Cardoso


MORE READING

Could BlackBerry profit from the FBI's iPhone hack? The FBI's latest move does nothing to end the controversy surrounding the right to privacy of smartphone users, the ground on which Apple stood, Mike Babad writes.
Tracking our phones: How StingRay devices are being used by police Canadians are finally getting some answers about how the technology has been used here, Shane Dingman reports.
Internet of Things a playground for hackers When it comes to the security of the Internet of Things, technology companies are thinking about it all wrong. (This article is part of a series called The Future is Smart: How the Internet of things is changing business.)
Report an error
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.