Does the FBI know for sure if the Erase Data feature is turned on?
It doesn’t seem like it—the FBI just doesn’t want to take any chances. From the February 19 filing, emphasis ours:
The FBI has been unable to make attempts to determine the passcode to access the subject device because Apple has written, or “coded,” its operating system with a user-enabled “auto-erase function” that would, if enabled, result in the permanent destruction of the required encryption key material after 10 failed attempts at entering the correct passcode.
What was Apple’s response?
Apple posted an open letter to customers explaining its position. It reads in part:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software—which does not exist today—would have the potential to unlock any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
The main argument: Is this a backdoor to one iPhone or all of them?
Would the software the FBI is requesting be considered a “backdoor”?
That depends on whom you ask. For example, Bruce Schneier of Harvard’s Berkman Center for Internet and Society told our colleagues at NetworkWorld, “The FBI is asking Apple to reinstall a vulnerability they fixed.” He says the iPhone 5c didn’t intially have protection against brute-force attacks to guess the passcode, but those were added in 2014 with iOS 8.
The government’s February 19 court filing definitely disagrees that it’s a backdoor, mostly because the order is written just for this phone.
Apple may maintain custody of the software, destroy it after its purpose under the Order has been served, refuse to disseminate it outside of Apple, and make it clear to the world that it does not apply to other devices or users without lawful court orders. As such, compliance with the Order presents no danger for any other phone, and is not “the equivalent of a master key, capable of opening hundreds of millions of locks.”
But Apple believes that it is—that “master key” quote is right from Apple’s open letter.
Whether it’s a backdoor or not, the FBI says they only want to use it once. So what’s wrong with a single-use backdoor?
The DOJ is saying that the FBI only wants to do this once, that’s true. But the February 19 filing uses several other court cases as precedent to bolster its argument that Apple is being unreasonable to refuse this time. In both this San Bernardino investigation and a separate drug case in the state of New York, the government is saying that since Apple helped before, they should be willing to help again.
Sign up for CIO Asia eNewsletters.