What exactly does the FBI want from Apple and why?

When news first broke about Apple declining to create a back door in iOS that would allow far easier brute force passcodes, it was spun as Apple being unwilling to help the government fight terrorism and otherwise being against everything eagles and pie. The deeper narrative, though, has been one of Apple standing up for the privacy rights of not just Americans but everyone, everywhere. As the story develops, the first spin is showing increasing signs of strain.

Buzzfeed News:

The Apple executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident.Apple sent trusted engineers to try that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed sometime after the terrorist's death, with the Apple executives saying they were told it was done within 24 hours of the government taking possession of the phone. Changing the password prevents the auto-backup from occurring.

Court filings seemed to lay blame on the San Bernardino Health Department, stating:

[The] owner, in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely.

San Benadino, however, took to Twitter to say it wasn't exactly so:

See more

FBI Press Relations tried to clear things up:

Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple's assistance as required by the All Writs Act Order, since the iCloud backup does not contain everything on an iPhone.

What does this mean? iPhone forensics expert Jonathan Zdziarsk:

This statement has only one of two possible outcomes:FBI is Wrong, and was Reckless: It is true that an iCloud backup does not contain everything on an iPhone, however it does contain everything that a direct backup extraction by any commercial forensics tool would be able to acquire from the phone. [...]FBI will Compel More Assistance, and mislead the courts: As I said, there is in fact more data on the phone than comes off in either an iCloud backup or even by a direct extraction using a commercial forensics tool. The only way to get to this data, however, would be for Apple to digitally decrypt and extract the contents of the file system for the FBI, and provide them with a raw disk image. [...]In other words, if the FBI is planning to have Apple perform a physical extraction of this extra data, then they are forcing Apple to create this backdoor tool for a separate reason, as it is completely unnecessary if Apple will be forced to extract the contents of the device in the end.

To further expand on why this level of government intrusion affects more than just one case and one country, The New York Times dove into how China might well be next.

If Apple accedes to American law enforcement demands for opening the iPhone in the San Bernardino case and Beijing asks for a similar tool, it is unlikely Apple would be able to control China's use of it. Yet if Apple were to refuse Beijing, it would potentially face a battery of penalties.Analysts said Chinese officials were pushing for greater control over the encryption and security of computers and phones sold in the country, though Beijing last year backed off on some proposals that would have required foreign companies to provide encryption keys for devices sold in the country after facing pressure from foreign trade groups."People tend to forget the global impact of this," said Raman Jit Singh Chima, policy director at Access Now, a nonprofit that works for Internet freedoms. "The reality is the damage done when a democratic government does something like this is massive. It's even more negative in places where there are fewer freedoms."

Emotional arguments, especially those that try to cloak themselves in patriotism, seldom lose out to rational and even legal ones. Except when those emotional arguments are so manufactured that the seams begin to show... and to crack.

It's unclear exactly what's going on with this one iPhone 5c that belonged to terrorists and murderers — why was the password reset?; what information do they want that's not available using that password; and why are factions of law enforcement focused not on getting the data but getting a tool to get data?

Hopefully more will become clear soon. In the meantime, if you're concerned about your rights to privacy, you can sign the petition to the White House asking that efforts that compel Apple and other device makers to create a "backdoor" for the Government to access citizens data be halted, or join one of the rallies planned for Tuesday.

Rene Ritchie

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.

  • As far as apple developing a new OS with a back door for law enforcement to use on locked phones, no way. But if Apple is able to unlock the iPhone for the FBI to get information in the phone then yes they should if so ordered by a judge.
  • Obviously if this order stands Apple will have no choice but to comply. But to say it's just about this one phone is absurd. It's about this one phone until it isn't. Until another attack happens and the FBI needs data off that phone. Once law enforcement knows Apple can do this the genie is out of the bottle and can't be put back in again. This doesn't just apply to the USA either. This is setting a precedent for the entire world.
  • Agreed. If it takes a court order for each one, so be it. Let a judge make that determination, that is their job. As far as an OS with a back door they can use? NO WAY. Just No.
  • Apple has many choices, it can appeal up to the Supreme Court, it will not comply until then. They'll be fined and so on but it will drag on for years to come.
  • That is what the FBI is demanding for Apple to do is build a backdoor into iOS firmware that they can use to on any locked phones. But it sets a dangerous precedent that can led to global ramifications. Like rogifan says once it is out there that this can be done the genie is out of the bottle and what would stop other countries from demanding the same for "legitimate reasons."
  • As mentioned in the article, Apple already provided all of the resources it has to FBI since Jan. The FBI is demanding more and wants Apple to disable security features to make it possible for them to brute-force the passcode instantly. That's where it starts to exceed the limits of what the government can do. The government is not above the laws and cannot force private citizens and/or companies to do its work. Think about it, the only reason the court can do this is because of an old law passed back in 1700s, there's no modern laws (beside the adaption of the 1700s law into the current laws book) that permits FBI to do this.
  • The password, new and old, is only usable to get into the iCloud data (which Apple has provided already) so "who has that password" isn't really important. And it wasn't an unreasonable act to change the password - if there were co-conspirators who knew that password, they could log into icloud.com from anywhere in the world and retrieve data (and possibly modify or delete it). So it would seem like a smart way to preserve any evidence in the account and keep it out of the hands of other parties. (It also would protect any sensitive county data as well.) It was only after the fact that they tried the automatic backup and it failed because the password was changed that a problem was revealed. Reading Zdziarski's blog was an eye opener. I thought what the FBI was pressuring Apple to do would be terrible. Turns out it would be far worse than I imagined. If anyone here hasn't read his blog - I recommend it highly.
  • I read it and it's a bit light on the explanation part. I can see where he's going with it and I do agree that there seems to be a general expectation on part of the DoJ to get Apple to build specific forensics tools that can circumvent Apple's own security systems, plain and simple. Did anyone think this was about anything but that?
  • If you'd like to stand with Apple's stance on privacy, there is a White House petition at https://petitions.whitehouse.gov/petition/apple-privacy-petition #WeStandWithApple
  • Growing at a snails pace
  • Good article René, essential detail to raise ever more questions about what the real agenda might be. However, I think it is important too to back away from the detail and ask some broader questions. Should the U.S. Government have the right and the power to force a company that has committed no crime to build a tool that will cause self-destruction of the company? Should it have the right to do so without even asking Congress to pass a law giving itself that right and that power? Would any such power be constitutional, and would the courts approve it? Would you approve it? Sent from the iMore App
  • Be in no doubt that the US, China, Russia and a lot more governments are squarely on the same page concerning their desire to have unrestricted access to all their citizen's data. Because their citizens are what they fear most.
  • I'm a little ashamed that our government representatives would use fear and intimidation to try and get their way. Americans have always prided themselves on individual freedom and privacy. Now we are being asked to give them up because we need to stay safe. But why would this make us safe? Instead, we would be less safe. The government could view anything we have without any fight from us. I applaud Apple for taking this stand. Its time to get this out in the open. Our rights are what we have fought for since this country started. Are we going to throw it all away because of terrorist? We have so many organizations run by the government that spy on us. The IRS, NSA, CIA, Police, Credit Card companies, even our own jobs. This latest by the F.B.I. only makes it clearer how littles our government agencies respect our privacies and freedoms. In the old days, it was save the children for outrageous requests. Now its protect you from terrorist. What will it be next?
  • MeCurious, please cite for me one example of a case of misuse of any personal data from any government surveillance program. Regardless, the public is siding with the FBI on this issue. http://blogs.wsj.com/digits/2016/02/20/in-apple-vs-the-fbi-americans-wan...
  • Yes, we are. I find it strange that a Canadian is leading the charge over an American issue. Maybe he's actually a terrorist himself. #blamecanada #boycottrene Posted via the iMore App for Android