Weeks after backing down from its litigation demanding Apple’s help to access encrypted data on the San Bernardino terrorist’s iPhone, the FBI appears to be taking full advantage of its newly discovered forensic prowess by offering assistance to law enforcement agencies across the country.
The agency has sent out letters letting local officials know that it has gained access to the encrypted data on the iPhone used by the San Bernardino shooter, and it has offered to help officials use the technique, which it did not disclose, to assist their investigations.
FBI Assistant Director Kerry Sleeper on Friday reminded local law enforcement operations that the agency was available for assistance, according to Buzzfeed, which obtained a copy of the memo.
The “Going Dark” problem, which allows criminals to operate in an environment where evidence is largely untraceable, is a substantial challenge for federal and local agencies, Sleeper noted. The memo gave no indication that the agency was willing to share the actual technique used, which the FBI acquired through consultation with a third-party entity.
iPhone Deconstruction Method
One technique that may have been employed is a simple deconstruction of the iPhone, which involves physically copying the memory content and then restoring it when the phone tries to erase, suggested Joseph Bonneau, a technology fellow at the Electronic Frontier Foundation.
That technique came to light as the case was about to go to a court hearing last month, when ACLU Technology Fellow Daniel Kahn Gillmour referenced it in a blog post. It involves desoldering the phone’s NAND flash, reading out the flash, and then doing in-loop passcode testing of the device.
To be clear, the FBI has not disclosed how it accessed the data — nor has it disclosed the name of the third party that brought the technique to its attention.
“Assuming some version of this method was used, this is not fixable by Apple,” the EFF’s Bonneau told the E-Commerce Times.
More recent versions of the iPhone, including the iPhone 6, may be more secure against this type of breach, he said, as they contain tamper-resistant memory to store the number after too any unsuccessful PIN breaches.
If the FBI should manage to help other law enforcement agencies hack into encrypted devices, the technique used will not stay secret for too much longer, said Alan Butler, senior counsel at the Electronic Privacy Information Center.
“Defense attorneys eventually get access to any method used to generate evidence against their clients in a criminal case, and this should be no different in phone decryption methods,” he told the E-Commerce Times. “The reason for this is that every evidence-gathering technique needs to meet baseline standards for reliability and accuracy.”
EPIC filed an amicus brief in a case that tested the ability to cross examine “enhanced techniques” used to gather forensic evidence, according to Butler. The case, Florida v. Harris, involves the use of drug-detection dogs to conduct a search without a warrant.
In that particular case, a dog was used to detect pseudoephedrine, which allegedly was being used to create meth, in a search of a suspect’s truck. The dog was not trained to detect pseudoephedrine, however, and EPIC filed a brief arguing that investigative techniques must be based on research, testing and reliability.
No End in Sight
It’s likely that the FBI will be forced to employ different strategies in future encryption cases, according to Butler.
“The Apple case made it clear that device manufacturers, public interest groups and former security advisors all support the rights of Apple and their users to have strong encryption,” he said.
Apple is more likely to be able to create an update for the iPhone hack, and install a more secure patch or updated operating system that the FBI or any other outside entity would not be able to penetrate, suggested Eli Dourado, the director of the Technology Policy Project at George Mason University’s Mercatus Center.
“Apple will almost certainly be able to figure out what vulnerability the FBI is using and be able to fix it,” he told the E-Commerce Times. “The challenge will be in ensuring that new vulnerabilities do not arise in the future.”
However, given the “ubiquity of software bugs in all projects,” Dourado added, it is more likely than not that in the future, law enforcement will hack into smartphones as a rule rather than an exception.
An Apple spokesperson was not immediately available to comment for this story.