A federal judge today ordered Apple to assist law enforcement with breaking into the iPhone owned by one of the San Bernardino shooters. According to court papers, Apple has declined to voluntarily provide technical help in accessing the iPhone 5c owned by Syed Farook, who killed 14 people at a health clinic in the California city on December 2nd alongside his wife Tashfeen Malik. That assistance doesn't involve stripping the device of its encryption or handing over the passcode, but does include help in discovering the iPhone's passcode through what are called "brute force" methods of decryption. The FBI are looking for relevant data on who the attackers were communicating with, potentially via iMessage, and who may have also helped plan the shooting.
The judge was responding to a 40-page filing from the US Attorney's Office in Los Angeles demanding Apple participate in the investigation. "The government has been unable to complete the search because it cannot access the iPhone's encrypted content," the prosecutors wrote. "Apple has the exclusive technical means which would assist the government in completing its search, but has declined to provide that assistance voluntarily."
"Apple ... has declined to provide assistance voluntarily."
The judge ruled Apple had to provide technical help, which includes removing the limit on the number of passwords one can enter on the iPhone and bypassing the device's auto-erase function. The order also says the company could be asked to write custom software to do so if it does not have the current ability to bypass those features. Apple has five days to respond to whether the order would be "unreasonably burdensome." Apple has since responded, with CEO Tim Cook writing in an rare open letter on Apple.com that the company plans on fighting the order.
Judge orders Apple to do something that it cannot, as I understand it, technologically do. https://t.co/B8QBE5qtsw— Kashmir Hill (@kashhill) February 17, 2016
It's unclear what Apple may be able to do here considering the company has said in the past that 90 percent of devices running iOS 8 or higher cannot be forcibly unlocked. The company stopped storing encryption keys after that version of its mobile OS was released in September 2014. Even if Apple removes the password limit and auto-erase function, it would still take standard decryption software more than five years to crack the six-digit passcode, according to The Washington Post. The only timely way for the FBI to crack the code on Farook's iPhone, which is running iOS 9, is with a supercomputer and the iPhone's hardware key. Apple says it does not keep a copy of the key.
Still, the judge's order should add a significant layer of contention to the encryption debate. The issue pits tech companies like Apple, Google, and Microsoft against law enforcement officials who want help bypassing, and by definition undermining, consumer protection methods in modern technology and on the web. FBI director James Comey, speaking to the Senate Intelligence Committee last week, mentioned San Bernardino as a prime example of how tech companies' cooperation could aid criminal investigations if they would only hand access over to the government. However, what Comey and the FBI want may put US tech companies at a disadvantage by increasing the likelihood of security breaches and bringing organizations like the NSA into international business dealings.
Update at 12:05PM, Wednesday, February 17: Clarified that Apple CEO Tim Cook has since responded through an open letter on Apple's website saying the company plans to defy the order to create an iPhone backdoor for the FBI.