clock menu more-arrow no yes

Filed under:

The problem with 'unlocking'

New, 36 comments

For FBI allies, "unlocking" has become a useful word. The latest salvo came in a New York Times opinion piece on Tuesday, in which NYPD commissioner William Bratton and a coauthor weighed in on Apple’s legal fight under the headline "Why Apple Should Unlock an iPhone."

The problem, according to Bratton, started when Apple decided to stop unlocking phones in the first place. "Until 17 months ago, Apple held the key that could override protections and open phones," the piece claimed. "Apple used this ‘master key’ to comply with court orders in drug, kidnapping, murder, and terrorism cases." Once iOS 8 came along, Bratton writes, the system changed. Apple no longer had the master key, or at least it was refusing to give it out.

"Either they don’t understand the underlying technology or they’re intentionally lying."

Bratton’s characterization has ruffled feathers for many in the industry, who see it as an attempt to rewrite Apple’s history. "The statement is malarky and represents one of two things," said one industry executive. "Either they don’t understand the underlying technology or they’re intentionally lying."

But while Bratton’s op-ed has proved particularly aggravating, the real problem may be his choice of words. The case pivots around the idea of "unlocking," implying that pulling data from old iPhones should make it simple to break security on new ones. Apple has unlocked phones for us before, Bratton says. Why won’t they do it again?

Pulling unencrypted data is very different from cracking open an entire security system

That impression is wrong, but it takes an understanding of the history of iOS encryption to explain exactly why. For Bratton and his friends in the FBI, iOS 8 was the point at which encryption became a problem — but from a technical standpoint, very little changed. iOS 7 already encrypted much of the phone’s data by default, particularly third-party app data. It just didn’t include text messages, contacts, and call history — the exact things most useful to investigators. That meant it was accessible even without Apple’s help, and the big forensic tools generally advertise the ability to pull data from those phones. The scope of the encrypted data changed with iOS 8, moving to include contacts and texts, but the encryption itself didn’t change and there was a lot of app data that was simply inaccessible on both systems.

Of course, the FBI’s allies aren’t interested in going into all that detail, so they collapse it all into a single word: "unlocking." Pulling unencrypted data is very different from cracking open an entire security system — but for some reason, law enforcement officials keep referring to those actions with the same word. It isn’t just Bratton. In October, a prosecutor in a New York iPhone case told the court that Apple had unlocked more than 70 phones for police in the past, a number that’s been avidly recirculated in the days since the San Bernardino order came in. The argument is simple — if Apple did it before, why not again? — but it hinges on a single word that’s been stretched to its limit.

"They’re not unlocking a phone."

It’s hard to say for sure whether Apple ever willingly broke the encryption on phones before iOS 7 — only Apple and the feds know for sure — but sources suggest the "70 iPhones" figure refers to simple data extraction. Austin Berglas ran the FBI’s New York Cyber Bureau before moving to K2 Intelligence, and while he claimed no direct experience with the cases, he was skeptical that any involved actually bypassing a phone’s encryption. "They’re not unlocking a phone," says Berglas. "Apple may have provided assistance in extracting the data, but it’s not cracking or unlocking."

At the same time, we know there are a lot of pre-iOS 7 phones that the FBI simply can’t get into. As The Verge reported yesterday, the bureau has current court orders asking Apple to unlock at least eight pre-iOS 7 phones, presumably to get into data held within the encrypted partition. For at least some of the phones, there’s an outstanding lock-screen bug that would do the trick, but the FBI seems to be waiting for Apple to do the job for them.

That leaves us with a problem. The FBI’s demand is complicated, and we need a simple way to talk about it. "Unlocking," for all its problems, is not such a bad simplification. The FBI has a locked phone and they want it to be unlocked. Getting there will mean building some dangerous tools and setting some troubling precedents, but that’s basically what the bureau wants. Calling it "unlocking" lets the government phrase that demand in a way that seems like it’s happened before, when there’s no evidence that it has. The fight over technology has become a fight over the words we use to describe that technology. For now, the result has been to keep anyone outside law enforcement from using the word "unlocking" at all.