Skip to main content

How a new hack put Apple's FBI fight on hold

How a new hack put Apple's FBI fight on hold


Last night, the FBI backed down. What happens next?

Share this story

Last night, Apple’s month-long struggle with the FBI was abruptly paused, with the FBI putting the order to compel Apple on hold until it can try out a new attack it believes will unlock the San Bernardino iPhone. If the attack works (and the FBI seems confident that it will), it would mean a sudden end to the fight that has consumed both sides since February. It’s still possible the new method will fail and the case will resume in April, but after months of high-stakes legal sparring, the fight looks very close to being finished.

But despite FBI claims to the contrary, this fight was always much bigger than a single iPhone, and it’s unclear what this last twist means for the larger privacy issues at stake. Can the FBI compel companies to break their own security? Is the iPhone a warrant-proof space? For all the legal and political maneuvering, the San Bernardino fight was shaping up to answer those questions, either through a new legal precedent or a new law. But while the case itself is all but settled, the bigger issues seem more confused than ever.

Can the FBI compel companies to break their own security? Is the iPhone a warrant-proof space?

From what we know about the attack itself, the fix seems unlikely to apply very far beyond the San Bernardino case. The FBI asked for only two weeks to test the attack, which has lead a number of experts to speculate that the attack is based on a NAND mirroring technique — essentially copying the flash memory of the device so as to be able to restore it after a lockscreen wipe. At a House Judiciary Hearing earlier this month, Rep Darrel Issa asked FBI Director Comey a number of questions about the feasibility of such a technique, so we know the bureau is aware of it, and there’s a strong technical consensus that it works.

But while the attack could break through the lockscreen on the 5c linked to the San Bernardino attacks, any phone with a Secure Enclave (that is, anything beyond the 5s) is immune to the attack, giving it little use outside of this specific case. Even if the attack is something more sophisticated than NAND mirroring, it’s likely to hit the same limitations. Like any tech company, Apple is constantly protecting against new lines of attack, adding protections in both hardware and software. Any known attack won’t stay viable for long, which was one of the main reasons the bureau was so wary of relying on exploits in the first place.

The biggest effect may be political rather than legal

The only way out of that trap is if Congress or courts give law enforcement the right to pull data stored on a device, regardless of the technical protections in place. That’s what the FBI has been pushing since 2014, and it’s what the bureau hoped to get from the San Bernardino case. If the FBI had succeeded with its order (and on the inevitable appeal), the FBI would have had a legal way to access data regardless of what technological protections Apple and other companies put in place. That was the goal — or, for civil libertarians, the nightmare — and it’s now as far away as ever. Apple had a range of arguments against the order, but we’ll have to wait for another case to find out if they hold up.

The biggest effect of Apple's pushback may be political rather than legal. Law enforcement requests are common, but they almost never end up in court thanks to the real political pressure of a law enforcement order. Most companies will simply comply rather than be publicly accused of aiding terrorism. For decades, the political consequences of fighting such an order have been both frightening and unclear. But Apple did kick back, and roughly half the country took its side, a genuinely surprising result. It’s hard to say whether a less famous company like Cisco or Akamai could pull off the same trick, but their odds are surely better now than they were in January.

When we do see another case like this, last night’s scramble will be a cautionary tale. Every indication is that the FBI is simply doing its legal duty after learning of a new attack — but from afar, it looks an awful lot like a last-minute retreat. After so much public pressure, the sudden reversal is embarrassing, and there’s no reason to think it won’t happen again the next time. When the next All Writs Act request comes to Apple or WhatsApp or Telegram, it will be much easier to claim that law enforcement simply hasn’t exhausted all its options for cracking the security. The fundamentals of security will make it very hard for any agency to prove that they have. There are always more attacks you haven’t thought of, particularly when you’re competing with all the researchers in the world. It’s always easier to break a system than protect it, easier to spy on someone else than protect your own communications. That’s long been a problem for surveillance targets. After last night, it’s a problem for prosecutors too.

Hands-on with the new iPhone