U.S. Congressman Darrell Issa: The FBI should try to unlock shooter’s iPhone without Apple’s help

“The FBI might be able to copy the hard drive of an iPhone used by a mass shooter without triggering the device’s auto-erase functions, thus eliminating the agency’s need to take Apple to court, a company executive said Tuesday,” Grant Gross reports for IDG News Service. “Instead of forcing Apple to help defeat the iPhone password security that erases the device’s contents after 10 unsuccessful attempts, it may be possible to make hundreds of copies of the hard drive, said Bruce Sewell, Apple’s senior vice president and general counsel.”

“Apple doesn’t know the condition of the iPhone used by San Bernardino mass shooter Syed Rizwan Farook, so it’s unclear if mirroring the hard drive would work, but it’s possible, Sewell said during a congressional hearing,” Gross reports. “The suggestion that the FBI attempt to copy the iPhone’s hard drive first came from Representative Darrell Issa, a California Republican and former car-alarm entrepreneur.”

“The design of the older model iPhone 5c may allow investigators to remove its hard drive and make multiple copies, Issa said. Investigators could then run 10 password attempts on each copy until they found the correct password, he said,” Gross reports. “‘The FBI is the premier law enforcement organization, with laboratories that are second to none in the world,’ Issa told FBI Director James Comey. ‘Are you testifying today that you and/or contractors that you employ could not achieve this without demanding that an unwilling partner do it?’ The FBI has explored other options and found none that it believes will work without Apple’s assistance in defeating the password protection, Comey said.”

Read more in the full article here.

MacDailyNews Take: Comey’s lack of credibility intensifies every time he opens his mouth.

SEE ALSO:
Can the FBI force a company to break into its own products? No, says U.S. Magistrate – March 2, 2016
FBI Director Comey now claims ‘mistake made’ in changing San Bernadino terrorist’s Apple ID password – March 1, 2016
U.S. Congress likely to side with Apple vs. FBI in iPhone unlocking fight – March 1, 2016
Why did the FBI direct the San Bernardino Health Department to reset Syed Farook’s Apple ID? – February 22, 2016U.S. Attorney General Loretta Lynch plays disinformation card in iPhone unlocking fight – March 1, 2016
The FBI’s case against Apple got kneecapped in Brooklyn: The judges rebuke couldn’t have been stronger – March 1, 2016
U.S. Magistrate Judge: The U.S. government cannot force Apple to unlock an iPhone in New York drug case – February 29, 2016
House Judiciary Committee members consider legal brief in support of Apple vs. U.S. government – March 1, 2016
U.S. Representative Darrell Issa on Apple vs. FBI: Very scary when your government wants to know more about you – February 24, 2016
Apple CEO Cook decried Obama’s ‘lack of leadership’ on encryption during a closed-door meeting last month – February 29, 2016
Apple: The law already exists that protects us from U.S. government demands to hack iPhone – February 26, 2016

17 Comments

  1. It seems to me that this scheme to duplicate the hard drive multiple times is a bit much; even Sewell admitted as much.

    You could have data corruption. Of course it’s not just the hard drive, you’d have to hook that up to some input/output device. iPhones (and all smartphones) are very integrated devices these days, with very small components, and it’s not like taking out a PC hard drive and just slotting it into a new mount bay.

    A friend of mine had a broken screen replaced on an iPhone at the Genius Bar at an Apple Store, and he was told that in the process of replacing the screen that the device memory may be lost. So it’s not trivial to do what Issa suggested.

    I support Apple, but Sewell is using this as one more way to try to win the case. I don’t blame Sewell for doing so, but let’s not jump to the conclusion that this method is so certain to work.

  2. You can’t just take a copy of the encrypted data and try and guess the passcode. The passcode is only one part of the encryption key. The other part is a random, undocumented 256bit UID that is etched onto the SoC itself. That UID can only be obtained by looking at it with an extremely strong microscope. If you can’t do that then you notably have to guess the 4 digit passcode, you also have to guess the 256 UID against each possible passcode. Which is…

    115792089237316195423570985008687907853269984665640564039457584007913129639935000

    possible keys.

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.