FBI may have lost critical time unlocking Texas mass murderer’s Apple iPhone

“For about 48 hours after a deadly rampage at a Texas church, the FBI and other law enforcement agencies did not ask Apple Inc to help them unlock the gunman’s iPhone or associated online accounts, a source told Reuters on Wednesday,” Stephen Nellis and Dustin Volz report for Reuters.

“A cellphone belonging to Devin Kelley – accused of killing 26 people before taking his own life – was sent to the Federal Bureau of Investigation’s Quantico, Virginia, crime lab because authorities could not unlock it, Christopher Combs, head of the FBI’s San Antonio field office, said on Tuesday,” Nellis and Volz report. “Combs did not specify what kind of phone Kelley had during the attack in Sutherland Springs, Texas, but the Washington Post reported on Tuesday that it was an iPhone, citing sources close to the investigation.”

“The Reuters source said that in the 48 hours between Sunday’s shooting and Comb’s news conference Apple had received no requests from federal, state or local law enforcement authorities for technical assistance with Kelley’s phone or his associated online accounts at Apple,” Nellis and Volz report. “iPhones locked with a fingerprint ask for the user’s pass code after 48 hours if they have not been unlocked by then.”

“If it receives a warrant or court order, Apple will give law enforcement authorities iCloud data, as well as the keys needed to decrypt it,” Nellis and Volz report. “If an iPhone user backs up their iPhone using iCloud, the online data can contain texts, photographs and other information from the phone. It could not be learned whether Apple had received a court order to turn over iCloud data.”

Read more in the full article here.

MacDailyNews Take: While the FBI may very well ask for iCloud data via warrant, we doubt the FBI (now under new management) will be stupid enough to file a lawsuit in an attempt to compel Apple to unlock it this go ’round.

SEE ALSO:
FBI unable to access Texas mass murder’s locked phone – November 7, 2017
Apple CEO Cook tweets condolences for victims of mass murder in First Baptist Church of Sutherland Springs, Texas – November 6, 2017
Tim Cook’s refusal to create iPhone backdoor for FBI vindicated by ‘WannaCry’ ransomware attack on Windows PCs – May 15, 2017
Bungling Microsoft singlehandedly proves that ‘backdoors’ are a stupid idea – August 10, 2016
U.S. Congressman Ted Lieu says strong encryption without backdoors is a ‘national security priority’ – April 29, 2016
iPhone backdoors would pose a threat, French privacy chief warns – April 8, 2016
The U.S. government’s fight with Apple could backfire big time – March 14, 2016
Obama pushes for iPhone back door; Congressman Issa blasts Obama’s ‘fundamental lack of understanding’ – March 12, 2016
U.S. Attorney General Loretta Lynch backs U.S. government overreach on The Late Show with Stephen Colbert – March 11, 2016
Former CIA Director: FBI wants to dictate iPhone’s operating system – March 11, 2016
FBI warns it could demand Apple’s iPhone code and secret electronic signature – March 10, 2016
California Democrat Diane Feinstein backs U.S. government overreach over Apple – March 10, 2016
Snowden: U.S. government’s claim it can’t unlock San Bernardino iPhone is ‘bullshit’ – March 10, 2016
Apple could easily lock rights-trampling governments out of future iPhones – February 20, 2016
Apple CEO Tim Cook lashes out at Obama administration over encryption, bemoans White House lack of leadership – January 13, 2016
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013

38 Comments

  1. The last paragraph may actually contain the solution to the unlocking problem. This mostly applies to Apple due to the IT function they fulfill. It goes something like this:

    a) A tragic crime happens.
    b) A warrant is issued compelling Apple to send a “backup device now” command to the unit. Identifying information is provided by cell towers.
    c) iCloud data is provided under the warrant. Device is never unlocked.

    Constitution intact, info retrieved, secure enclave untouched.

    1. The problem is, what keeps this from happening inappropriately at other times, without a warrant, or for that matter from a hacked command thats not even from law enforcement? This is the fundamental argument with “back doors”, no matter how well intended. I say figure out away to use the dead perp’s finger (or prop his eyes open clockwork orange style and use Face ID…)

      1. applecynic,

        Thank you for the clarification below that you do not know if Apple could currently do this, but you think it could acquire the ability, which would provide “the solution to the unlocking problem.”

        Yes, but there are (at least) two major problems:

        (1) Apple makes 60% of its income outside the United States, so most of its customers are probably outside the reach of the Fourth Amendment. The company has no choice other than to comply with local laws if it wishes to do business in a given country. The only real protection for your data is Apple’s current inability to comply with those laws.

        The notion that only a neutral and impartial magistrate can issue a warrant is fairly new even in the US. As recently as 1971, the Supreme Court had to reverse a warrant issued by the New Hampshire Attorney General (who had been designated a magistrate by the state constitution) in an investigation he was personally leading. In England and Wales the Police and Criminal Evidence Act currently allows the police to conduct searches of premises controlled by someone in custody with no magistrate involvement. Most other countries range down from there.

        Requiring compliance with local law before Apple downloads a phone’s contents is no protection at all. Also, WHICH local law? Possibilities include: the place where the phone is, the place where the owner resides, the place where the crime was committed, and anyplace where the government is curious.

        (2) If Apple possesses a secret code that will allow complete access to any device it has manufactured, that would be an even bigger deal than the design of an upcoming iPhone. We have seen how successful Apple was in keeping that secret. It would probably not be a matter of months, but of days, before the secret code was in general circulation within the intelligence and criminal communities. After that, an iPhone would be no more secure than a flip phone from the Dollar Store. The ultimate consequences of that could be even more devastating than a mass shooting. The world’s economy and political stability are both built on the ability to communicate with safety.

        1. I appreciate the legal hurdles, and I am only considering a phone that is physically in the US, whereby US law applies.

          From a tech point of view, it’s really not that different from remote wipe, which is currently available. Yes, you would need to uniquely specify the phone, which is trivial if it is police possession, and instead of Apple (or the carrier) issuing a “wipe” command, they issue a “backup” command. The rest would proceed as described, and the phone itself need not be hacked or altered.

          Yes, Congress may need to pass a law, but I’m reasonably sure “analog” laws currently exist for this kind of stuff.

        1. OK, Architect, what do you want me to read?

          If it is the article linked to this post, I have read it. It says that if Kelley had previously backed his iPhone up to iCloud, Apple would allow law enforcement access to the backup in response to a warrant. It does not say that he actually had backed it up to iCloud, or that the backup was current. It certainly does not say that Apple has the capacity (whether court-ordered or not) to force a locked phone to back itself up to iCloud without the owner’s participation.

          I have also read generally about how to back an iPhone up to iCloud. All of those instructions require the owner to unlock his own device and deliberately back it up. There is no suggestion that a backup can be initiated remotely by Apple.

          I was only asking if I have missed something. To repeat, is it really possible for Apple to force the backup of a locked phone and, if so, where can I read a description of the procedure?

            1. As macgagetfreek said, any backdoor, no matter how well intentioned, will (emphasize that: **WILL**) be exploited by criminals. Anyone who thinks that Apple (or any other vendor for that matter) can set up such a backdoor that absolutely cannot be hacked and used by criminals is an idiot. Period.

              Do you want thousands upon thousands of iPhones to get a signal to backup to a non Apple site then those criminals using that data for whatever they please? Setting up such a backdoor would enable that.

            2. It’s not a backdoor to the device, and iCloud is an existing backdoor. If that’s the case, I expect your outrage that APple has control of your data. Can’t have it both ways.

              But far more importantly, this issue is not about Apple, it’s about constitutional law enforcement. One way out of this is to treat it like phone records, which don’t need to be retrieved from the device.

            3. PS-It can be narrowed down to the very unit itself, not thousands upon thousands. That’s easily doable from a technology point of view. Set up dummy cell, phone connects, IMEI and other information are then instantly available. You do know that Apple, and your carrier, have you IMEI right?

          1. applecynic proposed a forced iPhone backup with subsequent retrieval of that data from iCloud as a potential solution for satisfying law enforcement access while maintaining the inherent security of the encryption on the device, itself.

            It is actually an interesting proposition, a two-step method that leaves Apple in full control as long as the backup goes to an iCloud server and Apple retains the iCloud decryption key. That doesn’t make it a good solution, necessarily, because any back door can be exploited. But it is better than handing over an iOS encryption backdoor to the FBI, CIA, and NSA (and everyone in the world who has successfully hacked those agencies).

            1. He or she also said “That doesn’t make it a good solution, necessarily, because any back door can be exploited.” which is everyone else’s point who you keep arguing with. Your idea, while interesting, is not a good idea.

            2. After your back door idea is implemented, yes, I wouldn’t trust Apple’s security anymore because your idea weakens security. Your idea adds an exploit. You need to shelve your original idea and come up with something else. That’s how people solve problems, they move on from bad ideas.

            3. You said “You shouldn’t trust it now, my idea didn’t hack iCloud at all.”

              Your idea makes iPhone security weaker, it’s not a good idea. Move on.

            4. You don’t have to agree with the idea, but it makes iPhone security “no worse”. That’s the part your missing.

              Or just admit that you don’t want even warranted searches, in which case the law says your wrong.

            5. Sure, sure, “it makes iPhone security “no worse” even though it would add a back door that would inevitably be exploited. I’ll just back away from the crazy person now.

            6. There is no back door being added at all. Apple currently cooperated with retrieving iCloud data when presented with a warrant. No added back doormat all. None. That’s what I think your missing. It’s already happening.

            7. My data isn’t on it. I wouldn’t dream of backing up all my personal information to a cloud service where it could be accessed without my consent. My encrypted iPhone backups are on my encrypted Mac in my locked home, with encrypted offsite copies under my exclusive control.

              Your “solution” would require iPhone users to use iCloud, which is only as secure as governmental and criminal hackers allow it to be.

            8. Hmmmm….
              Good point, but you are benefiting from the knowledge to do so, and you can’t get everyone, but I’m sure you’ll agree we have no obligation to help the stupid criminal that doesn’t do that.

              I still think that information obtained by a an appropriate warrant, by proxy, has merit. Call logs kept be the phone companies, for instance, something like that.

            9. PS-Then you also admit Apple security can’t be trusted enough…

              Perhaps as an attorney and keeper of other’s information, you specifically need to keep info in your total control. Which is saying the same thing.

  2. There sure are a lot of insights to gain from this mass murder.

    – From other articles, he Air Force admitted that it had failed to enter the man’s domestic violence court-martial into a federal database that could have blocked him from buying the rifle he used to kill 26 people. Way to go.

    – The article points out that the dead man’s finger could have been used to unlock the device as long as it had not been powered down and restarted but the FBI waited, pass the 48 hours available to do so. Way to go.

    – The FBI has criticized Apple for how difficult it is to obtain data from its devices when they are locked. Awww it’s more than just whining, it’s become a national pastime there, almost patriotic I would think considering that there’s so much whining. News flash FBI, obtaining devices that are locked is not supposed to be difficult, it’s supposed to be impossible, so whine away.

    Thank goodness for Apple, safeguarding people’s privacy.

  3. You do not need to be alive to unlock an iPhone with a fingerprint. I know this for a matter of fact as I had a dear friend die and his wife did not know his passcode and needed to get access to information on his phone. I got access to the phone for her by using his right index finger pressed to the sensor. I am amazed that a law enforcement officer couldn’t figure that out

      1. This may be the truest thing you have ever posted here. It explains a lot anyway. Your corpse brain openly longs for the good old days of 1917, as Trump does.

        Russian Troll, when specifically did America start and stop being great?

        1. It is all Obama for you, isn’t it, botty? You claim to be a non-partisan free-thinker, but you are as deep red a partisan asI have ever seen.

          And Nick, the Hart-Celler Act is summarized thusly in Wikipedia:

          The Hart–Celler Act of 1965 marked a radical break from the immigration policies of the past. Previous laws restricted immigration from Asia and Africa, and gave preference to northern and western Europeans over southern and eastern Europeans.[3] In the 1960s, the United States faced both foreign and domestic pressures to change its nation-based formula, which was regarded as a system that discriminated based on an individual’s place of birth. Abroad, former military allies and new independent nations aimed to delegitimize discriminatory immigration, naturalization and regulations through international organizations like the United Nations.[4] In the United States, the national-based formula had been under scrutiny for a number of years. In 1952, President Truman had directed the Commission on Immigration and Naturalization to conduct an investigation and produce a report on the current immigration regulations. The report, Whom We Shall Welcome, served as the blueprint for the Hart–Celler Act.

          The bill also set an annual numerical restriction on visas at 170,000 with a quota based on country of origin. Fifty-two years times 170,000 per year is 8.84M total. So you cannot assign blame of “tens of millions” on the Hart-Celler Act, even if every immigrant originated in the “third world.”

          Hyperbole and hysteria will get you nowhere on this forum. Calmer, more logical, and more rational people are watching for the rants posted by people like you.

        1. I find it difficult to believe Blue Max’s tale of sitting in a dead man’s house next to his widow, taking the corpse’s finger and opening an iPhone.

          As a libtard, you are inherently gullible.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.