Expert helped Los Angeles police hack Apple iPhone: court records

LOS ANGELES - A cellphone expert overrode the lock function on an Apple iPhone to help Los Angeles police in a homicide investigation around the time U.S. authorities were battling the company to open other phones in criminal cases, court records showed on Thursday.

The successful hack of the iPhone 5s in the Los Angeles case is another sign U.S. authorities are turning to third-party contractors to unlock smartphones rather than relying on manufacturers like Apple Inc., which helped in the past. The third-party hacks have Apple racing to strengthen its encryption technology.

Los Angeles police gained access to the iPhone of April Jace, the wife of "The Shield" actor Michael Jace, who is accused of shooting her to death, at their home in May 2014.

Police investigators learned on March 18 that a forensic cellphone expert, whose identity was not released, could "override the locked iPhone function" on April Jace's phone to extract data, Detective Connie Zych wrote in a search warrant affidavit.

That was around the time the U.S. government was locked in a legal battle with Apple over requests the company unlock the iPhone 5c used by Rizwan Farook, one of the shooters in the San Bernardino killings.

Apple refused to bypass the encryption features on Farook's phone on grounds it could undermine security for all users. The company declined to comment on the Jace case.

The override of April Jace's iPhone 5s was less of a technical feat than the unlocking of Farook's iPhone 5c.

Jace's phone predated the iOS 8 operating system, which Apple introduced in fall 2014 with strengthened encryption methods. The contractor who unlocked Farook's iPhone 5c had to get past iOS 9, an operating system released in September 2015.

Apple helped authorities gain access to iPhones about 70 times before changing its position last year, court documents have shown.

It was unclear which OS was installed on Jace's iPhone. Her killing came after Apple released iOS 7, but before iOS 8.

In another high-profile case, the U.S. Department of Justice fought Apple in court seeking to force the company to assist authorities in accessing an iPhone 5S with iOS7 seized as evidence in a New York drug case.

Last month, the Department of Justice dropped the effort when it disclosed someone provided authorities the passcode to the device.

The hack of April Jace's iPhone appears to be related to an order in January by the judge to allow Michael Jace's defense team access to the phone.

Michael Jace's attorney in January argued in court the actor suspected his wife was having an affair and may have become enraged moments before the shooting, after seeing something on her iPhone, according to a report at the time from the New York Daily News.

source: www.abs-cbnnews.com

FBI trick for breaking into iPhone likely to leak, limiting its use

SAN FRANCISCO - The FBI's method for breaking into a locked iPhone 5c is unlikely to stay secret for long, according to senior Apple Inc engineers and outside experts.

Once it is exposed, Apple should be able to plug the encryption hole, comforting iPhone users worried that losing physical possession of their devices will leave them vulnerable to hackers.

When Apple does fix the flaw, it is expected to announce it to customers and thereby extend the rare public battle over security holes, a debate that typically rages out of public view.

The Federal Bureau of Investigation last week dropped its courtroom quest to force Apple to hack into the iPhone of one of the San Bernardino shooters, saying an unidentified party provided a method for getting around the deceased killer's unknown passcode.

If the government pursues a similar case seeking Apple’s help in New York, the court could make the FBI disclose its new trick.

But even if the government walks away from that battle, the growing number of state and local authorities seeking the FBI’s help with locked phones in criminal probes increases the likelihood that the FBI will have to provide it. When that happens, defense attorneys will cross-examine the experts involved.

Although each lawyer would mainly be interested in whether evidence-tampering may have occurred, the process would likely reveal enough about the method for Apple to block it in future versions of its phones, an Apple employee said.

"The FBI would need to resign itself to the fact that such an exploit would only be viable for a few months, if released to other departments," said Jonathan Zdziarski, an independent forensics expert who has helped police get into many devices. "It would be a temporary Vegas jackpot that would quickly get squandered on the case backlog."

In a memo to police obtained by Reuters on Friday, the FBI said it would share the tool "consistent with our legal and policy constraints."

Even if the FBI hoards the information - despite a White House policy that tilts toward disclosure to manufacturers - if it is not revealed to Apple, there are other ways the method could come to light or be rendered ineffective over time, according to Zdziarski and senior Apple engineers who spoke on condition of anonymity.

The FBI may use the same method on phones in cases in which the suspects are still alive, presenting the same opportunity for defense lawyers to pry.

In addition, the contractor who sold the FBI the technique might sell it to another agency or country. The more widely it circulates, the more likely it will be leaked.

“Flaws of this nature have a pretty short life cycle,” one senior Apple engineer said. “Most of these things do come to light.”

The temporary nature of flaws is borne out in the pricing of tools for exploiting security holes in the government-dominated market for “zero-days,” called that because the companies whose products are targets have had zero days’ warning of the flaw.

Many of the attack programs that are sold to defense and intelligence contractors and then to government buyers are purchased over six months, with payments spaced apart in case the flaw is discovered or the hole is patched incidentally with an update from the manufacturer, market participants told Reuters.

Although Apple is concerned about consumer perception, employees said the company had made no major recent changes in policy. Instead, its engineers take pride in the fact that a program for breaking into an iPhone via the web was recently purchased by a defense contractor for $1 million, and that even that program is likely to be short-lived.

They said most iPhone users have more to fear from criminals than from countries, and few crooks can afford anything like what it costs to break into a fully up-to-date iPhone.

(Reporting by Joseph Menn; Editing by Dan Grebler)

source: www.abs-cbnnews.com

FBI's secret method of unlocking iPhone may never reach Apple

WASHINGTON - The FBI may be allowed to withhold information about how it broke into an iPhone belonging to a gunman in the December San Bernardino shootings, despite a U.S. government policy of disclosing technology security flaws discovered by federal agencies.

Under the U.S. vulnerabilities equities process, the government is supposed to err in favor of disclosing security issues so companies can devise fixes to protect data. The policy has exceptions for law enforcement, and there are no hard rules about when and how it must be applied.

Apple Inc has said it would like the government to share how it cracked the iPhone security protections. But the Federal Bureau of Investigation, which has been frustrated by its inability to access data on encrypted phones belonging to criminal suspects, might prefer to keep secret the technique it used to gain access to gunman Syed Farook's phone.

The referee is likely to be a White House group formed during the Obama administration to review computer security flaws discovered by federal agencies and decide whether they should be disclosed.

Experts said government policy on such reviews was not clear-cut, so it was hard to predict whether a review would be required. "There are no hard and fast rules," said White House cybersecurity coordinator Michael Daniel, in a 2014 blog post about the process.

If a review is conducted, many security researchers expect that the White House group will not require the FBI to disclose the vulnerability it exploited.

Some experts said the FBI might be able to avoid a review entirely if, for instance, it got past the phone's encryption using a contractor's proprietary technology.

Explaining the policy in 2014, the Office of the Director of National Security said the government should disclose vulnerabilities “unless there is a clear national security or law enforcement need."

The interagency review process also considers whether others are likely to find the vulnerability. It tends to focus on flaws in major networks and software, rather than individual devices.

During a press call, a senior Justice Department official declined to disclose whether the method used on Farook's phone would work on other phones or would be shared with state and local law enforcement.

Apple declined to comment beyond saying it would like the government to provide information about the technique used.

PROTECTING "CRUCIAL INTELLIGENCE"

The government reorganized the review process roughly two years ago and has not disclosed which agencies regularly participate other than the Department of Homeland Security and at least one intelligence agency. A National Security Council spokesman did not respond to a request for comment about agency participation.

In his April 2014 blog post, White House cybersecurity coordinator Daniel, who chairs the review group, said secrecy was sometimes justified.

“Disclosing a vulnerability can mean that we forego an opportunity to collect crucial intelligence that could thwart a terrorist attack stop the theft of our nation’s intellectual property,” Daniel wrote.

On Tuesday, a senior administration official said the vulnerability review process generally applies to flaws detected by any federal agency.

Paul Rosenzweig, a former deputy assistant secretary at the Department of Homeland Security, said he would be “shocked” if the Apple vulnerability is not considered by the group.

“I can’t imagine that on one of this significance that the FBI, even if it tried to, would succeed in avoiding the review process,” said Rosenzweig, founder of Red Branch Consulting, a homeland security consulting firm.

He predicted the FBI would not be forced to disclose the vulnerability because it appears to require physical possession of a targeted phone and therefore poses minimal threat to Internet security more broadly.

Many security researchers have suggested that the phone's content was probably retrieved after mirroring the device's storage chip to allow data duplication onto other chips, effectively bypassing limitations on the number of passcode guesses.

Kevin Bankston, director of the think tank Open Technology Institute, said there is no public documentation of how the review process has worked in recent years. He said Congress should consider legislation to codify and clarify the rules.

Stewart Baker, former general counsel of the NSA and now a lawyer with Steptoe & Johnson, said the review process could be complicated if the cracking method is considered proprietary by the third party that assisted the FBI.

Several security researchers have pointed to the Israel-based mobile forensics firm Cellebrite as the likely third party that helped the FBI. That company has repeatedly declined comment.

If the FBI is not required to disclose information about the vulnerability, Apple might still have a way to pursue details about the iPhone hack.

The Justice Department has asked a New York court to force Apple to unlock an iPhone related to a drug investigation. If the government continues to pursue that case, the technology company could potentially use legal discovery to force the FBI to reveal what technique it used, a source familiar with the situation told Reuters.

At least one expert thinks a government review could require disclosure. Peter Swire, a professor of law at the Georgia Institute of Technology who served on the presidential intelligence review group that recommended the administration disclose most flaws, said there is “a strong case” for informing Apple about the vulnerability under the announced guidelines.

“The process emphasizes the importance of defense for widely used, commercial software,” he said.

source: www.abs-cbnnews.com

Apple urges US gov't to form panel on encryption issues amid dispute

Apple is not backing down on its stance to protect customers' data.

In a statement posted on its website, the tech giant called on the US government to create a panel on encryption and data privacy issues.

Apple added it would gladly take part on that effort.

The tech giant has been opposing a court order to help the FBI unlock the iPhone used by one of the shooters in the San Bernardino terror attack.

The company wants that demand withdrawn, saying it sets a dangerous precedent that threatens civil liberties and makes the data on all other iPhones vulnerable to hacks and cyberattacks.

Still, Apple's stand does not sit well with the families of the San Bernardino attack victims as they intend to file court papers to support government's position.

-ANC's News Now, February 23, 2016

source: www.abs-cbnnews.com

Apple likely to invoke free-speech rights in encryption fight

NEW YORK/SAN FRANCISCO - Apple Inc. will likely seek to invoke the United States' protections of free speech as one of its key legal arguments in trying to block an order to help unlock the encrypted iPhone of one of the San Bernardino shooters, lawyers with expertise in the subject said this week.

The tech giant and the Obama administration are on track for a major collision over computer security and encryption after a federal magistrate judge in Los Angeles handed down an order on Tuesday requiring Apple to provide specific software and technical assistance to investigators.

Apple Chief Executive Officer Tim Cook called the request from the Federal Bureau of Investigation unprecedented. Other tech giants such as Facebook Inc., Twitter Inc. and Alphabet Inc.'s Google have rallied to support Apple.

Apple has retained two prominent, free-speech lawyers to do battle with the government, according to court papers: Theodore Olson, who won the political-speech case Citizens United v. Federal Election Commission in 2010, and Theodore Boutrous, who frequently represents media organizations.

Government lawyers from the U.S. Justice Department have defended their request in court papers by citing various authorities, such as a 1977 U.S. Supreme Court ruling that upheld an order compelling a telephone company to provide assistance with setting up a device to record telephone numbers.

The high court said then that the All Writs Act, a law from 1789, authorized the order, and the scope of that ruling is expected to be a main target of Apple when it files a response in court by early next week.

But Apple will likely also broaden its challenge to include the First Amendment's guarantee of speech rights, according to lawyers who are not involved in the dispute but who are following it.

Compared with other countries, the United States has a strong guarantee of speech rights even for corporations, and at least one court has ruled that computer code is a form of speech, although that ruling was later voided.

Apple could argue that being required to create and provide specific computer code amounts to unlawful compelled speech, said Riana Pfefferkorn, a cryptography fellow at Stanford University's Center for Internet and Society.

The order against Apple is novel because it compels the company to create a new forensic tool to use, not just turn over information in Apple's possession, Pfefferkorn said. "I think there is a significant First Amendment concern," she said.

A spokesman for the U.S. Attorney's Office in Los Angeles declined to comment on the possible free-speech questions on Thursday.

A speech-rights argument from Apple, though, could be met with skepticism by the courts because computer code has become ubiquitous and underpins much of the U.S. economy.

"That is an argument of enormous breadth," said Stuart Benjamin, a Duke University law professor who writes about the First Amendment. He said Apple would need to show that the computer code conveyed a "substantive message."

In a case brought by a mathematician against U.S. export controls, a three-judge panel of the 9th U.S. Circuit Court of Appeals, which covers California, found in 1999 that the source code behind encryption software is protected speech. The opinion was later withdrawn so the full court could rehear the case, but that rehearing was canceled and the appeal declared moot after the government revised its export controls.

The FBI and prosecutors are seeking Apple's assistance to read the data on an iPhone 5C that had been used by Rizwan Farook, who along with his wife, Tashfeen Malik, carried out the San Bernardino shootings that killed 14 people and wounded 22 others at a holiday party.

U.S. prosecutors were smart to pick the mass shooting as a test case for an encryption fight with tech companies, said Michael Froomkin, a University of Miami law professor. That is because the shooting had a large emotional impact while also demonstrating the danger posed by armed militants, he said.

In addition, the iPhone in dispute was owned not by Farook but by his employer, a local government, which has consented to the search of the iPhone. The federal magistrate who issued the order, Sheri Pym, is also a former federal prosecutor.

"This is one of the worst set of facts possible for Apple. That's why the government picked this case," Froomkin said.

Froomkin added, though, that the fight was enormously important for the company because of the possibility that a new forensic tool could be easily used on other phones and the damage that could be done to Apple's global brand if it cannot withstand government demands on privacy. "All these demands make their phones less attractive to users," he said.

source: www.abs-cbnnews.com