There has been a lot of talk lately about Apple vs the FBI in regards to the iPhone of one of the suspects in the San Bernardino shooting. It’s a complicated matter of the national security vs personal privacy and thanks to the suggestion of a reader in the comments on a previous video, I think maybe I can help explain the situation a bit better so you can decide for yourself what you think of it all.
Background on San Bernardino Case
First a little background, a radical couple shot and killed 14 people and seriously injured 22 others in a terrorist attack at a San Bernardino County Department of Public Health training event and holiday party on Dec 2nd of last year. The couple fled the scene after and were eventually killed in a shootout with police.
In order to find out more about the shooters and their contacts, the FBI attempted to get into an iPhone 5C that was used by one of the shooters. Now, thanks to the phone technically being owned by San Bernardino county (since it was a work issued phone) they were able to reset the iCloud password which gave them access to previous iCloud backups of the phones data —which can be easily unpacked and the data inside like contacts, texts, etc. can be retrieved.
The Issue At Hand
The issue is that the backup they managed to get was apparently too old and in order to get a newer set of data they need to get the pin code for the phone and actually be able to use the phone.
On February 9th of this year, the FBI announced that they were unable to unlock the iPhone and asked for Apple’s help.
By ask, I mean demand, of course. The big issue that came about was what they asked for.
The FBI asked for, and got mandated by a federal judge, that Apple create a new version of iOS that removed the limit of pin code attempts on the device. At the moment, if you enter your pin code in wrong a certain number of attempts the device will erase it’s data, which for the FBI to use the data, would be bad. The mandate would remove this limit which would allow the FBI to brute force attack the phone with random pin combos until it finally got through.
Apple released their own response saying they wouldn’t do it and it would affect millions of user’s security which I just explained why and other complaints about the government’s overreaching etc. and that they are prepared to take this to the supreme court to settle it.
Wasn’t Always This Way
Now the interesting thing is that Apple and Google used to get requests from the government for login information and comply without issue, it wasn’t until Android L and iOS 8 that they both decided, around the same time in fact, to encrypt the data on the phone by default and to keep the keys for decryption on the device itself instead of on their servers essentially blocking even themselves from getting into phones. Now, one can imagine that they were getting a lot of these requests from law enforcement agencies before this change and whether or not this move was a way of protecting users or just eliminating being inundated with requests –who knows.
People that are proponents of Apple’s side essentially say that the government has no right to tell them to change their product to suit their needs and since programming code is considered a form of speech ever since a case in 1996 where a judge ruled code the same as any other language like French or German, asking them to change it would be the equivalent of having someone change what they say and violate their 1st amendment.
The FBI’s Argument
The proponent’s of the FBI ask how this is any different than asking a landlord for a key to a suspect’s apartment. Search and seizure is a normal part of the judiciary process and so long as a warrant is present a company should do what it can to help.
Lastly, I think it’s probably important to note since no one else is mentioning this fact, that companies exist called digital forensics companies that have always helped law enforcement agencies break into phones and computers using various methods and charging a hefty price tag. One such method called Jtag attempts to grab information directly from the device’s memory bypassing the OS altogether. Now whether or not there are other methods available to get the information affects this case, I’m not sure, but figured it was important to know that they do exist.
So there you go, a quick summation of what this whole debacle is all about. What do you guys think? Let me know in the comments below!