The FBI says it may be able to unlock the San Bernadino shooter’s iPhone without Apple’s help. It’s delayed a court case and could make for some awkward outcomes either way.
In case you’ve missed it, there’s a great explanation of the technological issues behind the case at the Franklin Veaux blog. The short and simplified version is that the encryption on the phone can’t be broken by Apple even if it wanted to. Instead the FBI wants it to modify the iOS software to make it easier to brute force the password without triggering a data wipe after 10 failed attempts.
Arguments were due to start in court today but in a surprise move last night federal prosecutors successfully requested a delay, which was granted until April 5. The request said that over the past weekend the FBI was shown a way to unlock the phone without Apple’s help and without the data wipe, something it had previously argued was impossible. It will now try out the method and report back to the court later.
It’s a surprise move because if this is indeed the case, the government’s arguments in the case are effectively redundant. “There is no alternative” was the entire key to its argument that national security should override Apple’s concerns about undermining the security of its customers.
There’s no mention in the court documents of exactly what the supposed solution is, which has prompted some wonderful speculation of everything from taking the memory chip apart with acid to typing in Up, Up, Down, Down, Left, Right, Left, Right, B, A.
The most common theory is that it involves some form of mirroring technique such as cloning the encrypted data and then restoring it every time 10 failed attempts triggers a wipe.
The BBC’s Dave Lee points out that whatever the solution, if it does prove viable it opens up a new debate. Were the FBI to have evidence that a technique exists for overcoming the iPhone’s security, it would need to decide between following responsible disclosure in telling Apple the details of the technique, or retaining the new-found ability to unlock phones without needing permission.