Federal officials have called on Apple to unlock a phone belonging to a shooter who killed three people last month at the Pensacola Naval Air Station, but the company has refused to do so, saying there’s “no such thing as a backdoor just for the good guys.” But the FBI has managed to unlock iPhones all on its own in the past, so why can’t the agency do it again?
A search warrant obtained by Forbes indicates that investigators were able to use a phone-cracking tool called GrayKey to access information stored on an iPhone 11 Pro Max. An affidavit related to the search warrant and obtained by Forbes showed that the iPhone was locked, which was confirmed to Forbes by the owner’s lawyer. If federal investigators can crack a new iPhone model, then why can’t they crack the iPhone 5 and iPhone 7 belonging to the shooter? So, why the public spectacle demanding that Apple hand over a golden key to bypass security features?
According to a 2018 blog post from anti-malware software company Malwarebytes, the time it takes to crack an iPhone password using the GrayKey device varied, but a six-digit passcode was able to be cracked in as few as three days at the time. Citing documents by the device’s maker Grayshift, Malwarebytes said that disabled iPhones could also be unlocked. But since Apple has issued numerous updates for iOS since 2018, and it’s likely that GrayKey has had to make changes to keep up with new security measures.
The primary question presented by the records obtained by Forbes with respect to the Pensacola shooter’s phones seems to be why, if GrayKey was used recently to unlock a newer iPhone model, it would not be able to unlock an older iPhone. In statements to the press this week, U.S. Attorney General William Barr said “both phones are engineered to make it virtually impossible to unlock them without the password.” But again, the FBI has unlocked iPhones before, as with the case identified by Forbes as well as in the case of the San Bernardino terrorist attack.
One possible answer is both phones are in bad shape. During his statements this week, Barr said that during a shootout, “the shooter disengaged long enough to place one of the phones on the floor and shoot a single round into the device. It also appears the other phone was damaged.” Another is that the phone is set to nuke all data after several failed passcode attempts, though that security wall was able to be bypassed in the instance of San Bernardino (of course, the FBI paid $900,000 to do it).
The other possibility is that the FBI is hoping to set legal precedent in order to be able to use a single incident to pave the way to gain access in future cases, which Apple seems to understand could be a dangerous and slippery slope.
“We have always maintained there is no such thing as a backdoor just for the good guys,” Apple told Gizmodo in a statement this week. “Backdoors can also be exploited by those who threaten our national security and the data security of our customers. Today, law enforcement has access to more data than ever before in history, so Americans do not have to choose between weakening encryption and solving investigations. We feel strongly encryption is vital to protecting our country and our users’ data.”