FBI is cracking an iPhone in an Arkansas murder case

Other federal agencies in 22 states are seeking vendors’ help to break encryption

Now that it has found a way to do so for its own purposes in a California terrorism case, the FBI is helping Arkansas prosecutors break into an iPhone and iPad.

This time it’s to look for evidence in a murder trial, and it’s without asking Apple for help to crack the iOS devices. Instead prosecutors in Faulkner County, Ark., asked the FBI to take a shot at it, given its recent success breaking into the phone used by a terrorist in San Bernardino, Calif., according to the Associated Press.

The FBI is also helping break into an iPod related to the case, the AP says.

Unlike the California terrorism case, helping out in the murder prosecution doesn’t involve a court order requiring Apple to write software that disarms the iPhone’s anti-brute-force software. That order was being challenged by Apple when the FBI found a third party to crack the phone.

If the order had been upheld, it would have cleared the way for the FBI and other law enforcement to seek similar court orders against other security vendors. It would legitimize the government forcing makers of encryption products to break their security, even if it meant they had to create new technology to do so.

+ ALSO ON NETWORK WORLD FBI, Apple battle may leave lasting legacy +

It remains a possibility that law enforcement agencies will seek such power in other cases, mostly having to do with drug crimes, according to a study by the American Civil Liberties Union. Such requests are pending in 63 cases across 22 states involving either Apple or Google. There’s an interactive map here.

And it’s not just the FBI seeking the power. The ACLU list of cases includes filings from the Secret Service, Drug Enforcement Administration, Bureau of Alcohol, Tobacco and Firearms, Department of Homeland Security, Department of Homeland Security Investigations, the Bureau of Land Management and the Air Force Office of Special Investigations.

They all hope to invoke the All Writs Act in a way it has never been used before. If they are successful, it would put vendors of encryption tools in the position of having to break into their own products. As a result, their products would be less secure because they would be known to contain intentional vulnerabilities that hackers would try to discover and exploit.

Meanwhile, it’s unlikely that the FBI will ever disclose exactly how the San Bernardino iPhone was broken into, says John Pironti, president of IP Architects. Rather it is likely the FBI will want to keep the method secret as long as possible so it can continue breaking into suspect devices without invoking the help of the companies that make them, he says.

If evidence from the phones ever get to court, the FBI would have to disclose how they did it to demonstrate that the method was forensically sound, Pironti says. But that testimony would be done with the public excluded from the courtroom and the testimony put under seal, as he has seen in other cases involving evidence elicited from hacked devices.

Pironti says device makers will continue to fight the court orders because having to comply would put them at a disadvantage against competitors in other countries that have no such restrictions.

Join the CSO newsletter!

Error: Please check your email address.

Tags Apple

More about AppleFBIGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts