Apple must help decrypt attacker’s iPhone with special firmware
A California judge has ordered Apple to cooperate in unlocking and decrypting an iPhone 5c. It belongs to the man who killed 14 people in a shooting in San Bernardino in December.
The smartphone is encrypted and the FBI has so far been unable to access the data on the device, Ars Technica said. That’s why a California federal judge has ordered Apple to develop a special firmware, called an ipsw file, that allows access to the device. The command specifically states that the auto-erase function should be disabled, if enabled. In addition, the firmware must make it possible to send passcodes to the iPhone via an external port, whereby no additional delay may be built in.
For the order, the judge uses a law from the 18th century, which makes it possible by means of a ‘write’ to oblige a company or person to perform a certain performance. According to Ars Technica, this law has been used more often against smartphone makers, including Apple. However, it would be the first time that a company has been instructed under this law to develop special software to assist investigative officers. An American professor tells Ars Technica that this order could have major consequences, he wonders whether the government could also instruct Facebook to predict criminal behavior of its users, for example.
Apple announced in 2014 that it would no longer be able to bypass passcodes from iPhones and iPads running iOS 8 or later. As a result, the company would no longer be able to help investigative services with unlocking such devices. This attitude is under pressure from the current court order and other US lawsuits. The debate about the mandatory installation of backdoors in encryption is still in full swing in the US, for example, a bill was introduced last week that should prevent backdoors in encryption from being legally required.
Apple has announced in an open letter to its customers that it will challenge the judge’s decision. In the letter, the company states that this sets a “dangerous precedent” when a technology company is forced by the government to actually provide a “master key” for all its devices.