Government and law enforcement officials may soon reignite the debate over encryption after the FBI today revealed that the dead suspect in Sunday’s Texas church shooting was using an encrypted cellphone.

FBI special agent Christopher Comb did not reveal what type of phone alleged shooter Devin Kelley was using, only that it was sent to the FBI research center in Quantico, Va.

“Unfortunately at this point in time, we are unable to get into that phone,” Comb said. “So it actually highlights an issue that you’ve all heard about before, with the advance of the technology and the phones and the encryption, law enforcement whether it’s at the state, local or federal level is increasingly not able to get into these phones.”

In early 2016, a federal magistrate ordered Apple to help the FBI break into the San Bernardino terrorist’s iPhone 5C, which was locked with a four-digit passcode that would be automatically wiped after 10 incorrect guesses.

Apple CEO Tim Cook stood nose-to-nose with the government for close to two months, before the FBI found a still-unnamed third party to access the device. It’s unknown whether the FBI and its mysterious outside party was able to exploit a vulnerability on the device, or use a hardware hack to access the shooter’s protected data.

The iPhone in question was Syed Farook’s work-issued device; two other personal phones owned by Farook and his wife had already been destroyed, police said. The issue raised a weeks-long debate over the legal precedent this would set in compelling a private company to build a backdoor into its product. The original court order mandated that Apple assist the FBI in unlocking the phone. To do so, Apple would have to build new firmware that would bypass security on the phone that protects against brute-force attacks against the passcode.

Apple pushed back, stating along with the backing of dozens of experts that cryptographically weakening the security of the iPhone would put all of its users at risk. Apple devices are encrypted once the user sets a passcode and the key resides with the user on the device and Apple says that key is never in its possession.

Even though the FBI found a way onto Farook’s phone, it publicly lobbied hard for some sort of mechanism that would allow the government and law enforcement onto locked devices. Former FBI director James Comey, fired earlier this year by President Donald Trump, said in March during a talk at Boston College the growth and mainstream adoption of encrypted apps such as Signal and WhatsApp impedes law enforcement investigation and maims the intended power of judicial warrants that allow officials to seize devices related to investigations.

Current FBI director Christopher Wrap said two weeks ago that the FBI has 7,000 encrypted mobile devices in its possession that it cannot unlock, calling it a “huge, huge problem.”

Comb said that the FBI will continue to work on unlocking the shooter’s device.

“We’re going to keep working on that phone and the other digital media we have, and we’re going to turn that over to the [Texas] rangers,” Comb said.

Categories: Cryptography, Government, Mobile Security

Comments (9)

  1. Martin
    4

    I’m sure encryption of phones is a much more serious problems than the availability of firearms. Let’s forbid encryption but continue selling guns and bullets.

    Reply
  2. John Bison
    8

    But the funny thing is that iPhone security used to be relatively weak, was not NIST compliant. They would decrypt for law enforcement for $900. No problem. But then, iPhone got better, became NIST compliant, and now cannot be easily compromised by Apple or anyone. The punchline is that Apple improved their security specifically to be able to sell iPhones to a big federal customer, yup, the FBI who replaced their Blackberry phones with iPhones!

    Reply
  3. Ed
    9

    The underlying assumption in all of this is that there’s something on the phone that’s material to solving a crime. What exactly are the questions being asked, and why does the government believe that the answers are on the phone? Is there no other way to get the answers? Do we have any assurance that decrypting the phone isn’t just to allow an FBI fishing expedition? So, far the only justification the FBI seems to be able to provide for allowing backdoor access is: “trust us, we’re from the government and we’re here to help”.

    Reply

Leave A Reply to Jon Doe Cancel Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>