FBI had no way to access locked iPhone after terror attack, watchdog finds
But the report says that a senior FBI department chief “became frustrated that the case against Apple could no longer go forward” after a technical solution to access the device was found.
Written by Zack Whittaker / Courtesy of ZDNet
The FBI did not have the technical capability to access an iPhone used by one of the terrorists behind the San Bernardino shooting, a Justice Department watchdog has found.
A report by the department’s Office of Inspector General sheds new light on the FBI’s efforts to gain access to the terrorist’s phone.
It lands almost exactly a year after the FBI dropped a legal case against Apple, which had refused a demand by the government to build a backdoor that would’ve bypassed the encryption on the shooter’s iPhone. Apple said at the time that if it was forced to backdoor one of its products, it would “set a dangerous precedent.”
Syed Farook and his wife, Tashfeen Malik, killed 14 people in the southern Californian town in December 2015.
The 11-page report said that the FBI “had no such capability” to access the contents of Farook’s encrypted iPhone, amid concerns that there were conflicting claims about whether the FBI may have had techniques to access the device by the time it had filed a suit against Apple.
Those claims were mentioned in affidavits in the court case, as well as in testimony by former FBI director James Comey.
The watchdog “found no evidence that the FBI had the capability to access data on the iPhone at the time of former FBI Director James Comey’s February and March 2016 congressional testimony or the February 16, 2016 initial court filing requesting involuntary assistance from Apple, Inc. to access the phone,” said the report.
“We therefore determined that neither the Congressional testimony nor the submissions to the Court were inaccurate when made,” said the report.
The FBI later spent about a million dollars on an exploit developed by an outside vendor used to access the phone. The FBI was also allowed to keep secret details about the exploit.
The provider of the hack used to gain access to Farook’s iPhone was not named in the report.
The controversy over the FBI’s lawsuit to compel Apple to build a backdoor in its iPhone was believed by some to be an effort to gain a legal precedent against tech companies that rely on encryption to secure data on devices that they make.
The watchdog’s report widely dismisses this theory, but said there were internal disagreements from two senior FBI department chiefs over the use of the vendor’s exploit.
According to the report, FBI executive assistant director Amy Hess “became concerned” that the department chief of the Cryptographic and Electronic Analysis Unit (CEAU), the division charged with obtaining evidence from electronic devices, did “not seem to want to find a technical solution” that would unlock the shooter’s phone.
The report added that the chief said he may have have known of a solution, “but remained silent in order to pursue his own agenda of obtaining a favorable court ruling against Apple.”
The report found that nobody withheld knowledge of an existing technical capability, as Hess had feared, but the watchdog found that the CEAU didn’t pursue all possible avenues in the search for a solution.
Once the vendor’s exploit was found to work, the FBI was forced to drop the legal case against Apple — a day before the tech giant was set to go head to head against the government in court.
Another department chief, who heads up the Remote Operations Unit (ROU), the FBI division thought to be charged with hacking operations, said that the CEAU chief was “definitely not happy” that the legal proceeding against Apple could no longer go forward.
From the report:
“The CEAU Chief told the OIG that, after the outside vendor came forward, he became frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU Chief. He acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, “Why did you do that for?”
The watchdog also found that the CEAU department’s outreach efforts to seek out an technical solution to access the shooter’s iPhone was broad enough to elicit responses.
According to the FBI’s response to the OIG report, the problems were addressed “through a change in leadership for the units involved,” suggesting the department chiefs are no longer in their position.
The agency is also preparing for a larger reorganization, the report said.
The FBI did not immediately return a request for comment. If that changes, we’ll update.
Read the original article over at ZDNet.com.