Here we go again: another mass shooting, another killer’s iPhone that police can’t get into, and potentially another legal battle over Apple’s encryption.
Earlier in the month, the FBI announced it couldn’t break into the iPhone of Devin Patrick Kelley, the shooter in the mass murder of 26 people in a church in Sutherland Springs, Texas.
Now, court records seen by the San Antonio Express-News show that two days after the FBI’s announcement – and its bemoaning of the way Apple’s encryption hampers law enforcement – a Texas Ranger obtained search warrants for data belonging to the Sutherland Springs killer.
One warrant, issued on 9 November, is for files stored on an iPhone SE found near Kelley’s body and on a second LG phone. Another warrant seeks files stored in Kelley’s iCloud account – specifically, phone call and message information, photos and videos, and other data dating back to 1 January 2016. The warrants are also seeking social media passwords, contacts, and other data.
Apple’s policies allow it to share iCloud data with law enforcement if they secure a proper warrant. But whether there’s anything useful in Kelley’s iCloud account depends on how frequently he created backups. That makes the phones themselves receptacles of a potentially fuller, more up to date stash of evidence than that on the killer’s iCloud account.
The iPhone SE has a fingerprint sensor. Police could have used the dead killer’s fingertips to log into the device, but they missed the window of time to do so: after several hours without a login, the phone requires a passcode.
Apple has declined to comment on the ongoing investigation, including the question of whether the company has complied with the warrant and handed over Kelley’s iCloud data. As of Monday afternoon, somebody familiar with the matter told The Verge that Apple had received the warrant for the iCloud data, but not the phone data.
Days after the FBI’s announcement that it couldn’t get into Kelley’s phone, Deputy US Attorney General Rod Rosenstein was once again calling for what he’s dubbed “responsible encryption”. That, unfortunately, is the non-existent kind that can be defeated only by good guys – as in, any law enforcement agency bearing a warrant – but is somehow magically resistant to bad guys.
As encryption experts have noted at least since the San Bernardino mass killings and ensuing legal tussle over encryption, that’s not a thing. If you can defeat encryption, hackers will figure out how, and all devices will thus be rendered vulnerable.
As Naked Security’s Taylor Armerding notes, that 2016 FBI vs. Apple court battle over government access to encrypted devices never settled the issue. It was simply put on hold when the issue was made moot by the FBI hiring a company that managed to break into the iPhone of the killer.
If the FBI can get a contractor to break Apple encryption on its behalf, why is breaking its encryption still an issue?
Because doing so is quite pricey, for one thing: the FBI paid the Israeli mobile forensics firm Cellebrite about $900,000 to unlock a single phone (though the Bureau never confirmed who did the job). That price was confirmed by remarks made by Senator Dianne Feinstein during an open hearing with then-FBI director James Comey in May.
For another thing, the iPhone-breaking technology only works on a “narrow slice of phones,” according to what Comey said at that hearing. The process, or tool, or whatever it is, doesn’t work on an iPhone 5s or later. It was narrowly tailored to only work on an iPhone 5C operating on iOS 9, according to Comey.
koinakasan
Too many emails from naked security and it is very irritating to see the “subscribe” etc when you already are. Also some of these articals, while they are informative and interesting are overly long. There is too much self-loathing, something which is spreading disease like everywhere.Please be consice and cut the “crap”!
Paul Ducklin
Well, our newsletter comes out once a day, covering all the stories published that day. The newsletter has worked that way for years – indeed, its very purpose is to appear once a day. If that’s suddenly “too many emails” for you then may I humbly suggest that it is you who has changed, and not us? Why not simply unsubscribe?
As for seeing the subscribe box even though you’ve already subscribed – I hear you. It happens to me, too, because have my browser set to clear cookies on exit – it’s by means of a cookie that we turn that box off. There’s isn’t really any other way to do it and still make it easy to subscribe. If I were King I’d make the subscribe box smaller, but [a] I am not and [b] when we had a tiny subscribe box, readers used to ask us why it was so jolly hard to find. I have simply got into the habit of clicking “don’t show this again” once a day :-)
Finally – I simply don’t understand your “self-loathing” remark. It just doesn’t make sense to me – if anything, I would like to think that Naked Security generally has a positive and upbeat attitude to security, which is why we almost always add a “What to do?” section to our articles, by way of helping you actually do something so you can have fun with your computer in a safer environment. I also re-read and re-re-read this specific article looking for the self-loathing that you chose to mention here – and I couldn’t find any. What do other readers think? Do we *really* give the impression of hating ourselves?
maggotification
For me, the articles are neither too long, nor too “self-loathing”. Keep up the good work!
Paul Ducklin
Curious about those downvotes you received so quickly, considering you clearly expressed a personal opinion in a perfectly polite way, but…
…thanks for your kind words. We appreciate them.
Bernard
I like your aticles. Keep it as it is please.!!!!!
@koinakasan => I don’t remember anyone putting gun to my head and forcing me to subscribe. Probably, like myself, you subscribed all by yourself – you don’t like it -hit unsubscribe and stop whining.