• Apple ID linked to terrorist's iPhone 5c changed while device was in government hands

    In response to a Department of Justice motion to compel Apple's cooperation in the unlocking of an iPhone 5c used by one of the San Bernardino terrorists, company executives on Friday revealed the Apple ID passcode linked to that device was changed while the handset was in government hands, effectively blocking attempts to retrieve an iCloud backup.

    The Apple ID used to sync Syed Ryzwan Farook's iPhone 5c with Apple's iCloud was modified less than 24 hours after the device was impounded by the government, BuzzFeed News reports. Apple says the San Bernardino County Department of Public Health, the phone's owner and Farook's former employer, changed the account passcode.

    If the passcode was not changed, FBI officials might have been able to procure a backup of the data it is currently attempting to suss out of the phone itself, the company said. The most recent backup was logged six weeks prior to the San Bernardino attack. It is not known whether Farook intentionally shut off iCloud backups or simply ran out of storage space.

    Further, Apple has been conducting "regular" discussions with government entities since early January regarding methods by which data from Farook's iPhone 5c may be recovered. According to the report, Apple proposed four different options for data recovery, none of which involved building a software backdoor into iOS.

    Apple first discovered that the passcode had been changed in attempting one of the suggested workarounds. The method, seemingly involving the offloading of a backup to iCloud before recovering it from Apple's servers, leveraged an iPhone convenience feature in which the device automatically connects to a known Wi-Fi network. Apple engineers were unable to complete the process due to the updated Apple ID passcode.

    The implications of this new development could damage the government's case. The DOJ on Friday filed a motion to force Apple's compliance in aiding the FBI's data extraction efforts, a task that now requires the creation of a software backdoor.

    Apple does comply with valid law enforcement data requests, and has in the past handed over information related to criminal investigations gleaned from its servers. The DOJ itself notes prior cooperation in its Friday motion to compel. The company has not, however, been asked to create a forensics tool that would ostensibly break iOS encryption.

    The sticky situation could have been avoided if the associated Apple ID passcode was not changed, Apple says.

    Apple says the government opened the door to public scrutiny when it filed its motion to compel. The company proposed the FBI officials keep its requests sealed, but the agency decided to seek a court order demanding Apple's cooperation.

    Update: Apple executives confirmed San Bernardino county officials changed the passcode. This article has been updated to reflect the new information.

    Original Source
    This article was originally published in forum thread: Apple ID linked to terrorist's iPhone 5c changed while device was in government hands started by Caiden Spencer View original post
    Comments 4 Comments
    1. iBwizzle's Avatar
      iBwizzle -
      Quote Originally Posted by iBwizzle View Post
      Call me a conspirator but you want to know why they want you to have a lock on your phone so only you can open it and the government can't?

      They want you to feel that you're the only one who has the key to it so when they hack it through wifi and put evidence related to a crime (terrorism, rape, w.e.) then there is no way for you to say that someone set you up. Only you can open it, remember?

      They don't need to open it through your password. They already have the power to hack it and replace the data on your phone without you even knowing. The trick is to make you think that you are in control and feel safe enough to store your information on apple and android products. Not all government agencies can do this, but the ones that really run **** have the power.

      They stopped making phones you can take the battery out of so that they can trace you and access your phone even when your phone is off. They can control it and push data into it and change your **** without you even needing to unlock it.
      I guess I was wrong!
    1. szr's Avatar
      szr -
      Evidently someone else had access to the account and changed the password. But how exactly did the DoJ/FBI/etc know what it was originally or that it had changed? Passwords aren't usually stored in plain text, but in hashed form, so they can't be read back straight up [1] so even if Apple wanted to they couldn't just instantly or readily retrieve it.

      What exactly is stopping them from getting it again the same way they apparently did the first time? Or what is preventing Apple from simply resetting the password on the account? Seems that there has to be something more going on than just a changed password.

      Typically one would have to try every possible password until one with a matching hash string is found, which can take a very long time barring stupid password restrictions.
    1. King_O_Hill's Avatar
      King_O_Hill -
      Why isn't the FBI forcing the person that changed the password to give them the new password? Sounds to me like the password is not really what they are after. If you believe that they would only use it for this one phone, then I got a bridge I can sell you!
    1. Purple Minion's Avatar
      Purple Minion -
      The same idiots who changed the password are the ones we are all supposed to trust with top secret state-of-the-art decryption technology? I think not.
  • Connect With Us

  • Twitter Box

  • Facebook