FBI needs two-week test in bid to unlock killer's iPhone
Published 23/03/2016 | 03:36
It will take at least two weeks to know whether an alternative method will unlock an encrypted iPhone used by one of the San Bernardino terror attackers, the FBI has said, adding that investigators think they have "a good shot".
US government officials were asked to file a status report in court about the method by April 5 because that is how long they think it will take to know if it will unlock the phone without compromising the data it contains, said David Bowdich, an assistant FBI director in charge of the agency's Los Angeles office.
At the government's request, a judge cancelled a court hearing in the matter that had been set for Tuesday.
The government was "very ready" to try to force Apple to help unlock the phone when a third party emerged with another method on Sunday, Mr Bowdich said.
"For us to seek a continuance, we felt it was a good shot," he said. "I'll leave it there because we just don't know."
Fourteen people were killed in the December 2 San Bernardino attack by Syed Farook and his wife Tashfeen Malik. The couple were later killed in a gun battle with police.
Prosecutors say the phone used by Farook probably contains evidence of the attack in which the county food inspector and his wife murdered people at a holiday lunch attended by many of his work colleagues.
The FBI has said the couple was inspired by the Islamic State group. Investigators are still trying to piece together what happened and find out if there were collaborators.
The publicity around the iPhone case generated a number of proposed solutions, but none was deemed potentially usable until Sunday's demonstration, according to two law enforcement officials close to the case.
The unexpected new method is going to be tested on other phones before it is perfected - to avoid deleting the data on the target device, one of the officials said.
One said FBI director James Comey gave evidence in good faith about the FBI exhausting options to get into the iPhone, but investigators had not canvassed every possible option that could exist because of the urgency factor in terrorism investigations.
The longer the government waited, the more its arguments of urgency would be negated.
Speculation about the source of the new method has centered on a little-known but thriving industry of computer forensics in which firms work with the FBI and other police agencies around the world.
While it could be an independent hacker, several experts said the proposed solution most likely came from one of those firms, possibly one that already works for the government.
"The FBI contracts out a lot of work, like every other government agency, and a lot of stuff gets shipped off to data-recovery contractors," said Jonathan Zdziarski, an independent iPhone forensics researcher.
He said the most straightforward possibility is that the FBI described the problem to a variety of contractors and one of them came forward with a proposed solution.
Other experts mentioned an Israeli company, Cellebrite, a leader among several firms selling smartphone forensics services and software tools to US police agencies.
The programmes can extract data from iPhones running older versions of Apple's operating system, but they have been stymied by the latest version, known as iOS 9 - the version running on the San Bernardino iPhone.
Cellebrite has not announced any new product that works with iOS 9, but it is probably working on developing one, said Darren Hayes, a computer scientist and cybersecurity expert at Pace University in New York.
Cellebrite representatives couldn't be reached for comment Tuesday. The company did not respond to an email and phone message left at its U.S. offices in New Jersey.