Apple ordered to unlock San Bernardino gunman's phone

  • Published
Syed Rizwan Farook is seen in his California Department of Motor Vehicles photoImage source, AP
Image caption,

Syed Rizwan Farook is seen in his California Department of Motor Vehicles photo

Apple has been ordered to help FBI investigators access data on a phone used by San Bernardino gunman Syed Rizwan Farook.

Farook and his wife killed 14 people in the California city last December before police fatally shot them.

A court order demands Apple help circumvent security software on Farook's iPhone, which the FBI said contains crucial information.

The BBC understands Apple will contest the order.

Since a software update released in September 2014, data on Apple devices - such as text messages and photographs - have been encrypted by default.

It means if a device is locked, only the passcode can be used to access the data. If 10 incorrect attempts at the code are made, the device will automatically erase all of its data.

No-one, not even Apple, is able to access the data - a move the company, like several other tech firms in Silicon Valley, made following the Edward Snowden revelations into government surveillance.

Brute force

The FBI has asked Apple to do two things.

First, it wants the company to alter Farook's iPhone so that investigators can make unlimited attempts at the passcode without the risk of erasing the data.

Secondly, they want Apple to help implement a way to rapidly try different passcode combinations, to save tapping in each one manually.

Farook is understood to have used a four-digit passcode, meaning there are 10,000 possible combinations.

The FBI wants to use what is known as a "brute force" attack: literally trying out every combination until stumbling across the correct one and unlocking the phone.

Apple has yet to respond publicly to the order.

However, a source close to the proceedings told the BBC that Apple will likely contest the demand.

In the past, the company has fought strongly against calls to access users' personal data, saying it would jeopardise the trust it has with its customers.

On its website, Apple says: "For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user's passcode, which Apple does not possess."

This latest order is unique in that it acknowledges Apple cannot access the data. Instead, it asks the company to make it possible for police to take a trial-and-error approach.

Other smartphones, including those powered by Google Android, also implement similar encryption technology on their devices.

Follow Dave Lee on Twitter @DaveLeeBBC, external and on Facebook, external