The FBI maintains that it can't access San Bernardino shooter Syed Farook's iPhone 5c without Apple breaching its own security protocols, which the company has resisted. People familiar with Apple software and encryption keys say that the FBI actually already knows exactly how to get into the phone.
Now Edward Snowden, the whistleblower who revealed the extent of the National Security Agency's mass surveillance program, has joined the debate — and (surprise, surprise) he's not buying the FBI's line.
"The FBI says Apple has the 'exclusive technical means' to unlock the phone," Snowden said in a video call from Moscow, where he has been living after fleeing the US, during the Common Cause Blueprint for a Great Democracy conference.
"Respectfully," he added, "that's bullshit."
In February, the FBI's legal team convinced a federal judge that Apple would need to produce a piece of code to bypass its own security standards and the phone's auto-erase function. The auto-erase function is an Apple feature designed to protect a customer's data and privacy — an iPhone is automatically wiped clean following 10 failed passcode attempts. Judge Sheri Pym said the Silicon Valley giant would need to provide "reasonable technical assistance" to the FBI in the investigation of Farook, which includes overwriting the auto-erase function.
Farook and his wife, Tashfeen Malik, killed 14 people in an act of terrorism at a holiday gathering in Southern California in December. The two shooters were killed by police in the aftermath.
Apple is fighting the order, citing concerns about the precedent that this would set in future cases in the United States and elsewhere. The FBI responded by slamming Apple's lack of cooperation as a cheap marketing ploy.
Snowden referred to a blog post on the American Civil Liberties Union website to support his view. The post, written by Daniel Kahn Gillmor, a technology fellow at the ACLU, says: "The truth is that even if this feature is enabled on the device in question, the FBI doesn't need to worry about it, because they can already bypass it by backing up part of the phone (called the 'Effaceable Storage') before attempting to guess the passcode."
He explains that the auto-erase function doesn't actually wipe the phone of its content. Instead, it deletes the "file system key" that is kept in the iPhone's effaceable storage, which is basically a flash memory file.
"The FBI wants us to think that this case is about a single phone, used by a terrorist," Gillmor writes. "But it's a power grab: law enforcement has dozens of other cases where they would love to be able to compel software and hardware providers to build, provide and vouch for deliberately weakened code."
Meanwhile, it looks like the relationship between the FBI and the NSA — two intelligence agencies that are meant to operate mostly independent from one another — has gotten a lot cozier without anyone noticing.
FBI privacy and surveillance rules are subject to reevaluation and certification each year. In 2014, according to an annual report published by the Privacy and Civil Liberties Oversight Group (PLCOB), the FBI was, very quietly, given direct and mostly unlimited access to NSA files containing enormous collections of metadata — international emails, texts and phone calls — many of which had an American citizen on one end of the phone or computer. The watchdog group was established by President Barack Obama in the aftermath of the Snowden leaks to assuage public concern about mass surveillance.
US officials confirmed this to the Guardian this week. Those rules reportedly meant FBI officials were at liberty to scroll through the data for "routine" queries that have nothing to do with national security, and did not require authorities to disclose or make a record of who and what they were searching. Because identifiable information in the NSA data set isn't redacted, the FBI effectively had access to information that it would otherwise have needed sa a warrant for.
The PCLOB annual report has repeatedly expressed concerns over the FBI's apparently unlimited access to American's private communications. In the latest report, the PLCOB noted that some of that power had been reined in in response to concerns about "many" FBI agents who had access to NSA data.
In the most recent PCLOB report, the secret court that governs surveillance had reportedly submitted "revised FBI minimization procedures" in response to the watchdog's concerns.
"Changes have been implemented based on PCLOB recommendations, but we cannot comment further due to classification," Christopher Allen, a spokesman for the FBI, told the Guardian.
Details of the changes made to FBI access of NSA information haven't been released. Timothy Barrett, a spokesman for the office of the director of national intelligence, said the changes will be released eventually but said they couldn't provide a date just yet.