A year after San Bernardino attack, investigators still seek answers

Law enforcement looking over evidence

By Alex Dobuzinskis

LOS ANGELES (Reuters) – One year after two Islamic militants shot dead 14 people in a massacre in Southern California, FBI investigators are still seeking to answer key questions such as the location of the married couple’s computer hard drive and whether anyone helped them, an official said.

Syed Rizwan Farook, 28, and his wife, Tashfeen Malik, 29, opened fire on Dec. 2 during a party and training session for San Bernardino County employees, who were co-workers of Farook, injuring 22 people in addition to the 14 killed.

It was one of the deadliest attacks by militants in the United States since the Sept. 11, 2001, hijacked plane attacks.

Authorities have said that U.S.-born Farook and Malik, a native of Pakistan who lived most of her life in Saudi Arabia, were inspired by Islamic extremism. The couple, who were parents of a 6-month-old daughter, both died in a shootout with police four hours after the massacre.

The Federal Bureau of Investigation is still seeking to determine if anyone assisted the couple, such as in financing the attack or helping to plan for it, FBI spokeswoman Laura Eimiller said.

“While we have not charged anyone with providing support to Farook and Malik, we certainly will continue to investigate to determine if they were supported in any way,” she said in a telephone interview.

To that end, the FBI is still hoping to find the hard drive from the couple’s computer, Eimiller said.

A search by FBI divers in the weeks after the attack of a small lake at a park where Farook and Malik stopped in the hours after the shooting failed to turn up the hard drive.

In addition, the FBI still has an 18-minute gap in accounting for the whereabouts of Farook and Malik in the hours they spent driving around San Bernardino in a sport utility vehicle after the attack at the city’s Inland Regional Center.

The couple left three pipe bombs at the center, in an apparent attempt to harm emergency workers caring for the wounded, according to authorities. The couple approached the center after the attack and might have been trying to detonate one of the devices remotely, Eimiller said.

Several public events are scheduled for Friday in San Bernardino to mark the one-year anniversary of the attack.

Elected officials and emergency responders who handled the attack will attend a ceremony at a San Bernardino blood bank on Friday morning. In the evening, another event is expected to draw at least 2,000 participants to an arena in the city.

(Editing by Leslie Adler)

FBI paid more than $1.3 million to break into San Bernardino iPhone

Apple Logo

By Julia Edwards

WASHINGTON (Reuters) – Federal Bureau of Investigation Director James Comey said on Thursday the agency paid more to get into the iPhone of one of the San Bernardino shooters than he will make in the remaining seven years and four months he has in his job.

According to figures from the FBI and the U.S. Office of Management and Budget, Comey’s annual salary as of January 2015 was $183,300. Without a raise or bonus, Comey will make $1.34 million over the remainder of his job.

That suggests the FBI paid the largest ever publicized fee for a hacking job, easily surpassing the $1 million paid by U.S. information security company Zerodium to break into phones.

Speaking at the Aspen Security Forum in London, Comey was asked by a moderator how much the FBI paid for the software that eventually broke into the iPhone.

“A lot. More than I will make in the remainder of this job, which is seven years and four months for sure,” Comey said. “But it was, in my view, worth it.”

The Justice Department said in March it had unlocked the San Bernardino shooter’s iPhone with the help of an unidentified third party and dropped its case against Apple Inc <AAPL.O>, ending a high-stakes legal clash but leaving the broader fight over encryption unresolved.

Comey said the FBI will be able to use software used on the San Bernardino phone on other 5C iPhones running IOS 9 software.

There are about 16 million 5C iPhones in use in the United States, according to estimates from research firm IHS Technology. Eighty-four percent of iOS devices overall are running iOS 9 software, according to Apple.

The FBI gained access to the iPhone used by Rizwan Farook, one of the shooters who killed 14 people in San Bernardino, California on Dec. 2.

The case raised the debate over whether technology companies’ encryption technologies protect privacy or endanger the public by blocking law enforcement access to information.

(Reporting by Julia Edwards in Washington; additional reporting by Julia Love in San Francisco; Editing by Simon Cameron-Moore)

U.S. says it may not need Apple to open San Bernardino iPhone

(Reuters) – U.S. prosecutors said Monday that a “third party” had presented a possible method for opening an encrypted iPhone used by one of the San Bernardino shooters, a development that could bring an abrupt end to the high-stakes legal showdown between the government and Apple Inc.

A federal judge in Riverside, California, late Monday agreed to the government’s request to postpone a hearing scheduled for Tuesday so that the FBI could try the newly discovered technique. The Justice Department said it would update the court on April 5.

The government had insisted until Monday that it had no way to access the phone used by Rizwan Farook, one of the two killers in the December massacre in San Bernardino, California, except to force Apple to write new software that would disable the password protection.

The Justice Department last month obtained a court order directing Apple to create that software, but Apple has fought back, arguing that the order is an overreach by the government and would undermine computer security for everyone.

The announcement on Monday that an unnamed third party had presented a way of breaking into the phone on Sunday – just two days before the hearing and after weeks of heated back-and-forth in court filings – drew skepticism from many in the tech community who have insisted that there were other ways to get into the phone.

“From a purely technical perspective, one of the most fragile parts of the government’s case is the claim that Apple’s help is required to unlock the phone,” said Matt Blaze, a professor and computer security expert at the University of Pennsylvania. “Many in the technical community have been skeptical that this is true, especially given the government’s considerable resources.”

Former prosecutors and lawyers supporting Apple said the move suggested that the Justice Department feared it would lose the legal battle, or at minimum would be forced to admit that it had not tried every other way to get into the phone.

In a statement, the Justice Department said its only interest has always been gaining access to the information on the phone and that it had continued to explore alternatives even as litigation began. It offered no details on the new technique except that it came from a non-governmental third party, but said it was “cautiously optimistic” it would work.

“That is why we asked the court to give us some time to explore this option,” a spokeswoman for the Justice Department, Melanie R. Newman, said. “If this solution works, it will allow us to search the phone and continue our investigation into the terrorist attack that killed 14 people and wounded 22 people.”

It would also likely end the case without a legal showdown that many had expected to reach the U.S. Supreme Court.

An Apple executive told reporters on a press call that the company knew nothing about the Justice Department’s possible method for getting into the phone, and that the government never gave any indication that it was continuing to search for such solutions.

The executive characterized the Justice Department’s admission Monday that it never stopped pursuing ways to open the phone as a sharp contrast with its insistence in court filings that only Apple possessed the means to do so.

Nate Cardozo, staff attorney at the Electronic Frontier Foundation, a civil liberties group backing Apple, said the San Bernardino case was the “hand-chosen test case” for the government to establish its authority to access electronic information by whatever means necessary.

In that context, he said, the last-minute discovery of a possible solution and the cancellation of the hearing is “suspicious,” and suggests the government might be worried about losing and setting a bad precedent.

But George Washington University law professor Orin Kerr, a former Justice Department computer crime prosecutor, said the government was likely only postponing the fight.

“The problem is not going away, it’s just been delayed for a year or two,” he said.

Apple said that if the government was successful in getting into the phone, which might involve taking advantage of previously undiscovered vulnerabilities, it hoped officials would share information on how they did so. But if the government drops the case it would be under no obligation to provide information to Apple.

In opposing the court order, Apple’s chief executive, Tim Cook, and his allies have argued that it would be unprecedented to force a company to develop a new product to assist a government investigation, and that other law enforcement agencies around the world would rapidly demand similar services.

Law enforcement officials, led by Federal Bureau of Investigation Director James Comey, have countered that access to phones and other devices is crucial for intelligence work and criminal investigations.

The government and the tech industry have clashed for years over similar issues, and Congress has been unable to pass legislation to address the impasse.

(Reporting by Joseph Menn, additional reporting by Mari Saito; Editing by Leslie Adler and Andrew Hay)

Apple fight could escalate with demand for ‘source code’

SAN FRANCISCO (Reuters) – The latest filing in the legal war between the planet’s most powerful government and its most valuable company gave one indication of how the high-stakes confrontation could escalate even further.

In what observers of the case called a carefully calibrated threat, the U.S. Justice Department last week suggested that it would be willing to demand that Apple turn over the “source code” that underlies its products as well as the so-called “signing key” that validates software as coming from Apple.

Together, those two things would give the government the power to develop its own spying software and trick any iPhone into installing it. Eventually, anyone using an Apple device would be unable to tell whether they were using the real thing or a version that had been altered by officials to be used as a spy tool.

Technology and security experts said that if the U.S. government was able to obtain Apple’s source code with a conventional court order, other governments would demand equal rights to do the same thing.

“We think that would be pretty terrible,” said Joseph Lorenzo Hall, chief technologist at the nonprofit Center for Democracy & Technology.

The battle between Apple and the U.S Justice Department has been raging since the government in February obtained a court order demanding that Apple write new software to help law enforcement officials unlock an iPhone associated with one of the shooters in the December attack in San Bernardino, California that killed 14 people.

Apple is fighting the order, arguing that complying with the request would weaken the security of all iPhones and create an open-ended precedent for judges to make demands of private companies.

The Justice Department’s comments about source code and signing keys came in a footnote to a filing last week in which it rejected Apple’s arguments. Apple’s response to the DOJ brief is expected on Tuesday.

Justice Department lawyers said in the brief that they had refrained from pursuing the iOS source code and signing key because they thought “such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple.”

The footnote evoked what some lawyers familiar with the case call a “nuclear option,” seeking the power to demand and use the most prized assets of lucrative technology companies.

A person close to the government’s side told Reuters that the Justice Department does not intend to press the argument that it could seize the company’s code, and someone on Apple’s side said the company isn’t worried enough to counter the veiled threat in its brief due Tuesday.

But many people expect the iPhone matter to reach the U.S. Supreme Court, and thus even fallback legal strategies are drawing close scrutiny.

ODDS OF SUCCESS UNCLEAR

There is little clarity on whether a government demand for source code would succeed.

Perhaps the closest parallel was in a case filed by federal prosecutors against Lavabit LLC, a privacy-oriented email service used by Edward Snowden. In trying to recover Snowden’s unencrypted mail from the company, which did not keep Snowden’s cryptographic key, the Justice Department got a court order forcing the company to turn over another key instead, one that would allow officials to impersonate the company’s website and intercept all interactions with its users.

“Lavabit must provide any and all information necessary to decrypt the content, including, but not limited to public and private keys and algorithms,” the lower court ruled.

Lavabit shut down rather than comply. But company lawyer Jesse Binnall said the Fourth Circuit Court of Appeals, which upheld the lower ruling, did so on procedural grounds, so that the Justice Department’s win would not influence much elsewhere.

In any case, full source code would be even more valuable than the traffic key in the Lavabit case, and the industry would go to extreme lengths to fight for it, Binnall said.

“That really is the keys to the kingdom,” Binnall said.

Source code is sometimes inspected during lawsuits over intellectual property, and the Justice Department noted that Apple won permission to review some of rival Samsung’s &lt;005930.KS> code in one such case. In that case and similar battles, the code is produced with strict rules to prevent copying.

No cases brought by the government have led to that sort of code production, or at least none that have come to light.

But intelligence agencies operate under different rules and have wide latitude overseas. Some advanced espionage programs attributed to the United States used digital certificates that were stolen from Taiwanese companies, though not full programs.

U.S. software code may have been sought in other cases, such as investigations relying on the Patriot Act or the Foreign Intelligence Surveillance Act (FISA), which applies within American borders.

Several people who have argued before the special FISA court or are familiar with some of its cases say they know of no time that the government has sought source code.

(Reporting by Joseph Menn; Editing by Jonathan Weber and Cynthia Osterman)

U.S. tech companies unite behind Apple ahead of iPhone encryption ruling

(Reuters) – Alphabet Inc’s Google, Facebook Inc, Microsoft Corp and several other Internet and technology companies will file a joint legal brief on Thursday asking a judge to support Apple Inc in its encryption battle with the U.S. government, sources familiar with the companies’ plans said.

The effort is a rare display of unity and support for the iPhone maker from companies which are competitors in many areas, and shows the breadth of Silicon Valley’s opposition to the government’s anti-encryption effort.

The fight between Apple and the government became public last month when the U.S. Federal Bureau of Investigation obtained a court order requiring Apple to write new software and take other measures to disable passcode protection and allow access to an iPhone used by one of the San Bernardino shooters in December.

Apple has pushed back, arguing that such a move would set a dangerous precedent and threaten customer security. The clash has intensified a long-running debate over how much law enforcement and intelligence officials should be able to monitor digital communications.

The group of tech companies plans to file what is known as an amicus brief – a form of comment from outside groups common in complex cases – to the Riverside, California, federal judge Sheri Pym. She will rule on Apple’s appeal of a court order that would force it to create software to unlock the iPhone.

The companies will contest government arguments that the All Writs Act, a broad 1789 law that enables judges to require actions necessary to enforce their own orders, compels Apple to comply with its request.

In their joint brief, the tech companies will say that Congress passed the All Writs Act before the invention of the light bulb, and that it goes too far to contend that the law can be used to force engineers to disable security protections, according to a source familiar with their arguments.

Google, Facebook and others also appear to be tailoring their arguments specifically to a U.S. Supreme Court audience, where the case may end up. The brief will highlight a unanimous 2014 U.S. Supreme Court case which said law enforcement needs warrants to access smartphones snared in an arrest, the source said.

That opinion, penned by Chief Justice John Roberts, united the Supreme Court’s liberal and conservative factions.

Briefs are also expected in support of the government.

Stephen Larson, a former federal judge, told Reuters last week that he is working on a brief with victims of the San Bernardino shooting who want the FBI to be able to access the data on the phone used by Rizwan Farook. “They were targeted by terrorists, and they need to know why, how this could happen,” Larson said.

Several other tech companies are joining Google, Facebook and Microsoft.

Mozilla, maker of the Firefox web browser, said it was participating, along with online planning tool maker Evernote and messaging app firms Snapchat and WhatsApp. Bookmarking and social media site Pinterest and online storage firm Dropbox are also participating.

“We stand against the use of broad authorities to undermine the security of a company’s products,” Dropbox General Counsel Ramsey Homsany said in a statement.

A separate group including Twitter Inc, eBay Inc, LinkedIn Corp and more than a dozen other tech firms filed a brief with the court in support of Apple on Thursday. AT&T Inc filed its own brief.

Networking leader Cisco Systems Inc said it expected to address the court on Apple’s behalf, but did not say whether it was joining with the large group of companies.

Semiconductor maker Intel Corp plans to file a brief of its own in support of Apple, said Chris Young, senior vice president and general manager for Intel Security Group.

“We believe that tech companies need to have the ability to build and design their products as needed, and that means that we can’t have the government mandating how we build and design our products,” Young said in an interview.

The Stanford Law School for Internet and Society filed a separate brief on Thursday morning on behalf of a group of well-known experts on iPhone security and encryption, including Charlie Miller, Dino Dai Zovi, Bruce Schneier and Jonathan Zdziarski.

Privacy advocacy groups the American Civil Liberties Union, Access Now and the Wickr Foundation filed briefs on Wednesday in support of Apple before Thursday’s deadline set by Pym.

Salihin Kondoker, whose wife Anies Kondoker was injured in the San Bernardino attack, also wrote on Apple’s behalf, saying he shared the company’s fear that the software the government wants Apple to create to unlock the phone could be used to break into millions of other phones.

“I believe privacy is important and Apple should stay firm in their decision,” the letter said. “Neither I, nor my wife, want to raise our children in a world where privacy is the tradeoff for security.”

Law enforcement officials have said that Farook and his wife, Tashfeen Malik, were inspired by Islamist militants when they shot and killed 14 people and wounded 22 others last Dec. 2 at a holiday party. Farook and Malik were later killed in a shootout with police and the FBI said it wants to read the data on Farook’s phone to investigate any links with militant groups.

Earlier this week, a Brooklyn judge ruled that the government had overstepped its authority by seeking similar assistance from Apple in a drug case.

(Reporting by Jim Finkle in Boston and Dustin Volz in San Francisco; Additional reporting by Dan Levine, Heather Somerville, Sarah McBride, Julia Love in San Francisco; Editing by Jonathan Weber, Grant McCool and Bill Rigby)

Apple calls FBI iPhone request ‘unprecedented’ in court filing

(Reuters) – Apple Inc on Thursday struck back in court against a U.S. government request to unlock an encrypted iPhone belonging to one of the San Bernardino shooters, arguing such a move would violate its free speech rights and require the company to devote significant resources to comply.

The U.S. Federal Bureau of Investigation is seeking Apple’s help to access shooter Rizwan Farook’s iPhone by disabling some of its passcode protections.

Apple argued in its brief that software was a form of protected speech, and thus the Justice Department’s demand violated the constitution.

“The government’s request here creates an unprecedented burden on Apple and violates Apple’s First Amendment rights against compelled speech,” it said.

Apple also argued that the court was over-stepping its jurisdiction, noting that Congress had rejected legislation that would have required companies to do the things the government is asking Apple to do in this case.

Apple said the court order, if upheld, could leave individuals and business vulnerable to an unlimited array of government directives.

“Under the same legal theories advocated by the government here, the government could argue that it should be permitted to force citizens to do all manner of things ‘necessary’ to assist it in enforcing the laws,” Apple said. It gave examples, “like compelling a pharmaceutical company against its will to produce drugs needed to carry out a lethal injection in furtherance of a lawfully issued death warrant or requiring a journalist to plant a false story in order to help lure out a fugitive.”

Apple’s resistance has intensified a national debate about whether the government should have technological access, or a “back door” to get into privately owned phones. The Justice Department has argued that Apple has no legal basis to refuse its help.

Some of the largest tech companies appear to be lining up behind Apple. Google and Facebook will both file briefs supporting the iPhone maker, said several sources familiar with the matter who were not authorized to speak publicly about it. Microsoft will file a friend-of the-court brief as well, company President Brad Smith said in congressional testimony Thursday. Twitter also said it will sign a brief in support of Apple.

Apple laid out in its brief the resources it believes would be necessary to comply with the government’s request, saying it would likely require a team of up to 10 Apple engineers and employees for as long as four weeks.

Complying with the request would also likely lead to “hundreds” of more demands from law enforcement, Apple said.

“Responding to these demands would effectively require Apple to create full-time positions in a new ‘hacking’ department to service government requests,” the company said in the filing.

“Apple would need to hire people whose sole function would be to assist with processing and effectuating such orders,” wrote Lisa Olle, an Apple lawyer and manager of privacy and law enforcement compliance. “These people would have no other necessary business or operations function at Apple” and would be charged with crafting what Apple referred to as “GovtOS.”

Government officials have rejected that characterization and earlier on Thursday, FBI Director James Comey told a congressional panel that court approval of the FBI’s request was “unlikely to be a trailblazer” in other cases.

While the case “will be instructive for other courts,” larger policy questions about reasonable law enforcement access to encrypted data will likely need to be resolved by Congress and others, Comey said.

Shares of Apple were barely changed and closed up less than 1 percent at $96.76.

Apple also raised the specter of courts ordering it to help in other cases in other ways, such as writing computer code that would turn on an iPhone microphone to help surveillance.

The company also criticized the Justice Department for publicizing the order, which would normally have been filed under seal.

“This is the only case in counsel’s memory in which an FBI Director has blogged in real-time about pending litigation, suggesting that the government does not believe the data on the phone will yield critical evidence about other suspects,” the company said.

Apple CEO Tim Cook said in an interview on Wednesday with ABC News that the company was prepared to take the case to the Supreme Court if necessary.

(Reporting by Dan Levine, Joseph Menn and Julia Love in San Francisco and Dustin Volz in Washington; Editing by Jonathan Weber, Bill Rigby and Richard Chang)

U.S. ramps up Apple fight with new filing in iPhone unlocking case

WASHINGTON/LOS ANGELES (Reuters) – The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge’s order for the company to unlock the encrypted iPhone belonging to one of the San Bernardino shooters, portraying the tech giant’s refusal as a “marketing strategy.”

The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week.

The Federal Bureau of Investigation is seeking the tech giant’s help to access the shooter’s phone by disabling some of its passcode protections. The company so far has pushed back, and on Thursday won three extra days to respond to the order.

Apple did not immediately respond to a request for comment.

The motion to compel Apple to comply did not carry specific penalties for the company, and the Justice Department declined to comment on what recourse it was willing to seek. In the order, prosecutors acknowledged that the filing “is not legally necessary.”

But the Justice Department said the motion was in response to Apple CEO Tim Cook’s public statement Wednesday, which included a refusal to “hack our own users and undermine decades of security advancements that protect our customers.”

The clash between Apple and the Justice Department has driven straight to the heart of a long-running debate over how much law enforcement and intelligence officials should be able to monitor digital communications.

A federal court hearing in California has been scheduled for March 22 in the case, according to Thom Mrozek, a spokesman for the U.S. Attorney’s Office for the Central District of California.

“Rather than assist the effort to fully investigate a deadly terrorist attack … Apple has responded by publicly repudiating that order,” prosecutors wrote in the Friday order.

“Apple’s current refusal to comply with the court’s order, despite the technical feasibility of doing so, instead appears to be based on its concern for its business model and public brand marketing strategy,” prosecutors said.

The two sides have been on a collision course since Apple and Google began offering default end-to-end encryption on their devices in 2014, a move prompted in part by the surveillance revelations from former National Security Agency contractor Edward Snowden.

But the Justice Department struggled to find a compelling case where encryption proved to be an insurmountable hurdle for its investigators until the Dec. 2 shooting rampage by Rizwan Farook and his wife in San Bernardino, California, which killed 14. Authorities believe the couple was inspired by the Islamic State.

Some technology experts and privacy advocates backing Apple suggest Farook’s work phone likely contains little data of value. They have accused the Justice Department of choreographing the case to achieve a broader goal of gaining support for legislation or a legal precedent that would force companies to crack their encryption for investigators.

The case has quickly become a topic in the U.S. presidential race. Republican frontrunner Donald Trump on Friday called for a “boycott” against Apple until the company complied with the court order.

(Reporting by Julia Edwards, Dustin Volz and Lisa Richwine; Additional reporting by David Ingram; Editing by Andrew Hay and Bill Rigby)

Privacy versus security at heart of Apple phone decrypt order

(Reuters) – A court order demanding that Apple Inc help the U.S. government unlock the encrypted iPhone of one of the San Bernardino shooters opens a new chapter in the legal, political and technological fight pitting law enforcement against civil liberties advocates and major tech companies.

The government argues that the phone is a crucial piece of evidence in investigating one of the worst attacks in the United States by people who sympathized with Islamist militants. But privacy groups warn that forcing companies to crack their own encryption endangers the technical integrity of the Internet and threatens not just the privacy of customers but potentially citizens of any country.

A federal judge in Los Angeles on Tuesday ordered Apple to provide “reasonable technical assistance” to investigators seeking to read the data on an iPhone 5C that had been used by Rizwan Farook, who along with his wife, Tashfeen Malik, killed 14 people and wounded 22 others on Dec. 2 in San Bernardino, California.

Both were killed in a shootout with police. The Federal Bureau of Investigation has been investigating the couple’s potential communications with Islamic State and other militant groups, and argued that it needs access to the iPhone to find out more.

White House spokesman Josh Earnest said the Department of Justice was asking Apple for access to just one device, a central part of the government’s argument, which Apple Chief Executive Officer Tim Cook has said was “simply not true.”

“They are not asking Apple to redesign its product or to create a new backdoor to one of their products,” Earnest told reporters at a daily briefing.

Most technology security experts, including many who have served in government, say technical efforts to provide government access to encrypted devices inevitably brings in law enforcement. The argument has been made on and off since the 1990s, when the government tried and failed to force tech companies to incorporate a special chip into their products for surveillance purposes.

“The government suggests this tool could only be used once, on one phone,” Cook said in a statement on Tuesday. “But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices.”

Representatives of several other tech companies did not respond to requests for comment on the ruling. Not surprisingly, however, trade groups that count thousands of software companies, smartphone makers and network security firms as members decried the government position, while law enforcement groups backed the Justice Department.

The industry was “committed to working with law enforcement to keep Americans safe” the Software & Information Industry Association said, but in the Apple case, “the government’s position is overbroad and unwise.”

The Computing Technology Industry Association said that if the order was carried out, “it could give the FBI the power to call for some sort of back end to encryption whenever they see fit.”

If the federal judge, Magistrate Sheri Pym, rejects Apple’s arguments, the Cupertino, California-based company can appeal her order to the district court, and then up the chain to the 9th U.S. Circuit Court of Appeals in San Francisco and ultimately the U.S. Supreme Court.

The 9th Circuit is known to be pro-privacy. “The government ultimately will have an uphill fight,” said Robert Cattanach, a former Justice Department lawyer who advises companies on cyber security issues.

Farook was assigned the phone by the county health department he worked for, prosecutors said in a court filing on Tuesday. The health department had “given its consent” to authorities to search the device and to Apple to assist investigators in that search, the document said.

San Bernardino County’s top prosecutor, District Attorney Mike Ramos, said Apple’s refusal to unlock the phone was a slap in the face to the victims of the shooting and their families.

“They’d like to know details like any of us in America would like to know. Were there other threats? Were there other individuals involved?” Ramos said in a phone interview.

‘MASTER KEY’

Dan Guido, an expert in hacking operating systems, said that to unlock the phone, the FBI would need to install an update to Apple’s iOS operating system so that investigators could circumvent the security protections, including one that wipes data if an incorrect password is entered too many times.

He said that only Apple can provide that software because the phones will only install updates that are digitally signed with a secret cryptographic key.

“That key is one of the most valuable pieces of data the entire company owns,” he said. “Someone with that key can change all the data on all the iPhones.”

The notion of opening that key is anathema to the Electronic Frontier Foundation, an online rights group. “Once this master key is created, governments around the world will surely demand that Apple undermine the security of their citizens as well,” the foundation said in a statement.

Lance James, an expert in forensics who is chief scientist with cyber intelligence firm Flashpoint, said Apple could respond to the order without providing crypto keys or specialized tools that could be used to unlock other phones.

Apple technicians could create software that would unlock the phone, allowing the company to create a backup file with all of its contents that they could provide to law enforcement, James said.

American Civil Liberties Union staff attorney Alex Abdo said the government’s request risked a “dangerous” precedent. “The Constitution does not permit the government to force companies to hack into their customers’ devices,” he said.

Apple was a topic of discussion on the presidential campaign trail on Wednesday.

Donald Trump, the front-runner for the Republican Party’s nomination to run in the Nov. 8 election, appearing on Fox News Channel’s “Fox & Friends,” said, “I agree 100 percent with the courts – in that case, we should open it (the iPhone) up. … We have to use common sense.”

Another Republican candidate, U.S. Senator Marco Rubio of Florida, called it a “tough issue” that would require government to work closely with the tech industry to find a solution. Rubio said he hoped Apple would voluntarily comply with the court order.

(Additional reporting by Megan Cassella, Doina Chiacu and Susan Heavey in Washington, Steve Holland and Joseph Menn in San Francisco, Sharon Bernstein in Los Angeles; Writing by Grant McCool; Editing by Jonathan Oatis)

Apple opposes order to help unlock California shooter’s phone

WASHINGTON (Reuters) – Apple Inc opposed a court ruling on Tuesday that ordered it to help the FBI break into an iPhone recovered from a San Bernardino shooter, heightening a dispute between tech companies and law enforcement over the limits of encryption.

Chief Executive Tim Cook said the court’s demand threatened the security of Apple’s customers and had “implications far beyond the legal case at hand.”

Earlier on Tuesday, Judge Sheri Pym of U.S. District Court in Los Angeles said that Apple must provide “reasonable technical assistance” to investigators seeking to unlock the data on an iPhone 5C that had been owned by Syed Rizwan Farook.

That assistance includes disabling the phone’s auto-erase function, which activates after 10 consecutive unsuccessful passcode attempts, and helping investigators to submit passcode guesses electronically.

Federal prosecutors requested the court order to compel Apple to assist the investigation into the Dec. 2 shooting rampage by Farook and his wife, killing 14 and injuring 22 others. The two were killed in a shootout with police.

The FBI has been investigating the couple’s potential communications with Islamic State and other militant groups.

“Apple has the exclusive technical means which would assist the government in completing its search, but has declined to provide that assistance voluntarily,” prosecutors said.

U.S. government officials have warned that the expanded use of strong encryption is hindering national security and criminal investigations.

Technology experts and privacy advocates counter that forcing U.S. companies to weaken their encryption would make private data vulnerable to hackers, undermine the security of the Internet and give a competitive advantage to companies in other countries.

In a letter to customers posted on Apple’s website, Cook said the FBI wanted the company “to build a backdoor to the iPhone” by making a new version of the iPhone operating system that would circumvent several security features.

“The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers – including tens of millions of American citizens – from sophisticated hackers and cybercriminals,” Cook said.

He said Apple was “challenging the FBI’s demands” and that it would be “in the best interest of everyone to step back and consider the implications.”

In a similar case last year, Apple told a federal judge in New York that it was “impossible” for the company to unlock its devices that run an operating system of iOS 8 or higher.

According to prosecutors, the phone belonging to Farook ran on iOS 9.

Prosecutors said Apple could still help investigators by disabling “non-encrypted barriers that Apple has coded into its operating system.”

Apple and Google both adopted strong default encryption in late 2014, amid growing digital privacy concerns spurred in part by the leaks from former National Security Agency contractor Edward Snowden.

Forensics expert Jonathan Zdziarski said on Tuesday that Apple might have to write custom code to comply with the order, presenting a novel question to the court about whether the government could order a private company to hack its own device.

Zdziarski said that, because the San Bernardino shooting was being investigated as a terrorism case, investigators would be able to work with the NSA and the CIA on cracking the phone.

Those U.S. intelligence agencies could likely break the iPhone’s encryption without Apple’s involvement, he said.

(Reporting by Dustin Volz; Additional reporting by Joseph Menn, Dan Levine and Shivam Srivastava; Editing by Cynthia Osterman, Lisa Shumaker and Robin Paxton)

FBI director says investigators unable to unlock San Bernardino shooter’s phone content

WASHINGTON (Reuters) – FBI Director James Comey said on Tuesday that federal investigators have still been unable to access the contents of a cellphone belonging to one of the killers in the Dec. 2 shootings in San Bernardino, California, due to encryption technology.

Comey told the Senate Intelligence Committee that the phenomenon of communications “going dark” due to more sophisticated technology and wider use of encryption is “overwhelmingly affecting” law enforcement operations, including investigations into murder, car accidents, drug trafficking and the proliferation of child pornography.

“We still have one of those killer’s phones that we have not been able to open,” Comey said in reference to the San Bernardino attack.

Syed Rizwan Farook, 28, launched the Islamic State-inspired attack with his wife, Tashfeen Malik, 29, at a social services agency in the California city, leaving 14 dead.

Comey and other federal officials have long warned that powerful encryption poses a challenge for criminal and national security investigators, though the FBI director added Tuesday that “overwhelmingly this is a problem that local law enforcement sees.”

Technology experts and privacy advocates counter that so-called “back door” access provided to authorities would expose data to malicious actors and undermine the overall security of the Internet.

A study from the Berkman Center for Internet and Society at Harvard released last month citing some current and former intelligence officials concluded that fears about encryption are overstated in part because new technologies have given investigators unprecedented means to track suspects.

Senator Ron Wyden, an Oregon Democrat, asked Director of National Intelligence James Clapper to provide a declassified response to the Berkman study within 60 days. Clapper agreed to the request.

The White House last year abandoned a push for legislation that would mandate U.S. technology firms to allow investigators a way to overcome encryption protections, amid rigorous private sector opposition. But the issue has found renewed life after the shootings in San Bernardino and Paris.

Senators Richard Burr and Dianne Feinstein, the Republican and Democratic leaders of the intelligence panel, have said they would like to pursue encryption legislation, though neither has introduced a bill yet.

(Reporting by Dustin Volz and Mark Hosenball; editing by Sandra Maler and G Crosse)