Cybersecurity
Report: The government can probably unlock your old iPhone if it wants to
In a database of iPhone search warrants and other documents from last year, most of the phones were successfully cracked.
On Wednesday, Motherboard released a database cataloging more than 500 iPhone search warrants and other documents from 2019. Though not comprehensive, for various reasons, the database outlines the complexities around law enforcement’s ability to extract iPhone data. The data largely covers federal agencies where successful extraction included modern iPhone models.
The government can get into your iPhone, kind of — Obtaining this kind of data is difficult due in no small part to vague, missing, and semantically confusing information in court documents. Motherboard pulled iPhone-related court documents from PACER, admitting the dataset is not exhaustive for the year. Additionally, Jim Baker, former general counsel of the FBI, told the outlet sometimes law enforcement won’t even bother requesting access because they know any attempt won’t be fruitful. Joseph Cox at Motherboard wrote:
“Out of 516 analyzed cases, 295 were marked as executed. Officials from the FBI, DEA, DHS, Homeland Security and Investigations, the Bureau of Alcohol, Tobacco, Firearms, and Explosives were able to extract data from iPhones in investigations ranging from arson to child exploitation to drug trafficking.”
Tools like Grayshift and Cellebrite are used by some federal law enforcement agencies to access iPhone data. Occasionally, they’ll share resources with less-funded agencies as well as local law enforcement. Though they’re not always successful, these organizations inflate their inability to extract data. The Washington Post exposed statistical exaggerations by FBI Director Christopher Wray, finding the agency couldn’t access 1,000 to 2,000 devices in 2017. Wray had previously cited numbers close to 8,000.
Based on the database, agencies have the most success with iPhones up to the iPhone 7. Obtaining data from iPhone X devices and newer was pretty hit or miss, and several hits involved consent from the owner or a family member. Forbes reported earlier this year, amid calls for Apple to unlock phones involved in the Pensacola shooting case, the FBI had accessed data from an iPhone 11 Pro Max.
The benefits of Apple’s walled garden — Though law enforcement can also have trouble getting into Android phones, the diversity of the market and thus the ability to push security updates leaves more devices vulnerable. Apple controls every aspect of an iPhone which makes it easier to quickly fix and prevent security issues across devices. Plus, every year, Apple gets more aggressive about protecting iPhone data. Most notably, it made information sharing more difficult via USB which experts agree has greatly hampered the ability to hack into an iPhone.
That’s great news for iPhone users, not so much for the government. Despite appearances, Apple has actually helped with investigations and data saved to the cloud is generally accessible. In December, Erik Neuenschwander, Apple's director of user privacy, reminded the Senate Judiciary Committee of the company’s law enforcement guidelines and training programs. In addition to working with agencies through these channels, Apple has swiftly responded to 127,000 requests for information in the past seven years.