In February, the FBI fought the encryption on an iPhone 5C that once belonged to the San Bernardino shooter. A legal battle ensued wherein the FBI attempted to force Apple into bypassing the iPhone’s lockscreen. As Wired points out, the FBI promised the ordeal was a singular event; the agency promised subsequent cases would not be handled this way.
Eight months have passed since the aforementioned event.
Now, at a press conference in Minnesota, FBI’s Rich Thorton revealed the FBI has possession of another encrypted iPhone from a high profile case. The phone was pulled from Dahir Adan after he stabbed 10 people in a Minnesota mall. Thorton said the FBI is still in the process of trying to get past the phone’s encryption to access the contents within.
“Dahir Adan’s iPhone is locked,” Thornton said, “We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain.”
In the San Bernardino case, a day before an FBI court hearing, the DoJ asked the court to delay the hearing. The FBI had learned to get access to the phone’s contents without the help Apple. This came as a surprise to many as the FBI had continuously claimed such actions were not possible without the help of Apple.
The press conference did not reveal the iPhone model or iOS version. Both the model and operating system are the centerpiece for the direction this case will take. Starting in 2014 with iOS 8, Apple implemented a new encryption method that prevented even Apple from decrypting the phone. Prior to iOS 8, Apple was capable of gaining access to a user’s iPhone when law enforcement served them with a warrant.
Since iOS 8, Apple has started using a different chip called a “secure enclave.” This security measure adds more time delays to password guessing attacks like bruteforcing. Part of the problem the FBI had with the San Bernardino iPhone was the inability to bruteforce the password.
Users have the option to have their device wipe itself after 10 failed attempts. Obviously the FBI want to avoid this. Furthermore, there is an 80-millisecond delay between each unlock attempt, meaning that a bruteforce attack could take years. According to Apple, a complex six digit passcode composed of numbers and letters would take more than five-and-a-half-years to crack.
The FBI made no mention of decryption methods planned.
According to agent Thornton, the FBI had “analyzed more than 780 gigabytes of data from multiple computers and other electronic devices.” “We are conducting an extensive review of his social media and other online activity,” he said. “We continue to review his electronic media and digital footprint.”
Depending on when the ISIS-linked attacker’s phone was purchased, the FBI may find themselves at odds with Apple.