It will take at least two weeks to know whether an alternate method will unlock an encrypted iPhone used by one of the San Bernardino attackers, the head of the FBI’s Los Angeles office said Tuesday, adding that federal investigators think they have “a good shot.”
Government officials were asked to file a status report in court about the alternate method by April 5 because that’s how long they think it will take to know if the method will unlock the phone without compromising the data it contains, said David Bowdich, an assistant FBI director in charge of the office in Los Angeles.
At the government’s request, a judge canceled a court hearing in the matter that had been set for Tuesday.
The government was “very ready” to try to force Apple to help unlock the phone when a third party emerged with an alternate method Sunday, Bowdich said.
“For us to seek a continuance, we felt it was a good shot,” Bowdich said. “I’ll leave it there because we just don’t know.”
The publicity around the case generated a number of proposed solutions, but none was deemed potentially usable until Sunday’s demonstration, according to two law enforcement officials close to the case who are not authorized to speak publicly about the matter and spoke on condition of anonymity.
The unexpected new method is going to be tested on other phones before it’s perfected — to avoid deleting the data on the target device, one of the law enforcement officials said.
One official said FBI Director James Comey testified in good faith about the FBI exhausting options to get into the iPhone, but investigators had not canvassed every possible option that could exist because of the urgency factor in terrorism investigations.
The longer the government waited, the more its arguments of urgency would be negated.
Speculation about the source of the new method has centered on a little-known but thriving industry of computer forensics in which firms work with the FBI and other police agencies around the world.
While it could be an independent hacker, several experts said the proposed solution most likely came from one of those firms, possibly one that already works for the government.
“The FBI contracts out a lot of work, like every other government agency, and a lot of stuff gets shipped off to data-recovery contractors,” said Jonathan Zdziarski, an independent iPhone forensics researcher.
He said the most straightforward possibility is that the FBI described the problem to a variety of contractors and one of them came forward with a proposed solution.
Other experts mentioned an Israeli company, Cellebrite Inc., that’s a leader among several firms selling smartphone forensics services and software tools to U.S. police agencies. The programs can extract data from iPhones running older versions of Apple’s operating system, but they have been stymied by the latest version, known as iOS 9. That’s the version running on the San Bernardino iPhone.
Cellebrite hasn’t announced any new product that works with iOS 9, but it’s likely working on developing one, said Darren Hayes, a computer scientist and cybersecurity expert at Pace University in New York.
Cellebrite representatives couldn’t be reached for comment Tuesday. The company did not respond to an email and phone message left at its U.S. offices in New Jersey.
Filed Under: Industry regulations