The Los Angeles Police Department recently obtained access to a locked iPhone 5s belonging to the murder victim in a prominent Hollywood court case, according to court documents obtained by the Los Angeles Times.
The iPhone in question belonged to April Jace, who was murdered in May 2014. The man accused of the crime, Michael Jace, is best known for his role on the television show The Shield. The iPhone 5s was believed to contain SMS messages showing the couple arguing before the murder took place.
April Jace’s iPhone was locked by a passcode and the LAPD had tried multiple times to extract the data that investigators felt was relevant to the case. According to the Los Angeles Times article, an Apple technician was ordered by an LA judge to access the data in 2015 and, in early 2016, the LA County district attorney’s office tried twice more to access the contents of the phone, but to no avail.
SEE: Information security policy template (Tech Pro Research)
On March 18, the LAPD brought in a “forensic cellphone expert” who apparently was able to override the phone’s security and reveal its contents. Neither the identity of the expert or the methods used to hack the phone were revealed. Also, the version of iOS that April Jace’s phone was running at the time is also unknown.
The warrant for the forensic cellphone expert was dated for March 18, putting it at 10 days prior to the date when the FBI dropped its case against Apple regarding the iPhone 5c allegedly used by San Bernardino shooter Syed Farook. This means that it occurred while the FBI was still asking for Apple’s assistance in creating a backdoor into the phone, which would have bypassed their existing security measures.
The iPhone 5s was purported to be much more difficult to hack than the iPhone 5c, due to the presence of a Secure Enclave. From Apple:
The Secure Enclave is a coprocessor fabricated in the Apple A7 or later A-series processor. It utilizes its own secure boot and personalized software update separate from the application processor. It provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised.
The Secure Enclave is also responsible for processing data from the fingerprint ID scanner that was introduced with the iPhone 5s. This indeed raises questions as to why the FBI was still asking for help from Apple in unlocking the iPhone 5C, if a more-secure iPhone 5s had been unlocked by law enforcement roughly an hour drive away.
Benjamin Wright is an attorney and a SANS Institute instructor who teaches Law of Data Security and Investigations courses. Wright said that the case is highly complex, and there is a subtle difference in dealing with a state court versus a federal court which could have played into the disparity.
The thing is, no one knows how the LAPD was able to access the phone’s data. While it could have been a complex hardware hack or software exploit, it could also be very simple. For example, investigators could obtain the person’s PIN or passcode by looking through social media, or by simply asking the phone owner’s friends, family, or coworkers.
Of course, there has also been the idea of using the deceased victim’s fingerprint to unlock the phone. Wright said that he doesn’t see any major legal issues with the idea, and the method has been tested in multiple ways on later iPhone models.
“There is already US court precedent that allows for individuals to be compelled to provide biometric samples as part of law enforcement investigations and that this is not a violation of their constitutional rights,” said John Pironti, of technical consulting firm IP Architects. “The US courts have often reinforced the ability for an individual to not disclose a password based on their rights to remain silent and not self incriminate, but this same protection does not hold true to biometric samples where they do not necessarily have to speak as part of the activity.”
However, the bigger issue might not be how the LAPD hacked into the phone, but what this news means for the debate around privacy and encryption that was catalyzed by the San Bernardino case. The general narrative so far has been the FBI asking Congress to order the availability of a backdoor as necessary for current and future investigations, but recent events are beginning to make it harder for law enforcement to argue that is has exhausted all alternatives, Wright said.
“In just the past month or so, law enforcement has said it has broken into three iPhones, after claiming in each case it was impossible,” Wright said. “The police are beginning to sound like the boy who cried ‘Wolf.’ In future cases it will be harder for law enforcement to argue it has exhausted all alternatives. Experience suggests that if law enforcement works hard enough, it can find an alternative.”
Still, because the phone in the LAPD case is an iPhone 5s, authorities could make the argument that the iPhone 6 and 6s (and all subsequent models) have stronger security and may still need a backdoor. But, that remains to be seen.
Although, Pironti said, it’s likely that law enforcement agencies aren’t depending solely on changes to laws requiring companies to provide them device access as their only means of gathering evidence.
“They realize that this path will take time and may not be successful,” Pironti said. “It is the expectation of those that they serve that they will be efficient in their investigations and activities as well as serve and protect their constituents.”
SEE: Apple demands to know how FBI cracked San Bernardino iPhone (TechRepublic)
The other issue this raises, in Apple’s case especially, is the high profile of these hacks and the high cost associated with hacking iPhones driving more hackers and security experts to target iOS devices.
“When the FBI says something like ‘We paid a million dollars,’ that is red meat to a whole bunch of smart forensics guys, and they’ll all be working on trying to find their own techniques on how to do it and then try to sell their services,” Wright said.
Users concerned with security should work to educate themselves on their individual device and how to manage it. Be sure to learn all the security measures available on the phone, and how to enable them. Also, be aware of different security measures available in different versions of the operating system and with different updates.
The 3 big takeaways for TechRepublic readers
- The LAPD was able hack into an iPhone 5s at the center of an LA murder trial with the help of a “forensic cellphone expert.” The identity of the expert is unknown, as is the method that was used to extract the information.
- The LAPD was able to hack the more secure iPhone 5s during the time at which the FBI was still asking for help from Apple in unlocking the iPhone 5c involved in the San Bernardino shooting.
- The fact that law enforcement has been able to hack these iPhones further weakens their argument that manufacturers like Apple should provide a backdoor into the phones for current and future investigations.