DOJ’s Awesome New Trick to Break into Apple Phones

DOJ has apparently come up with an amazing new trick to break into Apple phones: to ask defendants in the weeks before they sentence them.

Throughout the challenge over the phone in EDNY, Apple has raised a number of other ways DOJ could get into Jun Feng’s phone. That includes some known forensic tools, but especially — given that Feng pled guilty — simply asking him for his password a second time. According to WSJ’s report on why DOJ just withdrew their request in that case, DOJ hadn’t tried the latter method, until now.

In a one-page letter filed with a Brooklyn federal court Friday night, the government said an individual had recently come forward to offer the passcode to the long-locked phone. The filing means that in both of the high-profile cases pitting the Justice Department against Apple, the government first said it couldn’t open the phone, only to suddenly announce it had found a way into the device as the case proceeded in court.

“Yesterday evening, an individual provided the passcode to the iPhone at issue in this case,’’ prosecutors said in their terse letter to the judge. “Late last night, the government used that passcode by hand and gained access to the iPhone. Accordingly, the government no longer needs Apple’s assistance to unlock the iPhone, and withdraws its application.’’

[snip]

After he was arrested, Mr. Feng told agents that he didn’t remember the phone’s passcode, leading investigators eventually to seek Apple’s help. The Wall Street Journal reported last week that Mr. Feng only recently learned his phone had become an issue in a high-stakes legal fight between prosecutors and Apple. Mr. Feng, who has pleaded guilty and is due to be sentenced in the coming weeks, is the one who provided the passcode to investigators, according to people familiar with the matter.

Geniuses! Use the sentencing process, rather than the All Writs Act, to open up a phone captured two years ago (which probably has even less usable evidence than Syed Rizwan Farook’s phone did.

These prosecutors are really using some amazing tools these days.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

11 replies
  1. Riccardo Cabeza says:

    The head line should read, “Prosecutors use phone passwords to blackmail defendents at sentencing”

    If you want to 5th Amendment your phone passord the Prosecutors holds decades of prison over your head and you are cheering the prosecutors.

  2. martin says:

    quote”These prosecutors are really using some amazing tools these days.unquote

    BWHAHAHAHAHAHAHAHAHAHA…HOHOHOHOHOHOH….HEEHEHEHEHEHE…HAHAHAHAHAHAHAHAHA!

    emptywheel, you’re mean. I’m sure you’re on the FBI’s shit list. I’m sure Judge Hogan knows it too. I hope his head is exploding from outrage.

  3. martin says:

    quote”The filing means that in both of the high-profile cases pitting the Justice Department against Apple, the government first said it couldn’t open the phone, only to suddenly announce it had found a way into the device as the case proceeded in court.”unquote

    Only suddenly. right. If I were a Judge, I’d beat the FBI/US Attorneys over the head with this with every ounce of verbal outrage I could muster.

    • emptywheel says:

      The downside? It’s a lot easier to break into.

      The upside? There’s far less compromising information on it.

  4. SpaceLifeForm says:

    Consider: Feng gave them the passcode over a year ago but
    the FBI wanted to push the All Writs Act angle anyway.

    Parallel Legal Construction. Keep attacking from various angles
    and bail out when it becomes apparent it will not fly in a specific
    court, but keep trying the same angle in other courts.

    It is really all about precedent.

  5. bevin says:

    And of course there is an inbuilt ‘justification’ for torture: “He had the location of the ticking time bomb in his phone…”
    Not that ten years or life in prison isn’t torture.

  6. Evangelista says:

    Just ask Feng! Shui!, you are in like the wind! It blows me away…
    .
    Of course, it was the prosecutors, not the FBI, who had been the whole last year working an angle to pair up the iphone with a sweet-voiced uphone prompting, “Are you sure you don’t have some things you want to say to me, honey?”. Just in time, too: The FBI had just given up in frustration and was looking for a Caliban-caliber state-trooper dumb enough to shoot the FBI-irritating iphone in the back, for the screen, in the front, “looking like it was going to morph a gun.”
    .
    It does take the edge off the FBI being totally useless at real law enforcement to have them this entertaining in their running rogue and writing their own scripts.

  7. Hieronymus Howard says:

     
    The uncrackable iPhone that bricks itself irretrievably (it’s probably already here) will engender a very entertaining shitstorm when the vaunted “Intelligence Community” is confronted with it.  But this will be a good thing, ultimately.  It will force law enforcement to deal with (coerce) the (suspected) perp & not a handset manufacturer.  They’ll have to relearn how to serve a warrant on the suspect, not on a disinterested third party.  The latter cannot know the perp’s password & they don’t WANT to know.  & that is how it should be.

Comments are closed.