Judge Orders Apple to Help FBI Crack San Bernardino iPhone


A federal judge wants Apple to build a “back door” that allows it to access encrypted data on the iPhone belonging to the San Bernardino attackers. Apple is resisting:

The order, signed Tuesday by a magistrate judge in Riverside, Calif., does not ask Apple to break the phone’s encryption but rather to disable the feature that wipes the data on the phone after 10 incorrect tries at entering a password. That way, the government can try to crack the password using “brute force” — attempting tens of millions of combinations without risking the deletion of the data….Federal prosecutors stated in a memo accompanying the order that the software would affect only the seized phone.

In theory, this should be little more than a macabre joke. If Apple is truly using strong encryption, it wouldn’t take ten million tries to crack the password, it would take more tries than there are atoms in the universe.

Unless, of course, the attackers are really stupid and used “123456” or “Jihad Forever” as their password. Which they very well might have. Folks like this aren’t always especially bright.

In any case, I find it hard to side with Apple here. It’s one thing for Apple to implement strong encryption that even Apple itself can’t break. It’s another to deny law enforcement the ability to even try to break the encryption. My initial reaction—which I admit might change if I think about this further—is that liberals have never opposed the right of the government to execute a search. We just want them to get a warrant first, and we want it particularized to a specific case. So we object to warrantless searches and we object to mass collection of surveillance data. A court order that applies to a specific case shouldn’t be a problem.

Apple, of course, is arguing that if they create a special FBI version of iOS, it can be used anytime and anywhere, with or without a warrant. So that’s the question for the court. If they compel Apple to create a version of iOS that can be hacked, are there legally enforceable restrictions on its use? Or does it become a permanent plaything for anyone who can issue a national security letter—which appears to include practically the entire FBI? This will be an interesting case going forward.