Skip to main content

FBI: Crucial iCloud settings on San Bernardino shooter’s iPhone are disabled

machine learning supreme court algorithm my trusty gavel
Brian Turner/Flickr
If you’ve been staying even tangentially abreast of the ongoing case involving Apple, the Federal Bureau of Investigation, and San Bernardino shooter Syed Farook’s locked iPhone, this may sound familiar: The handset, which was configured to back up data via iCloud, was reset by San Bernardino county officials at the instruction of the FBI, precluding any attempt by investigators to obtain sought-after evidence from Apple’s servers. According to the FBI, though, that isn’t quite true. In court documents published on Thursday, the agency contended that many of the phone’s backup features had been disabled prior to the government’s investigation.

Specifically, the FBI tells the court that the phone had been powered down and password-protected when the agency recovered it, making both a backup at that point impossible; in a sworn statement, FBI engineer Stacey Perino said that “the device would not connect to a Wi-Fi network until the passcode was entered.” A subsequent analysis of an October 19 backup — the most recent available — found that the iCloud’s reset function had been used on October 22, months before the agency came into possession of the phone. Furthermore, the agency said, forensic examiners were able to determine that the phone’s email, photo, and note backups had been disabled, making the data that the government is seeking impossible to extract from subsequent cloud backups.

Recommended Videos

“The evidence on Farook’s iCloud account suggest that he had already changed his iCloud password himself on October 22, 2015 — shortly after the last backup — and that the auto-backup feature was disabled,” lawyers for the government wrote in the filing. “A forced backup of Farook’s iPhone was never going to be successful.”

Apple’s general counsel, Bruce Sewell, painted the FBI’s most recent filing as a “cheap shot” and an “unsupported, unsubstantiated effort to vilify Apple.” At a press conference on Thursday, he expressed incredulity at the government’s rhetorical bluntness. “In 30 years of practice, I don’t think I’ve ever seen a legal brief more intended to smear the other side … The one of the brief reads like an indictment.”

Sewell’s reaction aside, the FBI’s brief is much in line with what the agency and Justice Department have stated publicly over the past few weeks. At a congressional hearing in late February, FBI Director James Comey maintained that the agency’s reset instructions to the San Bernardino Department of Public Health — the authority charged with managing Farook’s iCloud account — were a “mistake.” But in subsequent comments, Comey and the Department of Justice have implied that a backup wouldn’t necessarily have contained the data investigators were seeking. “Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance,” the Justice Department said last month

County officials reset the password on December 6, a few weeks after the FBI acquired the phone.

Apple, for its part, argues that even the iCloud backup settings had been disabled locally, a remote backup might have been possible. In its motion to vacate the FBI’s court-ordered unlocking of the iPhone, the company said that the FBI did not seek its technical guidance prior to directing San Bernardino officials to change the iCloud account password. “Unfortunately, the FBI, without consulting Apple or reviewing its public guidance regarding iOS, changed the iCloud password associated with one of the attackers’ accounts,” said Apple in a court filing, “foreclosing the possibility of the phone initiating an automatic iCloud backup of its data to a known Wi-Fi network.”

In the documents submitted Thursday, the FBI says that agents did consult with Apple, but that Apple ceased collaboration when investigators insisted on a method of extraction that would produce “the full set of data.” The agency from that point proceeded independently.

Thursday’s filing is only the latest development in a contentious legal face-off between Apple and the FBI. In February, the FBI obtained a court order compelling the company to create a customized version of iOS that would subvert the iPhone’s passcode lockout feature. Apple’s seeking to have that ruling overturned, arguing that it could set a dangerous and far-reaching precedent.

Apple has until March 15 to issue a reply to the government’s filing. The trial date is set for March 22.

Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
It’s the end of the road for these two iPhone models
Apple iPhone 6S Plus

Seeing your favorite handheld gaming device in a retro store has a unique way of making you feel old, but Apple might have topped it. According to the company, the iPhone XS Max and iPhone 6s Plus are now "vintage." They join the ranks of the iPhone 4 and even the iPad Pro 12.9-inch model.

It's not wholly unexpected. Apple declares a device vintage after five years, and that means it becomes more difficult to have that device repaired or to find replacement parts for it. Obsolete is applied to products that are more than seven years old, but sometimes certain variants get that label early.

Read more
Google Gemini arrives on iPhone as a native app
the Google extensions feature on iPhone

Google announced Thursday that it has released a new native Gemini app for iOS that will give iPhone users free, direct access to the chatbot without the need for a mobile web browser.

The Gemini mobile app has been available for Android since February, when the platform transitioned from the older Bard branding. However, iOS users could only access the AI on their phones through either the mobile Google app or via a web browser. This new app provides a more streamlined means of chatting with the bot as well as a host of new (to iOS) features.

Read more
I tried a new Android phone that puts some of the best smartphone cameras to shame
The rear camera setup on the Oppo Find X8 Pro.

It’s been a few years since I was surprised by a smartphone camera’s zoom performance. With Samsung offering 100x zoom on its Galaxy S Ultra lineup, little has shocked me with smartphone cameras — until now.

The Oppo Find X8 series is the successor to the Find X7 series from last year, and alongside several other improvements, there’s also been a significant upgrade in one area: the 30x zoom. Oppo and OnePlus have great cameras at shorter zoom distances, and at a recent briefing, I discovered that we can now add the 30x zoom to the list.

Read more