The Department of Justice pulled out of its fight with Apple over dead terrorism suspect Syed Farook's iPhone 5c yesterday, saying it had figured out how to crack into the phone and no longer needed Apple's help. But as of Tuesday, the government is still pursuing a similar case in New York—a case where known exploits already exist for the iPhone model in question.
It’s a bizarre move to continue to pursue the New York case after retreating in the San Bernardino case. In the San Bernardino case, the government repeatedly argued that only Apple was capable of bypassing its own iPhone security.
Once it found a workaround, using a still-mysterious hack likely provided by a forensics firm, the DOJ retracted its request to compel Apple to help break into the phone. "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple mandated by Court's Order Compelling Apple Inc to Assist Agents in Search dated February 16, 2016," the Department of Justice said in its filing.
An iPhone 5s phone running iOS 7 is more vulnerable than an iPhone 5c running iOS 9
But the New York case—in which the government is also trying to get Apple to assist it in hacking an iPhone—is still ongoing, even though, by all accounts, the government shouldn't need the company's help.
In late February, Magistrate Judge James Orenstein in the Eastern District of New York denied a government application to compel Apple to crack a password-protected iPhone 5s running iOS 7. The DOJ cited the same statute—the All Writs Act of 1789—that it attempted to use in the San Bernardino case. Orenstein denied the DOJ’s request with a blistering 50-page ruling. That ruling is now being appealed up to a district court judge.
However, the San Bernardino iPhone ran iOS 9, and the New York iPhone ran iOS 7. In other words, the New York iPhone lacks the enhanced security protections that created the high stakes in the San Bernardino case.
The DOJ backed out of the San Bernardino case, claiming to have discovered—at the eleventh hour—a different method of extracting data from the iPhone that did not require Apple’s assistance. According to Apple’s lawyers, this means Apple’s help was no longer “necessary”—a condition under All Writs Act precedent—thus making the government’s request invalid in the first place.
If a judge also adopted Apple’s reasoning, then the New York case would also swing definitively in Apple’s favor, since a phone running iOS 7 can be cracked using existing forensic techniques—like IP Box. The government has claimed that technologies like IP Box are not reliable enough. But an iPhone 5s phone running iOS 7 is certainly more vulnerable than an iPhone 5c running iOS 9, and now law enforcement have gotten into the latter.
At Apple’s request, the timeline in the New York case was delayed pending further decisions in the San Bernardino case. The California case has ended, but a docket update on Tuesday indicates that for now, the government is still pursuing its appeal of Orenstein’s decision. (When asked for comment, the DOJ said it was “not prepared to say anything further until we make a filing in that court," presumably referring to some later filing.)
Although there is still a chance the government might also pull out of the New York case in the near future, its willingness to presently stay the course may indicate that it wants to keep open the possibility of using the All Writs Act against hardware manufacturers in the future.
Apple is set to respond to the government’s appeal brief in the New York case on April 15.