Apple has a long history of preventing digital forensic investigators from legally collecting evidence stored on its mobile devices, all in the name of protecting the data of its customers from hackers. This puts Apple in direct conflict with American law enforcement. But thanks to some new forensic technology, there was an uneasy peace between police, the FBI, and the Cupertino, CA-based company. Then last month, the war commenced again when Apple updated its software and blocked an exploit used by forensic examiners.
A little background. The most common way that digital forensics experts use to break into a password-protected device is called a "brute force attack." Basically, you connect the device to a computer and it starts cycling through password combinations until the lock is picked. Apple shut down that exploit a few years back. Now, if you start typing in the wrong passwords into an iPhone, you can very quickly "brick" it and make the data unrecoverable.
Apple's password encryption tech was at the crux of a fight between the FBI and the company back in 2015. The FBI asked Apple to help it break into the phone of deceased San Bernardino Massacre terrorist Syed Farook and Apple refused. The whole thing got really heated. Then, suddenly, the FBI dropped its lawsuit. What happened is the FBI paid an undisclosed Israeli expert to crack the Farook phone. Soon after that, two companies—Cellebrite and Grayshift—were offering iPhone cracking tech to law enforcement agencies. But now Apple has reportedly shut down this exploit, once again blocking American investigators from accessing data on iPhones and iPads, even under warrant or subpoena. (Neither Grayshift nor Cellebrite has publicly responded to these reports.)
It's stunning how much effort Apple puts into frustrating American investigators. It's also stunningly hypocritical when you consider how the company recently bent over for the Chinese.
This year Apple agreed to comply with Chinese law and transferred all of the iCloud data for its Chinese customers to a Chinese company with servers in China, Guizhou-Cloud Big Data (GCBD). This transfer reportedly includes the encryption keys that give the holder access to all that personal data. Even if GCBD isn't at least partially owned by the Chinese Communist Party—which it probably is—you can bet that no one at this company is going to refuse a request to supply the Ministry of State Security with all that Apple customer data.
So why did Apple make their Chinese customers' data available to the secret police on demand? It had no choice. It was either that or stop operating in China. And the Chinese Communist Party has Apple by the shorthairs. The company cherishes its share of the Chinese phone market, even though that market share is rapidly declining as domestic Chinese companies undercut Apple's prices. But what it really cherishes is access to Foxconn's massive production facility in Shenzhen. Almost every iPhone that Apple sells worldwide is assembled in that factory. The low-cost labor of people working and living at that facility is the primary driver of Apple's profit margins. If the Chinese government were to shut Apple out of Foxconn or even reduce Apple's access to it, then things would get really tense in Cupertino. For the record, Apple denies its Chinese cloud partner could compromise the privacy of its Chinese customers. Which is utter nonsense.
In contrast, Apple prides itself on protecting the privacy of its American customers, even to the point of foiling law enforcement investigations. Which is dangerous for public safety. Blocking the password limit exploit last month was not at all necessary to make the iPhone more secure from hackers. All it did was make it harder for American police to pursue their cases against murderers, human traffickers, drug dealers, child pornographers, and other heinous criminals.
The good news is that cyber forensics experts will soon come up with a new exploit that will allow them to access evidence from iPhones. The bad news is Apple will surely shut that one down, too. That's the way this game is played. And it stinks. No American company, even one with a trillion dollars in market value, should be allowed to foil the lawful investigations of American police operating under warrant or subpoena. This is especially true when that company plays by totally different rules in an oppressive Communist country, just to protect its bottom line.