IE 11 is not supported. For an optimal experience visit our site on another browser.

The FBI cracked another iPhone — but it's still not happy with Apple

The announcement echoed previous standoffs between Apple and the Justice Department that have all ended the same way.
Image: Attorney General William Barr speaks at the Department of Justice in Washington on Dec. 3, 2019.
Attorney General William Barr speaks at the Justice Department in Washington on Dec. 3, 2019.Drew Angerer / Getty Images file

After months of claiming that Apple's privacy protections had stalled its investigation, the Justice Department said Monday that it had accessed a terrorism suspect's iPhone with no help from the company.

In a news conference Monday, Attorney General William Barr said Mohammed Alshamrani, the Saudi air force officer accused of killing three classmates and wounding eight other people at Naval Air Station Pensacola, Florida, on Dec. 6, was affiliated with al Qaeda. During the attack, Alshamrani shot one of his two iPhones, which the FBI wanted to examine for possible ties to terrorist groups, authorities said. Apple has consistently held a position that it won't re-engineer its phones for law enforcement.

"Apple's decision has dangerous consequences for public safety and national security and is, in my judgment, unacceptable," Barr said Monday.

The announcement echoed previous standoffs between Apple and the Justice Department that have all ended the same way — with law enforcement finding its own way in to unlock a phone despite claiming it needed Apple's help.

Barr had used the case to renew a decades-old tug-of-war between the justice system and the tech industry over whether private companies should be able to provide encrypted methods of communication so secure that even the companies that make the hardware and the software can't access it.

The FBI was able to eventually access Alshamrani's phone not by an unprecedented technical feat, but rather by "an automated passcode guesser," according to a person familiar with the situation who spoke on condition of anonymity because the person was not authorized to speak publicly on the matter.

Barr — and many others in law enforcement — have consistently slammed Apple over its refusal to undermine its products for law enforcement. At a cybersecurity and law enforcement news conference last year, Barr said it was "only a matter of time before a sensational case crystallizes the issue for the public."

In January, Barr indicated that the Alshamrani case "perfectly illustrates why it is critical that investigators be able to get access to digital evidence once they have obtained a court order based on probable cause."

"We have asked Apple for their help in unlocking the shooter's iPhones. So far, Apple has not given us any substantive assistance," he said at a news conference.

Security experts have resoundingly insisted throughout the years that deliberately creating a so-called backdoor into an encrypted device would inherently create a path for governments and criminals to get in.

Download the NBC News app for breaking news and politics

Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, noted that the FBI was eventually able to find a way into Alshamrani's phone without Apple's help.

That "further draws into question the necessity of requiring Apple to build an access mechanism for law enforcement into their phones," Pfefferkorn said. "However, it is unlikely that the government will wholly let up on calling for such a mandate."

The Justice Department and the tech industry have long found themselves in an uneasy grey area. Even if Apple doesn't provide a way for law enforcement to bypass its encryption, investigators can turn to third-party companies that specialize in exploiting software vulnerabilities to access what's on a protected device.

It is unclear precisely what model or models of iPhone Alshamrani had. If they were older models, it appears likely that they would have been easier to break into. Generally speaking, older software, even on iPhones, is less secure by definition.

Even as far back as January, federal investigators told Apple that they were using automated software to "guess" at the passcodes to the phones, a process known as "brute force."

Two months after a fatal shooting in San Bernardino, California, in December 2015, the Justice Department sought an order asking a federal magistrate judge to order Apple to create a customized version of its iPhone software that would enable the brute force method to work. At the time, the government expressed concern that one of the iPhones belonging to a suspect in the shooting was set to auto-delete itself after 10 password attempts. Any attempt to retrieve evidence would almost certainly fail.

The potential triggering of the auto-delete function doesn't appear to have been a concern in the Pensacola case, however.

FBI Director Christopher Wray echoed Barr's criticism of Apple, saying the government had "received effectively no help" from the company.

An Apple spokesperson said in a statement that the company has done everything it can to cooperate with law enforcement.

Apple responded to the FBI's first requests for information just hours after the attack on Dec. 6 "and continued to support law enforcement during their investigation," the spokesperson said. "We provided every piece of information available to us, including iCloud backups, account information and transactional data for multiple accounts, and we lent continuous and ongoing technical and investigative support to FBI offices in Jacksonville, Pensacola and New York over the months since.

"The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security."