As odd as this may sound, federal investigators will do Apple and its customers a huge favor if they find a way to hack into a dead terrorist's iPhone without the company's help.
U.S. Magistrate Judge Sheri Pym had tentatively ordered Apple to help the FBI unlock the iPhone used by Syed Rizwan Farook before he and his wife shot 14 people to death in San Bernardino. The Justice Department had been scheduled to grill Apple's top cryptographer Tuesday as part of the company's challenge to Pym's order. But at the last minute, the feds revealed that a third party had come forward with a possible way to circumvent Apple's security. Pym responded by calling off the hearing and suspending her order.
If the FBI's new method proves successful, it would avert the possibility of Pym setting a dangerous precedent: that companies can be ordered to create new products to serve the government's needs at the expense of their customers' privacy, safety and security. The FBI had sought, and Pym had initially granted, an order that would have required Apple to rewrite its operating system to remove features that made its devices harder to crack. Such orders would make sense if the only concern were the secrets bad people might be hiding on their devices. But the more pervasive threat is the one posed by cybercriminals and their incessant efforts to penetrate anything connected to the Internet. The best defense is to make devices ever more secure, as Apple and others have been trying to do.
No type of security is perfect, however, and the effort to stop hackers is an endless game of cat-and-mouse. Rather than using the courts to force the likes of Apple to weaken the safeguards on their devices — creating vulnerabilities that law enforcement agencies around the country would seek to use on seized phones, tablets and laptops, raising the likelihood that they'd fall into hackers' hands — the feds need to gather evidence in ways that don't create broad new threats to data security. That includes working with third parties to find existing weaknesses, as the FBI is doing now.
Hackers are searching for weaknesses too, which is why Apple has upgraded its security software several times since releasing the version used on Farook's iPhone. Those upgrades will inevitably frustrate investigators eager to look into a suspect's phone for keys to past and future crimes or terrorist attacks. But that's an argument for federal investigators to become highly skilled at the cat-and-mouse game, rather than demanding that tech companies make it easier for them to win.