Apple: San Bernardino iPhone hack could take up to 4 weeks, 10 employees

Joining a nationwide show of support, Tom Wolff holds a sign outside an Apple store in Santa Monica on Feb. 23 backing Apple's refusal to create software to circumvent security measures on a terrorist's phone.

Joining a nationwide show of support, Tom Wolff holds a sign outside an Apple store in Santa Monica on Feb. 23 backing Apple’s refusal to create software to circumvent security measures on a terrorist’s phone.

(Katie Falkenberg / Los Angeles Times)

It would take Apple Inc. two to four weeks and up to 10 employees to help the FBI unlock the iPhone of San Bernardino shooter Syed Rizwan Farook, an Apple official said in the company’s much-anticipated court filing Thursday.

Erik Neuenschwander, manager of user privacy at Apple, stated in the court filing that “the design, creation, validation and deployment” of new software sought by the FBI — which Apple has dubbed “GovtOS” — would require six to 10 Apple employees to give “a very substantial portion of their time for two weeks at a minimum, and likely as many as four weeks.”

The team wouldn’t just be removing a few lines of software code, he said. They’d have to overcome new challenges, including slimming the iOS operating system that powers iPhones so that it can run on a smaller memory chip. The FBI has requested that functionality to reduce the chance of damaging the storage space where Farook’s data sits.


The new software also would need testing because “changing one feature of an operating system often has ancillary or unanticipated consequences,” Neuenschwander wrote. “The potential for such consequences increases with the number of changes to the operating system.”

His comments are part of Apple’s challenge to a federal court order that requires the company to develop software to circumvent iPhone security features that the FBI says is hindering its ability to extract data from Farook’s smartphone.

Apple is arguing to a federal judge that helping the FBI would be unduly burdensome, a legal overreach and a violation of its constitutional rights. It is asking the judge to vacate a court order that compels Apple to cooperate.

The FBI can use a program to decrypt the iPhone’s contents by automatically guessing a passcode, but attempting that process without Apple’s help carries a major risk of making the data permanently inaccessible.

One reason is that after a certain number of failed attempts to guess the passcode, the iPhone imposes an “infinite” time delay between attempts to the point that the device “will refuse to accept any further passcode entries” — even if an automatic data erasure feature isn’t turned on, Neuenschwander wrote.

The FBI argues that files, photos, messages and other information on the iPhone could help the agency fully track the movements of Farook and his wife, Tashfeen Malik, on Dec. 2, when they stormed a work gathering at the Inland Regional Center, opened fire and later died in a gunfight with authorities. Investigators also say they want to better understand if the couple received help in planning the attack.


FULL COVERAGE: Apple’s fight with the FBI >>

In Thursday’s filing, Neuenschwander called out Farook’s employer for not using so-called mobile device management software. With that, Farook’s managers at the San Bernardino County Public Health Department could have cleared the passcode and changed settings on his phone without any input from him, Neuenschwander said.

Apple has already provided investigators with Farook’s online backups, including copies of his emails, and other customer information in response to four court orders, according to Thursday’s filing.

But Apple specifically designed new security settings in recent years to make some data on the iPhone less susceptible to intrusions, including from authorities. It left a gap, though, to reset the phone without user consent for troubleshooting purposes, and that’s the hole the FBI wants to exploit.

The standoff has riled privacy rights advocates who say forcing Apple to unlock one phone would undermine security best-practices and open the door to requests from governments from around the world to unlock phones.

Politicians, law enforcement agencies and victims’ families say technology companies should not obstruct crime-fighting. Some have called for Apple to make exceptions for terrorism cases.

Neuenschwander said in the court document that creating the circumvention software even once is problematic.

For one, destroying virtual goods is difficult, he said, because the people who created it will know how to do so again. In addition, Apple would need to preserve a description of its process for potential use in court.

“The government, or anyone else, could use such records and logs as a roadmap to recreate Apple’s methodology, even if the operating system and underlying code no longer exist,” Neuenschwander said.

If Apple fulfills the San Bernardino request, there will be more, the company has argued. Each request would require almost just as much as work as the first because the software would need to be adjusted for an individual phone’s settings. And Apple would have to protect the underlying circumvention software the same way it does “its most sensitive trade secrets,” Neuenschwander said.

Apple has vowed to take the San Bernardino case to the Supreme Court if needed. Microsoft Corp., Facebook Inc. and Google-parent Alphabet Inc. are expected to file briefs supporting Apple in the case. Meanwhile, Apple and Microsoft have called on Congress to debate the level of access that authorities should get into the devices and online accounts of their users.

Chat with me on Twitter @peard33

See more of our top stories on Facebook >>


Apple court papers: FBI is seeking ‘dangerous power’ that violates its constitutional rights

FBI director calls Apple case ‘hardest question’ in government

Whether Apple or FBI is winning the PR war depends on which poll you’re looking at