[pullquote]But earlier it was alleged that the FBI had recovered iCloud data. In that statement the FBI said the backups had ended two weeks before the attack. Which triggers another question. How did the FBI recover the earlier data if they did not have the old iCloud password?[/pullquote]
Opening note: throughout this series I have refrained from using the names of the terrorists. This has been (and will continue to be) my policy on all my blogs. Terrorists will not be named. This may slightly reduce the incentives for terrorist attacks. No, I am not delusional. I realize the impact of my move will be practically nonexistent.
This is the third update to the original article. Click here to read the whole thing (including links to all updates).
← Here’s the bottom line.
Apple vs FBI curiouser and curiouser. This morning’s San Jose Mercury-News reported “County reports it reset Apple Password.” I encourage everyone to read this article. If you can figure out what the article is trying to report, please let me know.
However, here’s my reading. Let’s start with the first two paragraphs:
SAN BERNARDINO — The iCloud account connected to [name redacted]’s Apple iPhone was reset in the hours after the Dec. 2 terrorist attack in San Bernardino, according to a motion filed Friday by federal prosecutors in U.S. District Court in Riverside.
The account was reset by a San Bernardino County employee in an effort to gain access to iCloud information connected to [name redacted], according to the filing. The iPhone is a county issued phone. [name redacted] was a health inspector for the county. Late Friday night, the county’s Twitter account, @CountyWire, acknowledged that the password for the iCloud account had been reset. “The County was working cooperatively with the FBI when it reset the iCloud password at the FBI’s request,” the tweet read.
This at least confirms that the phone in question was the terrorist’s work phone. Which goes back to a question I raised in an earlier article. Why is the FBI so hot to break into this phone? There’s almost zero chance that it contains any information relevant to their investigation.
But this raises another question. Why didn’t the County and the FBI consult with Apple before changing the password? Here the story gets a little muddled. Here’s an interesting segment from the Mercury-News story:
One of those suggestions “and their deficiencies” as noted in the document, was “to attempt an auto-backup of the SUBJECT DEVICE with the related iCloud account (which would not work in this case becauseneither the owner nor the government knew the password to the iCloud account, and the owner, in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup).”
But earlier it was alleged that the FBI had recovered iCloud data. In that statement the FBI said the backups had ended two weeks before the attack. Which triggers another question. How did the FBI recover the earlier data if they did not have the old iCloud password? (The iCloud password is the same as the Apple ID password — at least as far as I know. Apple enforces security on this password even more strictly than iOS passcodes. After three unsuccessful login attempts your account is disabled and you are forced to go through a lengthy and painful password reset process. Both my lovely wife and I have learned this from a number of episodes.)