San Bernardino iPhone 5C: Everything We Know

On Tuesday, Apple and the FBI return to court to hear U.S. Magistrate Judge Sheri Pym’s opinion on the San Bernardino iPhone case. It’s a case that’s been under an enormous amount of public scrutiny since law enforcement requested that Apple help the FBI search an iPhone 5C that was used by one of the shooters in the December attack. Apple had complied throughout the investigation until the FBI demanded that the company assist it unlocking the phone, and Apple chief Tim Cook wrote that high-profile “letter to our customers.”

This particular iPhone 5C has become a new symbol of the privacy debate. Edward Snowden has declared the case one of the most important rulings of security and privacy. CEO Tim Cook told ABC World News:

“This case is not about my phone,” Cook said. “This case is about the future. What is at stake here is can the government compel Apple to write software that we believe would make hundreds of millions of customers vulnerable around the world, including the U.S.”

Before we hear what Judge Pym has to say, let’s go over some of the details about the iPhone 5C that everyone has been talking about.

Who actually owns the iPhone in question?

The sequestered iPhone 5C was not present during the shooting, and it isn’t actually owned by either of the two shooters, Syed Farook and Tashfeen Malik. The phone is owned by the San Bernardino County Health Department, and was given to Farook for work purposes. Farook and Malik destroyed their personal devices beyond the point of information recovery. It’s uncertain if they forgot to destroy Farook’s work phone, or if it doesn’t hold any information pertaining to the shooting.

What is the security program on the iPhone?

The iOS 9 system, which is on the county-owned iPhone 5C, has an elaborate data protection program. Apple’s support web page explains how most of the important information on an iPhone is encrypted behind your passcode — photos, messages, contacts, reminders, call history:

Data protection enhances the built-in hardware encryption by protecting the hardware encryption keys with your passcode. This provides an additional layer of protection for your email messages attachments, and third-party applications.

The system has a 10-tries-and-wipe feature, so if your iPhone is stolen or is under “brute-force-attack” — where a hacker bombards the iPhone with passcodes until it unlocks — your information will still be protected.

On the iPhone 5S and later, the system also protects data with “Secure Enclave” even if the phone is compromised:

“The Secure Enclave holds a second passcode for the vault door into the encrypted phone data — and both are necessary for it to open.

The enclave watches you as you input your passcode. If you keep getting it wrong, it makes you wait longer and longer before putting in its own passcode. No iOS modification can make the enclave cooperate — it runs its own, separate code.”

While the iPhone 5C doesn’t have this feature, Tech Insider explains how some security experts believe the program the FBI wants Apple to develop could also bypass this extra feature.

Why does the FBI need Apple and what does it want the company to do?

If the FBI investigators fail 10 times at entering the passcode, all the data on the phone will be erased. Apple is the only company with the ability to create a new version of the firmware that will bypass security features. The FBI’s official order states that Apple will help it accomplish three things:

1) It will bypass or disable the auto-erase function whether or not it had been enabled.

2) It will enable the FBI to submit passcodes to the county’s iPhone 5C for testing electronically through the device’s port, Bluetooth, wifi, or any other protocol on the device.

3) It will ensure that when the FBI enters various passcodes, the software will not purposefully introduce any additional delay between passcode attempts (every time you incorrectly enter the passcode the phone blocks you from trying again, each time a longer time interval) beyond what is incurred by Apple hardware.

Why can’t the FBI use iCloud to get the information on the phone?

The FBI was actually able to get a hold of data that had been backed up to iCloud a month prior to the shootings, but nothing closer to the day, according to Wired. Strangely enough, Farook’s Apple ID password — which gives access to information stored on the iCloud — was changed within 24-hours after the attack. A tweet claimed that the San Bernardino Health Department was working with the FBI when the password reset. If this didn’t happen, Apple would have been able to get into the phone without having to create the new program that the FBI is requesting.

Can you use the finger of the late Syed Farook to unlock the phone with the Touch ID?

As unethical and illegal as this may sound, people have asked this question. And the answer is a hard no. First, this would be illegal. Second, the iPhone 5C doesn’t have Touch ID technology — iPhone 5S was the first phone to have the feature. Third, it probably wouldn’t even work. In 2013, Engagdet asked if you could unlock the iPhone 5S with a finger that had been chopped off:

“There are actually more than a half-dozen different technologies — and combinations thereof — that various devices employ to read prints, with varying levels of reliability, and yes, some of them would indeed work with a finger you chopped off of a dear friend, but the Touch ID sensor on the iPhone 5s isn’t one of them.”

Engadget explained that the Touch ID capacitive and radio frequency sensors respond to the electrical charges running through your skin and living tissue, which “means that only a finger attached to a beating heart will be able to unlock it.”

Correction: The iPhone 5C has an A6 chip. The Secure Enclave coprocessor wasn’t released until its inclusion with the A7 chip. An earlier version of this story incorrectly stated the 5C had the Secure Enclave coprocessor.