Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Says Apple ID Password on Shooter's iPhone Changed in Government Possession, Losing Access to Data

iphoneclassic said:
This story is getting weirder by every day.

If it is just an accidental Apple Id password change issue, Apple could technically allow this ONE Apple Id to sign-on with/without any credentials and let iCloud auto backup whatever is on the device. Bit more complicated than giving out passwords to social engineers. Of course assumption is no one messed up the device as well.
Click to expand...

Yes the story changes on a daily basis, and we don't know what has been done via the FBI and they are terrified it will be wiped after 10 tries. I would not trust the FBI.
[doublepost=1456019706][/doublepost]
JForestZ34 said:
I hope apple doesn't give in. If so we are all screwed.


James
Click to expand...

I saw a video on youtube and a Judge said it was illegal for a Court to demand a private company to hack someone else's mobile phone, under the US Constitution -

FBI vs Apple.png

[doublepost=1456021104][/doublepost]https://theweek.com/speedreads/6066...ayden-sides-apple-fbi-iphone-encryption-fight
 
skellener said:
I may not like pink Apple hardware, or care about the Apple Watch and I think lately all of Apple's software has be complete crap - but kudos to Tim Cook for not giving in to government demands like back doors. I hope he doesn't budge on this issue.
Click to expand...
I have compassion for Cook.

He finds himself in a nearly impossible bind. Stand for privacy and be the target of Big Government. Or cave in and lose face with the devoted Apple following.

There's no easy way out whatsoever. If Big Government gets its way the years of Apple standing for privacy are over. One of its bragging points gone forever.

This is certainly going to be interesting indeed.
 
  • Like
Reactions: skellener
gavroche said:
Relax... just a little playful joking. And you sort of open yourself up to it when you make very definitive statements, like:

"No the FBI did NOT change the password!
Someone at the County IT dept REMOTELY changed the password after the phone was already in possession of the FBI.
What we don't know is whether it was done maliciously or out of stupidity!"

I would suggest that before you make such a bold statement of fact, and only present those two possible options, that you first have read the full available information (in the posts above yours as well as referenced article)...
Click to expand...

"The auto reset was executed by a county information technology employee, according to a federal official. Federal investigators only found out about the reset after it had occurred and that the county employee acted on his own, not on the orders of federal authorities, the source said."

http://abcnews.go.com/US/san-bernar...passcode-changed-government/story?id=37066070
 
Arndroid said:
So the FBI is not part of the executive branch?
Click to expand...

"The Federal Bureau of Investigation has significant autonomy in carrying out intelligence and law enforcement activities. The FBI is part of the U.S. Department of Justice, which is under the authority of the federal Executive Branch. Agents that work in the FBI report directly to the agency's director. The director is appointed by the president and confirmed by the U.S. Senate."

http://work.chron.com/branch-fbi-agents-part-of-27312.html
 
Keirasplace said:
The FBI is totally independent from the WH, you knew that but had to spout garbage. That's been the case since Watergate.
Click to expand...
It's independent in theory, but it still answers to the DOJ, which is NOT independent, and last time I checked, also filed a strongly worded motion asking the judge to force Apple to open up the iPhone.
 
I had to laugh. I mean, cringe, and then, laugh inside.

Someone using a PC motherboard with a TPM chip, encrypted their hard drive, and didn't make the backup disk...

The motherboard died. The replacement came, and his drive was unrecoverable. He was warned...

This happened years ago. I don't know if it changed meaning the recovery is easier, but I doubt it.
[doublepost=1456023150][/doublepost]
Rogifan said:
If iCloud backup was turned off in settings how does Apple get that data?

According to Guardian reporter Danny Yardon Apple says no other country has asked it to do what the DOJ/FBI is seeking.
Click to expand...

You can't believe everythintg that you read. I read an article that stated that the iPhone in question wasn't the shooters, but was an employee of the agency he worked at. Then I heard it was the iPhone of a friend of the shooter. Now I read that it's the iPhone of the actual shooter. I don't know what to believe, except that I need to change my iCloud password before I do anything really naughty...
 
KPOM said:
It's independent in theory, but it still answers to the DOJ, which is NOT independent, and last time I checked, also filed a strongly worded motion asking the judge to force Apple to open up the iPhone.
Click to expand...

Give me a proper info saying it's not independent or stop asserting falsehood; that's all I'll say.

That they both want the same thing is not a proof that they are dependent; other local juridictions have been chaffing at this so it's not surprising that the DOJ has a opinion on this. It had the same opinion BEFORE this FBI request occured.

It's basically the standard position of all law enforcement, regardless who is in office.
 
nicho said:
The fbi blames the owner of the phone (the San Bernardino department of health) in the source article.
Click to expand...

They don't blame anyone. It is clear that the fbi thought it would be a good idea to reset the password. They just missed the chance to allow the iPhone to back itself up.

But maybe the phone wasn't set to backup anymore
Maybe it was already wiped clean.
Maybe there isn't even anything more to the story.
 
  • Like
Reactions: LizKat
Mac 128 said:
....Getting into the actual phone is a different matter. Makes me a little more concerned about what of my data is on Apple servers right now ...
Click to expand...

You set what you want sent to the cloud so it's in your control.
 
Etan1000 said:
"The auto reset was executed by a county information technology employee, according to a federal official. Federal investigators only found out about the reset after it had occurred and that the county employee acted on his own, not on the orders of federal authorities, the source said."

http://abcnews.go.com/US/san-bernar...passcode-changed-government/story?id=37066070
Click to expand...

One contradiction after another!:

FBI asked San Bernardino to reset the password for shooter’s phone backup

"In the chaotic aftermath of the shootings in San Bernardino, Calif., in December, FBI investigators seeking to recover data from the iPhone of one of the shooters asked a technician in the California county to reset the phone’s iCloud password.

But that action foreclosed the possibility of an automatic backup to the Apple iCloud servers that might have turned up more clues to the origins of the terrorist attack that killed 14 people.

“The county and the FBI were working together cooperatively to obtain data, and at the point when it became clear the only way to accomplish the task at hand was to reset the iCloud password, the FBI asked the county to do so, and the county complied,” David Wert, a spokesman for San Bernardino County, said in an email."

https://www.washingtonpost.com/worl...fe9684-d800-11e5-be55-2cc3c1e4b76b_story.html
 
RobertMartens said:
They don't blame anyone. It is clear that the fbi thought it would be a good idea to reset the password. They just missed the chance to allow the iPhone to back itself up.

But maybe the phone wasn't set to backup anymore
Maybe it was already wiped clean.
Maybe there isn't even anything more to the story.
Click to expand...

Yeah, heck of a thing to hang some precedent-seeking court case on if you ask me (which of course the FBI did not).
 
MacRumors said:



Shortly after the U.S. Department of Justice filed a motion demanding Apple comply with an order to help it unlock the iPhone 5c of San Bernardino shooter Syed Farook, Apple executives shared key information with several reporters, including BuzzFeed's John Paczkowski, about government missteps that may have led to reduced access to the iPhone in question.

2015-10-01-tim-cook-0019edit_wide-da972704bfb8889652c3befb6c814e3b465055f9-s1600-c85-800x450.jpg

According to Apple, the Apple ID password on the iPhone was changed "less than 24 hours" after being in government hands. Had the password not been altered, Apple believes the backup information the government is asking for could have been accessible to Apple engineers. The FBI has said it has access to weekly iCloud backups leading up to October 19, but not after that date, and it is seeking later information that could be stored on the device.Apple executives said the entire backdoor demand could have potentially been avoided if the Apple ID password not been changed, as connecting to a known Wi-Fi network would have caused the device to start backing up automatically so long as iCloud backups were enabled. Instead, with the information inaccessible, the FBI has requested tools that set what Apple calls a "dangerous precedent." The FBI wants a version of iOS that accepts electronic passcode input and removes passcode features like time limits and data erasure following failures.

Apple says the software would be the equivalent of a master key that could be used to access millions of devices (including Apple's newest iPhones and iPads) and has called the demand an "overreach" with chilling implications. Apple executives today also refuted the DOJ's claim that the company's refusal to comply is a marketing tactic, saying it was done based on "love for the country" and "desire not to see civil liberties tossed aside."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: Apple Says Apple ID Password on Shooter's iPhone Changed in Government Possession, Losing Access to Data
Click to expand...
call me simple, but I would've thought it'd be obvious.
Apple - upon hearing of the incident - contact the FBI to say, we may be able to assist you with your investigation.
FBI - hello Apple, we have a situation here - can you assist?
all in strictest confidence of course, but instead we now have all these self-righteous posturings over 'privacy'.
since when did terrorists give a rip about that, unless it suited their purposes.
Tim has blown it imho - and so have the FBI
 
Last edited:
RobertMartens said:
They don't blame anyone. It is clear that the fbi thought it would be a good idea to reset the password. They just missed the chance to allow the iPhone to back itself up.

But maybe the phone wasn't set to backup anymore
Maybe it was already wiped clean.
Maybe there isn't even anything more to the story.
Click to expand...

It wasn't clear at the time I wrote that. Developing story and all that.
 
Etan1000 said:
One contradiction after another!:

FBI asked San Bernardino to reset the password for shooter’s phone backup

"In the chaotic aftermath of the shootings in San Bernardino, Calif., in December, FBI investigators seeking to recover data from the iPhone of one of the shooters asked a technician in the California county to reset the phone’s iCloud password.

But that action foreclosed the possibility of an automatic backup to the Apple iCloud servers that might have turned up more clues to the origins of the terrorist attack that killed 14 people.

“The county and the FBI were working together cooperatively to obtain data, and at the point when it became clear the only way to accomplish the task at hand was to reset the iCloud password, the FBI asked the county to do so, and the county complied,” David Wert, a spokesman for San Bernardino County, said in an email."

https://www.washingtonpost.com/worl...fe9684-d800-11e5-be55-2cc3c1e4b76b_story.html
Click to expand...


Just read that. So it was done at the request of the FBI. Now that we have a real name and such I think we can believe it. Kind of wondered if someone had spoofed the twitter post.
[doublepost=1456039026][/doublepost]OK now this LA Times report just published a few minutes ago after the Washington Post story of the resetting of the iCloud password seems to provide even more conflicting info like the timeframe involved. Very hard to follow the events. So Apple actually sent some one down there help out too.

http://www.latimes.com/local/lanow/la-me-ln-fbi--terror-suspect-s-iphone-20160220-story.html
 
Last edited:
Very interesting perspectives from Jonathan Zdziarski's blog. You can read about his background as a forensic scientist under About Me. And do check out his Resume/CV area (He's testified for the Prosecution for the State of California as an iPhone Forensic Imaging on several cases). Then read his blog posts, especially the blog regarding the Forensic Methodology in order to get an understanding for the forensic tool being requested. Wonder if Jonathan will be helping Apple's legal team out at some point.

http://www.zdziarski.com/blog/
 
Last edited:
Mac 128 said:
Yes that's correct, but Apple stated they were surprised when connecting the phone to a known network that it did not automatically back up. That's when they discobpvered someone reset the password. Which tells me, Apple has a way to look at the phones iCloud settings to know it would auto backup when connected to a known network. Apple EXPECTED the phone to auto backup, but it didn't. Why would they expect that if they couldn't look at the phones settings to know whether it was enabled or not?

Apple can get into your Apple ID and iCloud account anytime they want, and have done so many times to mine when I've called for support help. And they've been able to do some fancy things while they're in there.

That's all I'm saying.

Getting into the actual phone is a different matter. Makes me a little more concerned about what of my data is on Apple servers right now ...
Click to expand...

They had iCloud data from previous auto-backups up to a week, so this setting was already known. But i'm sure the settings are not encrypted, only the data.

What did they do when you called support that was so special and was this after or before 2015?
 
lolkthxbai said:
So, we know Apple cooperated with the FBI in the days following the attack. It was reportedly just iCloud backups that was handed over but now that the password was changed, the plan they had wasn't going to work. The plan was to have the phone connect to a known wifi network and connected to a charger so it could create a backup automatically, as it should. The the FBI could request the backup data without unlocking the phone. BUT, like I said, the password was changed. So now you HAVE TO unlock the phone and input the new password for the Apple ID before you can create a backup again. But that's the problem, we don't know the passcode. :)
Click to expand...
Can't you just change the password back to what it was before?
 
Mike Oxard said:
Can't you just change the password back to what it was before?
Click to expand...
If you knew the old password, you could. But obviously they didn't know the old password. If they had known the old password, there would have been no need to change it.

Basically all sites where you have a password allow you to do a password reset, where you can enter a new password. The site doesn't know your password. iCloud doesn't know your password. Actually, any site that _knows_ your password is considered criminally insecure.

Usually you click on a button somewhere, and the server sends an email to your email address, and you click on a link on that email and change your password. They had access to the guys email, so they were able to change the password without knowing it. That's the most common reason why people change their passwords, because they forgot the old one.
 
  • Like
Reactions: Mike Oxard
B4U said:
The very sad part is, our President is on the government side of this issue, demanding the backdoor.
I did not vote him into the office for this kind of crap...
Click to expand...
Yeah, and the leading Republican Presidential candidate has called for a boycott of Apple over this. For politicians, this is a very tough call, mostly because they don't understand the technology enough to know that what the FBI is asking for is not possible because there is no way to put in a back door that bad guys won't find.
 
The more I read, the more I'm concerned. I will use myself as an example. I use 1Password, and use 32 character passwords, random, alpha-numeric, special characters, etc. The whole nine. I have a 32 character passphrase to open 1Password, as well as for my Mac. So my Mac and 1Password are locked down, and those are the only two passwords I have in my head. They are written down nowhere else.

Now, let's say the FBI knows my Apple ID (email), which would be probably not to hard to find out. If the FBI can get a court order to make Apple give up my account, essentially reset the password to allow FBI into my iCloud account and see my email, they can essentially request a password change on any of my online accounts, and change the password to whatever they want, and simply get in that way. This renders 1Password useless as a password manager to deal with the government.

Is our Apple ID data (iCloud/email/etc.) encrypted WHILE Apple doesn't have any keys (like they don't save for the iPhone)??? If our Apple ID data is encrypted and Apple doesn't save any keys to decrypt that data without our password, the above doesn't mean a thing. But if Apple can simply "reset" our Apple ID password for the FBI, and the FBI can log in and simply go to every website they want to and request a password change, that would be bad.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back