Encryption & Key Management , Endpoint Security , Next-Generation Technologies & Secure Development

FBI Still Trying to Unlock Texas Killer's Smartphone

Mass Shooting Tragedy Sparks Fresh Encryption Debate
FBI Still Trying to Unlock Texas Killer's Smartphone
The FBI has not identified the deceased killer's smartphone, but news reports suggest it is an iPhone.

The FBI is still working to unlock the mobile phone of Devin P. Kelley, who shot and killed 26 people in a church in a rural Texas town on Sunday. The bureau's revelation seems certain to revive the contentious debate over the use of strong encryption to protect consumers and their devices.

See Also: FAQs Before Deploying Advanced Malware Protection

The smartphone has been sent to the FBI headquarters in Quantico, Virginia, for analysis, Christopher Combs, FBI special agent in charge, said during a Tuesday press conference.

Combs said encryption is again proving to be an obstacle to law enforcement investigations.

"Unfortunately at this point in time, we are unable to get into that phone," Combs said. "So it actually highlights an issue you've all heard about before. With the advance of the technology and the phones and the encryptions [sic], law enforcement - whether it's at the state, local or the federal - is increasingly not able to get into these phones."

Combs didn't identify the type of phone Kelley was using, so as to not tip off others as to what model of device is frustrating law enforcement. The New York Times, however, reported that it is an Apple iPhone, although did not specify the model.

"I'm not going to describe what phone it is because I don't want to tell every bad guy out there what phone to buy to harass our efforts on trying to find justice here," Combs said. "I can assure you we are working very hard to get into the phone, and that will continue until we find an answer."

Kelley committed suicide shortly after the attack, which occurred at First Baptist Church in Sutherland Springs, Texas.

Dead Man's Fingerprints

In theory, law enforcement could still have used his fingerprints to unlock the device, Reuters reported Wednesday. On an iPhone, Touch ID - the home button, which doubles as a fingerprint sensor - can be used to unlock a device for up to 48 hours after it was last used.

After that time period, the iPhone's passcode must be entered. Citing an anonymous source, Reuters reported that Apple did not receive any requests for technical assistance from law enforcement between the shooting and Combs' press conference - a period of about 48 hours.

The FBI's linking of the debate over law enforcement access to encrypted content in light of yet another mass shooting tragedy in the United States is sure to stoke an emotive debate that puts further pressure on technology companies that use strong encryption.

Following former National Security Agency contractor Edward Snowden's revelations, companies such as Apple, Google and Facebook in recent years have sought to design communications systems that are more resistant to hackers, cybercriminals and unauthorized government surveillance.

Encryption systems are now often designed to be "end-to-end," meaning only senders and recipients hold the keys necessary to decrypt content.

Technology companies have dismissed ideas of also retaining a key that could be turned over to law enforcement as too risky, given increasingly sophisticated hacking attempts coming from cybercriminals and nation-states.

Apple: Encryption Defender

Apple has been at the forefront of the encryption debate after it resisted legal orders to help law enforcement break into the iPhone 5c used by Syed Rizwan Farook, which he had been issued by his employer. Farook and his wife opened fire at a holiday party at his workplace in San Bernardino, California, in December 2015, killing 14 people.

Apple was ordered by a federal court to create software to disable either the auto-erase on Farook's iPhone 5c or enable unlimited password guesses. Investigators feared Farook had enabled a feature in iOS 9 that would delete all data on a device after 10 incorrect password-entry attempts.

But Apple went to the mat, with CEO Tim Cook arguing that creating such software would be a "cancer" that would jeopardize the security of millions of iPhone users.

The Department of Justice dropped the lawsuit against Apple after saying it found another way to break into the device, a method suspected to be a software exploit.

Stalled Legislation

Senior government and law enforcement officials in the United States, as well as the United Kingdom and Australia, continue to support legislation that would compel technology companies to provide a way to access encrypted content.

U.S. Deputy Attorney General Rod J. Rosenstein said during a speech at the U.S. Naval Academy on Oct. 10 that thousands of seized devices are in storage and "impervious to search warrants."

Rosenstein added: "Over the past year, the FBI was unable to access about 7,500 mobile devices submitted to its Computer Analysis and Response Team, even though there was legal authority to do so."

In the wake of the San Bernardino attacks, two U.S. senators - Republican Richard Burr of North Carolina and Democrat Dianne Feinstein of California - drafted a bill in early 2016 that would have required the technology companies' cooperation in order to crack encrypted content and devices (see Encryption Compromise: A Fleeting Dream).

But the legislation, called Compliance with Court Orders Act of 2016, failed to gain traction after receiving tepid support from other lawmakers and opposition from the technology industry.


About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.