The Texas Rangers have served Apple a warrant for iPhone and iCloud data connected to the recent mass shooter Devin Patrick Kelley. However, it is unknown whether Kelley actually used iCloud to store data, and unlikely that Apple will be able or willing to help unlock the iPhone:
Texas Rangers investigating the mass shooting in Sutherland Springs have served a search warrant on Silicon Valley giant Apple Inc. and are seeking digital photos, messages, documents and other types of data that might have been stored by gunman Devin Patrick Kelley, who was found with an iPhone after he killed himself.
Court records obtained by the San Antonio Express-News show Texas Ranger Kevin Wright obtained search warrants on Nov. 9 for files stored on Kelley's iPhone, a second mobile phone found near his body and for files stored in Kelley's iCloud account — Apple's digital archive that can sync iPhone files.
The iCloud feature is an optional service. Obtaining such records, if they exist, directly from Apple could aid authorities investigating the worst mass shooting in modern Texas history. Apple's policy regarding iCloud content states that material may be provided to law enforcement agencies if they obtain search warrants.
In addition, the FBI may have already screwed it up.
Also at Engadget, BGR, and Fast Company.
Related Stories
Federal authorities are responding to a shooting at the First Baptist Church in Sutherland Springs, Texas, a small community southeast of San Antonio.
In a press conference Sunday night, an official from the Texas Department of Public Safety described the scene: Around 11:20 am, the suspect, dressed in black, approached the church and began firing an assault rifle. He then entered the church and continued firing.
Gov. Greg Abbott confirmed that at least 26 people were killed. A Texas Department of Public Safety official said the ages of the victims ranged from 5 to 72 years old. The AP reports that the pastor's 14-year-old daughter is among the dead.
The Department of Public Safety confirmed to NPR that at least 20 others were wounded. A DPS official said in the press conference that the gunman was confronted by an armed civilian outside of the church.
The shooter, who was found dead in neighboring Guadalupe County, has been identified as Devin Kelley, 26, a former Air Force member.
At a press conference, an FBI spokesman blamed industry standard encryption for preventing the agency from accessing the recent Texas mass shooter's locked iPhone. Reuters later reported that the FBI did not try to contact Apple during a 48-hour window in which the shooter's fingerprint may have been able to unlock the phone. Apple said in a statement that after seeing the press conference, the company contacted the FBI itself to offer assistance. Finally, the Washington Post reports (archive) that an FBI official acknowledged Apple's offer but said it did not need the company's assistance:
After the FBI said it was dealing with a phone it couldn't open, Apple reached out to the bureau to learn whether the phone was an iPhone and whether the FBI was seeking assistance. An FBI official responded late Tuesday, saying that it was an iPhone but that the agency was not asking anything of the company at this point. That's because experts at the FBI's lab in Quantico, Va., are trying to determine if there are other methods, such as cloud storage or a linked laptop, that would provide access to the phone's data, these people said. They said that process could take weeks.
If the FBI and Apple had talked to each other in the first two days after the attack, it's possible the device might already be open. That time frame may have been critical because Apple's iPhone "Touch ID" — which uses a fingerprint to unlock the device — stops working after 48 hours. It wasn't immediately clear whether the gunman had activated Touch ID on his phone, but more than 80 percent of iPhone owners do use that feature. If the bureau had consulted the company, Apple engineers would likely have told the bureau to take steps such as putting the dead gunman's finger to the phone to see if doing so would unlock it. It was unclear whether the FBI tried to use the dead man's finger to open the device in the first two days.
In a statement, Apple said: "Our team immediately reached out to the FBI after learning from their press conference on Tuesday that investigators were trying to access a mobile phone. We offered assistance and said we would expedite our response to any legal process they send us."
Also at Engadget.
Related: Apple Lawyer and FBI Director Appear Before Congress
Apple Engineers Discussing Civil Disobedience If Ordered to Unlock IPhone
Senator Dianne Feinstein Claims That the FBI Paid $900,000 to Break Into a Locked iPhone
Federal Court Rules That the FBI Does Not Have to Disclose Name of iPhone Hacking Vendor
(Score: 5, Insightful) by Snotnose on Tuesday November 21 2017, @01:58AM (15 children)
They had 48 hours to get his fingerprint info. You really think the fibbies didn't know about that 48 hour limit? Now they want Apple to spend bookoo bux to hack into his phone. If I was Apple I'd say "this is gonna cost us x engineers at $y per hour, you pay for it. And our encryption experts say we can't break it".
What do the fibbies need to know? This guy was a major asshole, with multiple red flags over his head. Close the loophole where he was allowed to buy guns and move on.
When the dust settled America realized it was saved by a porn star.
(Score: 3, Insightful) by frojack on Tuesday November 21 2017, @02:58AM
I suspect they don't expect to gather any information from the phone or iCloud.
They have never gathered any useful sole-source information from a phone. They have already had more data via other means. (Pen registers, phone records, text message logs, Tower tracks, GPS logs on telco servers).
The idea is that if they can force Apple to make it easy (by forcing them to bear the costs) encrypted phones will disappear.
Of course that makes it easier to plant data too.
To this day they are utterly clueless about the Las Vegas shooter's motives or movements. If they had his phone, they wouldn't find anything there either. The Texas guy was a walking powder keg, there will be nothing on his phone either. No elaborate plans. No accomplices. Nobody else to arrest (except in the AirForce).
No, you are mistaken. I've always had this sig.
(Score: 4, Insightful) by julian on Tuesday November 21 2017, @03:08AM (13 children)
They're thinking much bigger than that. They want Apple to change how they do crypto on all their products. What they really want is the per-device key to be exported from the device at setup and stored by Apple in case the Government ever needs to ask for it. Steve Gibson explained it in a recent podcast, [grc.com]
(Score: 5, Informative) by edIII on Tuesday November 21 2017, @03:22AM (4 children)
They just still don't fucking get it. Security is from the OWNER's point of view. If Apple has your security keys, you have no security.
Key escrow is an intellectual failure to understand how crypto works.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Tuesday November 21 2017, @03:48AM (2 children)
Indeed. I'd love to have the ability to give access to my computers and my stuff after I die, but there's no way of doing that which doesn't compromise security.
(Score: 2) by julian on Tuesday November 21 2017, @04:58AM (1 child)
You could create an encryption key and split it into two or more parts and give each part to a different person. Then use that key to encrpyt a Keepass file filled with all your usernames, passwords, and unspeakable secrets.
Obviously this is only as strong as the integrity of your friends holding the keys; but I think it would be hard to get four different family members or friends to all agree to conspire against you to recombine the key before you died. You could alternatively store one part of the key with your attorney, or put it in a safety deposit box.
(Score: 1) by MindEscapes on Tuesday November 21 2017, @02:26PM
And once you pass, they each contrive to kill the others, getting the complete key for themselves, hoping for the riches you kept so securely locked up, an overflowing bitcoin wallet perhaps?!...only to find out it is your SN login info.
Need a break? mindescapes.net may be for you!
(Score: 2) by crafoo on Tuesday November 21 2017, @01:41PM
No, they get it. They just don't care. About your personal security that is.
(Score: 4, Informative) by sjames on Tuesday November 21 2017, @03:40AM
And then Apple, like the CIA and NSA before them, somehow leaks the gold key to the kingdom to criminals who will then be able to access any iPhone at any time.
(Score: 2) by frojack on Tuesday November 21 2017, @04:35AM (3 children)
Steve Gibson?
That idiot is still around?
No, you are mistaken. I've always had this sig.
(Score: 2) by julian on Tuesday November 21 2017, @04:41AM (2 children)
Not a fan? Maybe I've missed something in his long career, I've only been listening to his podcast for a few years. He doesn't seem like an idiot.
(Score: 0) by Anonymous Coward on Tuesday November 21 2017, @01:56PM (1 child)
All the hate I've seen for him has been because he was wrong a few times in the past, or because someone disagreed with his stance on something (eg. raw socket availability in Windows).
(Score: 1, Insightful) by Anonymous Coward on Tuesday November 21 2017, @07:31PM
Or maybe it's because he says stupid shit like what was quoted above. That's just thinly-veiled propaganda.
(Score: 2) by mhajicek on Tuesday November 21 2017, @04:39AM
Saying the words "highly guarded" and "super safe" do not make them true.
The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
(Score: 3, Informative) by pTamok on Tuesday November 21 2017, @01:22PM (1 child)
This would be a public key using public key technology, which could be used to encrypt this 256-bit per-device symmetric key for transport to Apple, so that Apple then has this unique per-device key in their database. And if called upon on an individual per-device basis, Apple could decrypt that using the highly guarded at Apple matching private key, which would allow per-device access to the contents of the phone. They don't want to do it. I get that. I respect that.
But there are solutions, is my point, to providing under law single-device access which Apple could at their discretion with this technology choose to make available if legislation is enacted to cause that to happen, without anybody getting a master, any third party, any law enforcement getting any sort of carte blanche access to all of the iPhones in the world.
If this is what Steve Gibson said, then he was having a seriously off day.
If Apple have a database of device keys, all the government needs to do is compel Apple to provide either (a) ad lib access to that database to parties nominated by the government or (b) a regularly updated copy of that database. It is so not secure I would be laughing in hysterics if I thought someone really thought that was a reasonable solution. If anyone thinks Apple can't be compelled, there are little things called National Security Letters. If the US government get access, then any jurisdiction where Apple sells iPhones will make a condition of market access that their government gets access too.
Of course, Apple could already have been compelled to compile such a database in the way Steve Gibson describes, and what we are seeing is a major misdirection campaign to convince us that it hasn't happened. There are so many ways a device key could be 'leaked' back to Apple using side-channels/steganography etc. that mean that it would be practically impossible to show that this was not happening.
(Score: 2) by romlok on Tuesday November 21 2017, @02:18PM
I thought that too as I was listening to the podcast. Fortunately, this was actually the very next thing said:
But I think Steve's point was merely that there are technical solutions to allowing warranted access to individually identified devices, which is what the government claims to want, that don't involve any agency holding any backdoor or "golden key".
(Score: 1, Informative) by Anonymous Coward on Tuesday November 21 2017, @02:24AM (3 children)
Check that wikipedia article. Woah.
So 120 officers to deal with all of Texas. The "uniform" is that they are required to wear western-style clothing. So, at their discretion, something vaguely like boots and a cowboy hat.
Texas disbanded the state police. This is it. WTF.
(Score: 5, Funny) by c0lo on Tuesday November 21 2017, @03:04AM (2 children)
Oh, 119 of them are just the paper-pushers.
There's only one of them doing the field work and he's more than sufficient**.
---
** if you don't get it, here are some hints:
"Not even his heart is foolish enough to attack him"
"He makes onions cry."
"He doesn't turn the lights on, he turns the dark off."
"His calendar goes straight from March 31st to April 2nd. No one fools with him"
"He and and Hitler were diner having a conversation over dinner when Chuck Norris says 'I hate juice'. Hitler misheard"
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by FatPhil on Tuesday November 21 2017, @06:04AM (1 child)
>
> [7 layers of nested spoiler tags]
> Chuck Norris
Erm, you shot your load too early there, methinks.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 4, Funny) by c0lo on Tuesday November 21 2017, @12:29PM
Shit... So it happened.
Age... retirement...
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Tuesday November 21 2017, @02:30AM (4 children)
As long as it wasn't Walker, I think Apple will be ok.
(Score: 0) by Anonymous Coward on Tuesday November 21 2017, @02:39AM (3 children)
Obviously one of the losers. Chuck Norris don't serve nobody no nothing.
(Score: 3, Funny) by c0lo on Tuesday November 21 2017, @03:06AM (2 children)
When Walker isn't enough [schneierfacts.com]
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Tuesday November 21 2017, @03:09PM (1 child)
This is the most relevant I have ever seen that site be.
(Score: 2) by c0lo on Tuesday November 21 2017, @03:20PM
If you want the very best within the context, have this [schneierfacts.com] one
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Informative) by NotSanguine on Tuesday November 21 2017, @03:46AM (1 child)
The Engadget article has been updated as follows:
It's not clear how long ago that update appeared.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by NotSanguine on Tuesday November 21 2017, @03:47AM
Messed up the Engadget article [engadget.com] link. Grrr!
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 5, Insightful) by MichaelDavidCrawford on Tuesday November 21 2017, @05:05AM
my damn phone is endlessly harassing me to sign into the App Store. I already installed Radio Paradise, what more apps do I need?
You'd have to be an idiot to use cloud storage. I expect it's popular with law enforcement.
Yes I Have No Bananas. [gofundme.com]