The Sutherland Springs church shooting in Texas is likely to restart the smartphone encryption debate, with the FBI in possession of the shooter’s locked and encrypted smartphone.
According to the San Antonio FBI office head Christopher Combs, the FBI has flown the shooter’s phone to the lab at Quantico for analysis. It is not clear if the device was found on the shooter’s body, or with his possessions.
“With the advance of the technology and the phones and the encryptions,” said Combs. “Law enforcement —whether at a state, local or federal level —is increasingly not able to get into these phones.”
Combs has refused to disclose the make and model of the phone in question. He cites not wanting to provide information to “every bad guy” on what phone to buy to “harass [FBI] efforts” in delivering justice.
No timetable was given for unlock. Combs also noted in the press conference that there was “other digital media” that had been seized as part of the investigation. Presumably, some of that digital media contained the evidence gathered that the gunman sent threatening messages to his mother-in-law and a church member before the attack.
At present, Texas Department of Public Safety Regional Director Freeman Martin notes that there is no reason to believe that the gunman had a co-conspirator, so what information is expected to be extracted from the phone isn’t clear.
The shooter entered the First Baptist Church in Sutherland Springs, Tex. on Sunday, Nov. 5. At present, the death toll is 26 spanning infants to senior citizens, with dozens more injured.
The most public debate between the FBI and technology companies began when 14 people were killed and 22 were seriously injured by a mass shooting by Syed Rizwan Farook and Tashfeen Malik in San Bernardino California on Dec. 2, 2015. The pair were ultimately shot by law enforcement after a four-hour chase.
Discovered amongst their possessions was a county-owned iPhone 5c. In a botched attempt to penetrate the phone, the county ordered a password reset on the device, preventing any data more recent than Oct. 19, 2015 from being automatically backed up to iCloud, and accessible to subpoena.
The Department of Justice said that they already had all the call logs for the device up to the date of the attack, as well as data backups from before the last connection of the phone to Apple’s servers.
The judge overseeing the case dictated that Apple create a tool that would work with the seized iPhone 5c that would allow the government to unlock the phone, and grant access to the full contents and data store in the device’s flash storage.
Apple CEO Tim Cook refused the request. The FBI ultimately purchased the services of a “grey hat” hacking company to penetrate the phone just hours before a court hearing about the subject, and no tangible data directly related to the shooting was ultimately found.
The FBI has refused requests for information regarding the iPhone 5c in the past, citing that since it does not own the hack, it can’t talk about it. Apple has also said that they have no intention of filing suit for data about the penetration method.
In October, a judge ruled that the FBI was not required to disclose any information about how it penetrated the iPhone 5c. Judge Tanya Chutkan cited concerns for the vendor’s IT security, as well as the risk of “crucial information” about the method being discovered.
The FBI believes it can find a way to “enhance” the tool it used on the iPhone 5c —perhaps to phones with a Secure Enclave.
At the end of October, FBI Director Christopher Wray on Sunday revealed strong smartphone encryption has prohibited his agency from gleaning data from more than half of the devices it attempted to access in the past 11 months, hindering progress in a wide range of ongoing investigations. Director Wray claimed that the FBI had more than 6900 devices it was unable to penetrate.
Due to the political nature of this story, comments have been disabled.