US judge rules against forcing Apple to give access to iPhone used by San Bernandino shooter

A US federal judge has ruled against the US justice department using a 227-year-old law to force Apple Inc to provide the FBI with access to locked iPhone data.

The ruling comes as a huge setback to the government in its battle with the company over privacy and public safety.

The US government has been seeking access to the phone in the Brooklyn case in October, months before a judge in California ordered Apple to take special measures to grant the government access to the phone used by one of the shooters in the San Bernardino, California, attacks (See: Court asks Apple to unlock Bernardino shooter's iPhone ).

US magistrate judge James Orenstein in Brooklyn in his ruling, stated he had no legal authority to order Apple to disable the security of an iPhone that was seized during a drug investigation.

The judge ruled that a 1789 law called the All Writs Act could not be applied to force Apple to decrypt the phone. He further found that Apple was not bound to comply with the government's requests under a 1994 law that updated wiretapping laws.

Agencies quoted a senior Apple executive, who requested anonymity, as saying Orenstein's decision would augur well for the company in the case, that had sparked off a fierce national debate over striking a balance between fighting crime and preserving privacy in the digital age.

Meanwhile according to Techradar, Apple's ongoing feud with the US government revolved around the fundamental problem of unlocking of the phone used by one of the San Bernarndino terrorists.

Techradar spoke to John Case, a mobile device security researcher who said there were three ways the FBI could go about it. The 'easy way' was to get signed firmware from Apple to access the phone by brute force (trying many passcodes until one worked), which was what the agency was asking now.

"Getting Apple to create a custom image is absolutely going to be the easiest and most foolproof route," Case says. "Third-party forensic software may or may not work, and it may or may not cause loss of data."

The second option, according to Case was "a custom-made utility that could brute force without wiping" the phone, possible with a bootrom or iboot exploit.

Though it sounds easy it would need a bug to be created which would be extremely expensive to do so, in the high six- to seven-figure range.

The third option would be to physically analyse the iPhone's memory chip and extract its UID as also any other information needed for offline bruteforcing, which was the most difficult of all and was fraught with risk.

"In theory, it's possible to reverse engineer the device itself and get the information," Case says. "But it's difficult, expensive and risky. The slip of a finger, and the information is gone. "