This story is free to read because readers choose to support LAist. If you find value in independent local reporting, make a donation to power our newsroom today.
This archival content was originally written for and published on KPCC.org. Keep in mind that links and images may no longer work — and references may be outdated.
FBI statement: Agency allowed reset of terrorist's iCloud password
CUPERTINO, CA - SEPTEMBER 09: Apple Senior Vice President of Worldwide Marketing Phil Schiller announcees the new iPhone 6 during an Apple special event at the Flint Center for the Performing Arts on September 9, 2014 in Cupertino, California. Apple unveiled the two new iPhones the iPhone 6 and iPhone 6 Plus. (Photo by Justin Sullivan/Getty Images)
(
Justin Sullivan/Getty Images
)
In a statement released late Saturday night, the FBI says it was working in conjunction with San Bernardino County when the iCloud password of San Bernardino shooter Syed Farook was changed, contesting reports that county workers altered the password on their own.
"This is not true. FBI investigators worked cooperatively with the county of San Bernardino in order to exploit crucial data contained in the iCloud account associated with a county-issued iPhone that was assigned to the suspected terror suspect, Syed Rizwan Farook," the statement sent to KPCC reads.
The FBI statement also says that since Farook's phone was already locked when it was seized during the search on Dec. 3, 2015, "a logical next step was to obtain access to iCloud backups for the phone in order to obtain evidence related to the investigation in the days following the attack. The FBI worked with San Bernardino County to reset the iCloud password on December 6th, as the county owned the account and was able to reset the password in order to provide immediate access to the iCloud backup data. The reset of the iCloud account password does not impact Apple’s ability to assist with the the court order under the All Writs Act."
The statement reinforces a Friday night tweet from the San Bernardino County Twitter feed noting that Farook's iCloud password had indeed been changed.
The rest of the statement reads as follows:
"The last iCloud data backup of the iPhone 5C was 10/19 and, based on other evidence, investigators know that Syed Rizwan Farook had been using the phone after 10/19. It is unknown whether an additional iCloud backup of the phone after that date -- if one had been technically possible -- would have yielded any data.
Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple's assistance as required by the All Writs Act order, since the iCloud backup does not contain everything on an iPhone. As the government's pleadings state, the government's objective was, and still is, to extract as much evidence as possible from the phone."
You come to LAist because you want independent reporting and trustworthy local information. Our newsroom doesn’t answer to shareholders looking to turn a profit. Instead, we answer to you and our connected community. We are free to tell the full truth, to hold power to account without fear or favor, and to follow facts wherever they lead. Our only loyalty is to our audiences and our mission: to inform, engage, and strengthen our community.
Right now, LAist has lost $1.7M in annual funding due to Congress clawing back money already approved. The support we receive from readers like you will determine how fully our newsroom can continue informing, serving, and strengthening Southern California.
If this story helped you today, please become a monthly member today to help sustain this mission. It just takes 1 minute to donate below.
Your tax-deductible donation keeps LAist independent and accessible to everyone.
Right now, LAist has lost $1.7M in annual funding due to Congress clawing back money already approved. The support we receive from readers like you will determine how fully our newsroom can continue informing, serving, and strengthening Southern California.
If this story helped you today, please become a monthly member today to help sustain this mission. It just takes 1 minute to donate below.
Your tax-deductible donation keeps LAist independent and accessible to everyone.
Senior Vice President News, Editor in Chief
