The entrance to the radiofrequency isolation chamber, near the middle of the Lefkowitz Building in lower Manhattan, looks like an artifact from the Apollo program, shielded by two airtight, metallic doors that are specially designed to block electromagnetic waves. Inside the room, against one wall, are dozens of Apple iPhones and iPads in various states of disrepair. Some have cracked glass fronts or broken cases. Others look like they’ve been fished out of a smoldering campfire. Of course, the devices are not there to be fixed. They are evidence confiscated during the commission of alleged crimes.
The district attorney of Manhattan, Cyrus Vance Jr., and the city’s cybercrime unit have built this electronic prison for a very specific purpose: to try, using brute force algorithms, to extract the data on the phones before their owners try to wipe the contents remotely.
What’s going on in the isolation room is important, if silent, forensic work. All of the phones are hooked up to two powerful computers that generate random numbers in an attempt to guess the passcode that locked each device. At night, technicians can enlist other computers in the office, harnessing their unused processing power to create a local supercomputer network. “All of these phones are in various states of being attacked,” explains Steven Moran, the director of the High Technology Analysis Unit. He shows me one phone where 10,000 random sequences have been tried. That would have been enough to crack a four-digit key, which has 10,000 possible combinations. But beginning in 2015, Apple began requiring a six-digit passcode—boosting the total permutations to 1 million.
At the same time, Moran and Vance have to decide which devices to prioritize. On the day I visited the cyber lab, there were nearly 3,000 phones, most related to active criminal investigations, that Moran had not yet been able to access. The team has built a proprietary workflow management program, using open source software, to triage the incredible volume of incoming devices and to escalate the most important cases. “So if a third party were to say ‘hey, we have a solution that will work on iOS 12.1.2 and it costs X amount of dollars,’ I can see within five seconds that that’s going to affect 16 different phones,” Moran says.
That’s a huge digital thorn in Vance’s side. The problem is that criminals also use Apple and Android phones, and the data hidden inside them—GPS coordinates, text conversations, transcripts of voicemails—are often essential for prosecuting them. Without access to their devices, Vance argues, some criminals may go free while others, accused of crimes they didn’t commit, may end up incarcerated. He recalls how, after months and months of trying, Moran’s lab was finally able to break into an iPhone belonging to E’Dena Hines, the 33-year-old granddaughter of actor Morgan Freeman, and used a video they found to help convict her boyfriend of stabbing her to death. There have also been at least 16 cases where information obtained from smartphones has exonerated alleged suspects. “That just matters,” Vance says.
What’s particularly baffling for Vance, who has been Manhattan’s district attorney for a decade, is that before September 2014, the tech giants seemed happy to help prosecutors get the data they needed. Whenever Vance obtained a search warrant for a smartphone, he would pay for a detective to fly the device to Apple’s headquarters in Cupertino. A few days later, Apple would return the phone, plus a thumb drive with the data specified in the search warrant. “They liked working with law enforcement and were proud of their working with law enforcement,” Vance says. (Representatives for Apple and Google did not immediately respond to requests for comment.)
The effect on law enforcement was immediate. “It had a big impact right away on our cases,” Vance says. “The inability to access devices in small cases and big cases was having an impact on our ability to get evidence.” Vance appealed to Apple, and later to Google, without success. He visited with members of Congress and pushed for legislation to fashion a compromise, but no legislation was forthcoming. In the meantime, the tech companies continued upgrading their software to stay one step ahead. When the FBI paid an Israeli forensics firm to hack an iPhone belonging to the 2015 San Bernardino mass shooter, for instance, Apple responded by patching the vulnerability.
“We had to figure out what we were going to do with this new situation over which we had no control,” Vance says. So at a cost of some $10 million, Vance decided to build his own high-tech forensics lab—the first of its kind within a local prosecutor’s office.
Still, Moran’s job keeps getting more difficult. Five years ago, only 52% of the smartphones that the District Attorney’s office obtained were locked. Today, that figure is 82%. Vance says the cybercrime lab is able to successfully crack about half of the phones in his possession, but whenever Apple or Google update their software, they have to adapt. “Every time there’s a new operating system that comes in, that’s another more complicated layer to crack,” he says. “The problem with that, particularly from a law enforcement perspective, is, first of all, time matters to us. If we seize a phone that is iOS 10 but can’t open the phone, maybe never, but, say, not for another two years, well, that’s not the timeframe in which cases move, particularly cases when they’re in court.”
Apple argues that Vance can get iPhone data from its cloud server without cracking the phone itself. “It sounds fabulous,” Vance says, “but if you’re a serious criminal, you’re not going to back it up.” And that’s not the only problem with cloud technology. A user can choose what kinds of information is stored remotely. Messaging apps like WhatsApp, Signal, and Telegram are designed to delete texts after a certain number of minutes. And in many cases, Moran says, smartphones won’t back up to the cloud in the brief period of time between when a crime takes place and a suspect shuts off their phone.
Privacy advocates point out that law enforcement can still obtain device metadata—such as the time and location of a phone call—from unencrypted SIM cards or wireless phone carriers. But Vance says it’s the difference between being able to read the contents of a letter and just having the envelope the letter came in. “If you want to find out what they’re talking about with regard to any specific crime,” he says, “you’ve got to get the letter itself.” Adds Moran: “Even if we are lucky enough to get into the cloud or even if we’re lucky enough to get some of the metadata, we’re still missing an awful lot of important information that’s critical to the investigation.”
Last week, Vance picked up an unexpected ally in Attorney General Willim Barr, the Republican head of the Justice Department. On January 13, Barr called on Apple to open two encrypted iPhones used by the alleged gunman in a December shooting at Naval Air Station Pensacola that resulted in the deaths of three sailors. The federal government has labeled the crime an act of terrorism. “We don’t want to get into a world where we have to spend months and even years exhausting efforts when lives are in the balance,” Barr said. “We should be able to get in when we have a warrant that establishes that criminal activity is underway.” It’s the same argument that Vance, a Democrat, has made for years. As expected, Apple disputed Barr’s characterization of the help it has provided to the Justice Department. “Our responses to their many requests since the attack have been timely, thorough, and are ongoing,” Apple responded, while refusing to open the iPhones.
Vance is happy to have Barr raise the profile of an issue he’s been trying to resolve. But he remains a little wary. “I’ve been sued by the president, so there’s certain things where we’re on the opposite side and there’s other things where we are on the same side,” he says. “If the goal is to raise awareness around the issues sufficient to move senators and congressmen and women to pass legislation then I think it’s a net good thing. To the degree that it moves people the other way I think it’s a bad thing.”
Vance says it’s not fair that Apple and Google get to set these rules unilaterally. “That’s not their call,” he concludes. “And it’s not their call because there’s something bigger here at issue rather than their individual determination of where to balance privacy and public safety. What’s bigger is you’ve got victims and you’ve got a law enforcement community who have strong imperatives that should be recognized and balanced equally with the subject decision-makers by the heads of Apple and Google. Today, I think it’s unbalanced.”
Recognize your brand’s excellence by applying to this year’s Brands That Matter Awards before the early-rate deadline, May 3.
