FBI Director James Comey has admitted that his agency isn’t aware of what data is contained on the iPhone used by San Bernardino shooter Syed Farouk. The husband of a survivor of the tragedy cast doubt on any meaningful information lying on the device. Yet, on Thursday, the San Bernardino District Attorney speculated that the phone may house a “dormant cyber pathogen” that threatens the county.
The DA’s comment represents the first time that any law enforcement agency has said publicly what may be on the phone, which the FBI has ordered Apple to open. But it is wildly unclear exactly what is meant.
“The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network. The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino’s infrastructure,” Michael Ramos, the San Bernardino County District Attorney, wrote in a filing (PDF) reported by Ars Technica.
“Cyber pathogen” isn’t a common term. In fact, it’s a phrase that has never been used in conjunction with system threats.
Ramos, it seems, is referring to the possibility that there is a dormant virus is on the device which, if released, could wreak havoc on San Bernardino’s IT network. The problem with that scenario — which we are paraphrasing because the term “cyber pathogen” is meaningless — is that it doesn’t make sense, as Jonathan Zdziarski, an iOS security researcher frequently cited in the FBI-Apple battle, explained in detail on his blog. If the device does contain malware, as the DA appears to be suggesting, that would mean that it has been jailbroken and therefore the authorities do not require Apple’s assistance to get inside it.
“Fagan’s statements are not only misleading to the court, but amount to blatant fear mongering. They are designed to manipulate the court into making a ruling for the FBI, and in my opinion are egregious enough that Fagan should be held in contempt just for filing what amounts to a crazy apocalypse story,” Zdziarski summarized.
Ars Technica reported that San Bernardino county distanced itself from the filing — “the county didn’t have anything to do with this brief. It was filed by the district attorney,” a spokesperson said — while the District Attorney’s office provided the publication with a vague statement claiming that there is “compelling governmental interest” to gain access to data on the phone.
FBI Director Comey previously argued that authorities wish to gain access to the data in order to leave no stone unturned in the quest for evidence and information, although he admitted that it is unclear whether there is any data related to the shooting, in which 14 people lost their lives, housed on it.
Salihin Kondoker, whose wife Anies Kondoker survived the attack, last week filed a friend of court brief siding with Apple in the case. In it, Kondoker argued that Farouk is highly unlikely to have used the device to plan the terrorist act since all San Bernardino county staff were aware that their employer had access to it and its contents.
Apple has rejected the FBI’s order to enable access to the device on account that such a move sets a dangerous precedent for the future since it involves creating backdoor software that would undermine the privacy and safety of “millions.”