Start by reading this New York Times piece, F.B.I. Finds Links Between Pensacola Gunman and Al Qaeda:
The F.B.I. recently bypassed the security features on at least one of Mr. Alshamrani’s two iPhones to discover his Qaeda links. Christopher A. Wray, the director of the F.B.I., said the bureau had “effectively no help from Apple,” but he would not say how investigators obtained access to the phone.
Gruber then proceeds to take down the Times’ narrative, piece-by-piece, with a quote Apple shared with the media in response to the FBI’s “no help” claim, ending his take with this:
Apple cooperated in every way they technically could. The DOJ is not asking for Apple’s cooperation unlocking existing iPhones — they’re asking Apple to make future iPhones insecure.
Gruber’s take is worth reading, soup to nuts. He does a solid job responding to the “make a backdoor that only white hats can get through” argument, an impossible ask.
I’d only add this little nugget, from NBCNews, that might explain how the FBI got in:
Software called Hide UI, created by Grayshift, a company that makes iPhone-cracking devices for law enforcement, can track a suspect’s passcode when it’s entered into a phone, according to two people in law enforcement, who asked not to be named out of fear of violating non-disclosure agreements.
The spyware, a term for software that surreptitiously tracks users, has been available for about a year but this is the first time details of its existence have been reported, in part because of the non-disclosure agreements police departments sign when they buy a device from Grayshift known as GrayKey.
It’s a cat and mouse game. IMO, a very important one.