“We do know that the FBI frequently works with a number of contracted external forensics and data recovery labs, especially a handful at the top. The likelihood here is that a third party contractor, such as one of these forensics or data recovery firms, has devised a method and notified FBI of their findings,” Zdziarski writes. “Many firms have outright denied that they are the one, however there are at least a few firms that are not denying it, or not talking at all. The one that is the most tight lipped is, of course, the one people are paying the most attention to. I’m not at liberty to specify who, but you can count on reporters to be banging on doors in the middle of the night for this kind of information.”
“Speaking of middle-of-the-night, the brief was dated for Sunday, suggesting perhaps it was put together Sunday night,” Zdziarski writes. “No forensics companies in the US are likely up and working at that hour, which seems to at least hint that it’s possible this company may be based overseas, where it would’ve been Monday morning. This is speculation, however worth investigating as a number of such DOJ contractors are based overseas… Most of the tech experts I’ve heard from believe the same as I do – that NAND mirroring is likely being used to some degree to brute force the pin on the device.”
Much more in the full article – recommended – here.
MacDailyNews Take: Zdziarski descibes the NAND mirroring technique as “kind of like cheating at Super Mario Bros. with a save-game,” which is exactly what we were thinking, too, as we read it.