“There are a number of ways the FBI could be attempting to hack into the iPhone used by the San Bernardino killer, say security experts,” Elizabeth Weise reports for USA Today. “One intriguing approach involves creating a digital copy of the phone’s chips.”
“Up until Monday, the FBI had been adamant that it had no way to get to data off the phone unless Apple aided it in overcoming the passcode locking feature,” Weise reports. “Security researchers, however, have publicly discussed ways a phone can be hacked without having Apple redesign the operating system. These physical hacks were all expensive, time consuming, and posed the risk that the data could be destroyed. But firms like Canada’s Chipworks regularly apply some of them, such as a method that reverse-engineers computer chips in search of patent infringements.”
Weise reports, “Another approach would create digital facsimiles of the phone’s chips, which would then be submitted to multiple unlock attempts.”
Read more in the full article here.
MacDailyNews Take: Just send the thing to the NSA, which is what the feckless DOJ/FBI should have done instead of stupidly and despicably trying to establish Big Brother precedent on the backs of terrorism victims.
SEE ALSO:
FBI says it may have found method to unlock San Bernardino attacker’s iPhone – March 21, 2016
Apple hires corporate security chief amid legal battle against U.S. government overreach – March 19, 2016
Countdown to doomsday: Apple, FBI face off in court Tuesday – March 19, 2016
Apple sees weakness in FBI’s last-minute hearing request – March 18, 2016
The FBI has a big ulterior motive in its war against privacy and Apple’s encrypted iPhone – March 18, 2016
The law is clear: The FBI cannot make Apple rewrite iOS – March 18, 2016
Apple engineers, if ordered to unlock iPhone, might resist – March 17, 2016
Apple’s Tim Cook on FBI fight: ‘No one’s going dark’ – March 17, 2016
Harvard Law professor and former Obama special assistant dismisses FBI’s claims – March 17, 2016
Apple: The law already exists that protects us from U.S. government demands to hack iPhone – February 26, 2016
That’s a good deterrent: “These physical hacks were all expensive, time consuming, and posed the risk that the data could be destroyed.”
That’s OK though, it’s just for one iPhone.
I honestly don’t mind if there’s a way to hack into my phone, as long it’s expensive, time-consuming, and resource-intensive. It ensures that the hack is never going to be used casually.
It’s like when I locked myself out of my condo. I called a locksmith, and he picked the lock, but it took him ten minutes. The fact that it took that long for a professional to break through my door lock made me feel pretty secure.
——RM
Exactly, that’s a great perspective. It provides a balance. Plus to be a locksmith requires a degree of security from what I understand.
On the weekend I wrote under a bit of pie in the sky idea under the headline “Countdown to doomsday: Apple, FBI face off in court Tuesday”. The idea was that Apple could give a code, code 1111 as I call it to every government on the planet with some follow up codes (based on the unique number of the iPhone and the country it was assigned to) so that anyone with the code could open into any iPhone that was in the proper jurisdiction.
With one catch, that once this was done, the iPhone would self destruct the next time it powered down.
A crazy idea but the point is, that there are viable solutions to this, if people can look at the issue creatively and Apple sure can. Don’t know about the other guys, they seem lost.
Anyway it’s a good point, yes searchable but get ready to roll up the sleeves to do it.
This doesn’t get them into the iphone, it just gets them the encrypted data. Whether that is easy or impossible to crack depends on the strength of the password. If they used a strong password the FBI is still out of luck.
I have my doubts on whether or not the FBI can actually hack the phone or not. I have my money on the fact that the FBI is afraid to set a losing precedent in their case vs Apple and are looking for a way to pull out of the battle and wait for more favorable conditions and perhaps a weaker opponent to try and strip away our civil liberties.
Took the words right out of my mouth
👍🏻👍🏻👍🏻
The most consistently interesting and knowledgable commentary on this matter has been from Jonathan Zdziarski’s blog. He goes in to some detail about how this iPhone could be accessed.
http://www.zdziarski.com/blog/?p=5966
He suggests that the mysterious third party might be a non-American company with forensics and sophisticated hardware capabilities who could unsolder the NAND memory and then make thousands of duplicates which could allow brute force unlocking techniques. He notes that it probably wouldn’t work with newer iPhones using the Apple chips with the secure enclave.
This seems to me to be a solution that offers a good compromise all round … for now. The FBI would need to have physical possession of the iPhone and would need to send it to a laboratory. It wouldn’t be a technique that could be used indiscriminately. Apple has no involvement in this process, so couldn’t be ‘leaned upon’ by a foreign government to offer a similar facility for them.
However I don’t think that the pressure is likely to stop here. The FBI will now seek an even more emotionally charged case using a newer iPhone, where this technique would not work and will then restart the process of establishing a precedent to force Apple to bypass the lock of any iPhone.
It would be nice to think that lessons have been learned, but I don’t think that the FBI are in a learning mode. They will still want to find a way to grab the keys to the kingdom and now know what the arguments and counter measures will be.
What if the fbi demanded having Liam work for them. Can a robot be made to work for the government?
This is not about getting the info on the phones, it is about establishing a political policy in law. Susan Crawford has already shown that the US Government has no legal basis to do so.
“The problem for the president is that when it comes to the specific battle going on right now between Apple and the FBI, the law is clear: twenty years ago, Congress passed a statute, the Communications Assistance for Law Enforcement Act (CALEA) that does not allow the government to tell manufacturers how to design or configure a phone or software used by that phone — including security software used by that phone.
CALEA was the subject of intense negotiation — a deal, in other words. The government won an extensive, specific list of wiretapping assistance requirements in connection with digital communications. But in exchange, in Section 1002 of that act, the Feds gave up authority to “require any specific design of equipment, facilities, services, features or system configurations” from any phone manufacturer. The government can’t require companies that build phones to come to it for clearance in advance of launching a new device. Nor can the authorities ask a manufacturer to design something new — like a back door — once that device is out.”
https://backchannel.com/the-law-is-clear-the-fbi-cannot-make-apple-rewrite-its-os-9ae60c3bbc7b#.phcrtd20e
If the FBI hadn’t screwed up at the beginning of this fiasco by telling the San Bernardino gov to chg the password in the 1st place, then maybe this wouldn’t have evolved to where it is today! Who changed the password and to what? Someone had to! Evidently that person forgot what it was or what??? Is this person that stupid or ignorant to change it to something that the person doesn’t remember? Can someone explain this?
My only thought about why they changed it was to prevent an accomplice from using Find My iPhone to perform a remote wipe. Does anybody know if this sounds plausible?
An easier way to protect it from a remote wipe would have been by RF shielding it ( wrap in foil and store in a suitable metal container ).
However it turned out to be a pretty foolish thing to do.
I’m pretty sure it was deliberate…
“Oh darn…never mind, now we can really go after Apple, it’s win:win!”
Except the rest of their case was ropey to begin with.
I fully expect them to be back in court in a couple of weeks…”Well we did what lots of folks suggested – but it didn’t work, so now judge, can we have our court order back?”
I can even see them doing this even if they are successful in hacking the phone, they just won’t tell anybody.
Your confusion is that you don’t seem to realize the phone’s passcode and the iCloud account password are two different things.
It was the iCloud password changed, not the passcode! I did indicate that it was the password – oops – left off iCloud!
http://recode.net/2016/02/21/fbi-says-resetting-san-bernardino-shooters-apple-id-password-not-a-screwup/