FBI Breaks into Terrorist’s Encrypted iPhone

The FBI has cracked the encryption on the San Bernardino shooter’s iPhone and told the court it no longer needs Apple’s help.

A six-week public standoff between Apple and the FBI ended today when the Department of Justice said it had accessed encrypted data stored on the San Bernardino terrorist’s iPhone.

The DOJ said in its motion that it no longer needed Apple’s help as mandated in a Feb. 16 court order and asked that the order be vacated.

“The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016,” today’s motion says.

The FBI said one week ago that an “outside party” had demonstrated a way onto the device and that it may eliminate the need for Apple’s help. The FBI asked for a two-week continuance in order to test this method, and promised a status report by April 5.

It’s unknown what, if anything, was on shooter Syed Farook’s iPhone 5c. Farook and his wife Tashfeen Malik murdered 14 people on Dec. 2. The phone was issued to Farook by his employer, San Bernardino County; two other phones belonging to the couple had already been destroyed.

Apple’s contention since Day 1 has been that the case was never really about the data on this one phone, but instead was about establishing a legal precedent that would allow the government to access data on locked devices in other cases. The original court order mandated that Apple assist the FBI in unlocking the phone. To do so, Apple would have to build new firmware that would bypass security on the phone that protects against brute-force attacks against the passcode.

The mysterious “outside party” has not been identified, though some have speculated that it could be a current partner of the FBI’s. The FBI has business arrangements with a number of mobile forensics outfits, and one in particular, Cellebrite of Israel, was flagged as a possibility by a newspaper in Israel.

It may never be known whether Cellebrite is indeed the “outside party,” or whether the FBI purchased a software exploit, or used some other means such as a hardware hack to get onto the device.

IOS forensics expert Jonathan Zdziarski published a report last week that said NAND mirroring might be one way the FBI’s partner could be getting onto the phone. The technique involves mirroring the chip, Zdziarski said, so that the FBI and its outside party could perform offline brute-force attacks against the four-digit passcode without causing the phone to wipe itself. Days later, researchers at Johns Hopkins University published a report describing weaknesses and attacks against Apple’s iMessage encryption that could be used by an attacker to read attachments. Apple last week patched those flaws.

In greater context, the research demonstrates that, counter to the FBI’s claims, Apple was not the only entity that could break the phone and that forcing it to intentionally weaken the cryptography protecting its products put all of its users at risk. As it stands now, there is a public exploit available to break at least older versions of iOS and it’s unlikely the FBI will share what it knows with Apple.

Suggested articles

Discussion

  • Ronald Finnerty on

    why aren't there investigations into the possible disclosure of the probable ruling setting precedence to the FBI attorneys, prior to ruling by the judge, which led to the FBI effectively dropping the request. A request that was already ruled on and granted btw. This was a ruling on APPLE not complying with the ruling. I think APPLE should file a counter suit against the FBI/DOJ and force the precedent setting ruling that FBI and Law enforcement CAN NOT legally makes this types of requests and the under current laws encryption and privacy is the law. The DOJ, i guarantee is scrambling behind the scenes to change the laws to support their wants. WE as americans need to demand this ruling now.!!!
  • BT7474 on

    Apple should prosecute the FBI for its cost and compensation for wasting its time. How much compensation did Apple receive? If backdoors are allowed then it should be relatively easy for terrorists to kill at least hundreds of thousands of extra people anywhere in the world annually via remote control, and for criminals to carry out billions or trillions of extra crimes with virtually no chance of being caught. Whilst the security services are wasting vast amounts of time, and money snooping on innocent people rather than investigating actual terrorists. People like me would be forced to increase my computer expertise to defend myself, and to counter-attack against any; person or organization that attacks me because of a bunch of cretins legalizing backdoors being placed into computer softwares, which can also convert any devices into bombs including; toys, TVs, Computers, smartphones, airplanes, nuclear weapons, cars, washing machines, dishwashers, cookers, Central heating systems, clocks and watches etcetera. Can Apple prosecute the third party who broke the security of the iPhone for the FBI, if the solution gets into the hands of; terrorists and criminals who if then uses the method to kill or defraud people if they don't tell Apple about the solution?
  • Droopy on

    Here is https://pbs.twimg.com/media/CeufMi1XEAAfC4F.jpg

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.