FBI Could Access Data from an iPhone without Support from Apple. We’re lost?

US Department of Justice got what he wanted, but other questions were raised

The fight Apple with the FBI over, but the debate on security and privacy continues. On Tuesday (29), the Department of Justice (DOJ) and the FBI announced that they managed to break into the iPhone that contains crucial data for a terrorism investigation.

Through a petition, the lawyer of the US State filed the lawsuit against Apple. “The government successfully accessed the data stored on Farook iPhone and no longer need the assistance of Apple Inc.,” the statement said. No other information about the case was revealed.

Rizwan Syed Farook is the American Terrorist name that promoted an attack in the city of San Bernardino (CA) along with his wife, on December 2, 2015. They killed 14 people in a shooting that took place at Inland Regional Center. The FBI believes that the iPhone 5c used by Farook contains significant data to corroborate the investigations since the terrorist was linked to the Islamic State.

Despite claiming in a statement that has no sympathy for terrorists, Apple believed to help the FBI to create a backdoor put in hand the security of all iPhones. Last week,prosecutors revealed that a foreign group demonstrated a way to unlock the iPhone without Apple’s help.

An Israeli newspaper revealed that experts in the Israeli security company Cellebrite are involved in the case. At the BBC, the company said it was working with the FBI last week, but did not elaborate. It is thought that she managed to break into the encrypted data iPhone 5c without unlocking the device.

By February, as pointed out by the Gizmodo, US officials said it is impossible to unlock the device, which puts the government in contradiction to the statement issued today.As the report is confidential, we can not know for sure the methodology used by the FBI, and they can not share it with Apple.

In a statement issued on Tuesday (29), the company said it has always opposed the request to create the backdoor “as we believe that it was wrong and would set a dangerous precedent.” Since the government gave up asking for help to Apple, none of that happened. “This case should never have been made,” said Apple.

The company also said it will continue to help the US government investigations and will always continue to make their products safer, “as threats and attacks on our data become more frequent and sophisticated.” Below, the rest of the statement:

Apple strongly believes that US citizens and other parts of the world deserve protection to your data, privacy and security. Sacrificing one of these items over another only puts great risk in people and countries.

This case raised issues that deserve a national discussion on our civil liberties and our collective and private security. Apple remains committed to participate in this discussion.

Understanding the Case

The discussion has been holding out for weeks, since the US government asked that Apple create a security hole in iOS data encryption technology to access the locked iPhone files Farook terrorist, killed by American police.

The company had published an open letter, signed by Tim Cook, par to oppose the US government’s demand as the backdoor would open a loophole for the United States burlarem encryption of iPhones whenever they want. If the software fall into the wrong hands, the security of the iPhone almost cease to exist.

After seeing that the company did not really fulfill the determination – as well as the pursuit of the body result in a long battle in court, with the opposition of several major technology companies – the FBI suspended the hearing began to seek other means to invade the iPhone .

Now that the US government could not necessarily the war is over – but only a battle.The DOJ may again force the company to create a security hole in new iPhones, which rely on the Secure Enclave, chip connected to the coprocessor that prevents access to data sensíves the device because of encryption at the hardware level.

The fingerprint of user and device password, for example, are available in this chip, and can not be accessed by iOS or by Apple’s servers. This security measure does not exist on the iPhone 5c and may have been what made the device easily have been unlocked.

Like the iPhone 5c Was Invaded?

Here, we enter an uncertain territory. Nothing about it was informed by the FBI or Apple (for obvious reasons), but experts believe that the method used was the mirror NAND (video), where the flash memory device is copied to be accessed outside the unit.

We all know that the iPhone is turned off after several wrong password attempts. So the FBI could not just try to unlock the device by brute force: iOS would detect that the PIN entered is incorrect and erase all data on iPhone after a number of attempts.

But the mirror NAND causes the iOS does not find that the password is being put thousands of times and not lock the iPhone. Thus, it is only guess the code of 4 numbers by brute force, which does not take long given the low complexity of the password.

To mirroring the NAND chip is removed from the apparatus and their data are read and copied. If the iOS erase everything that is on the device, just rewrite the original image back to the chip. It’s like a game was being saved for you not to miss the previous progress.

Jonathan Zdziarski, a security expert iOS, explains that it is very likely that this technique has been used, as well as his colleagues also experts in the field believe. As there is no data protection hardware in the iPhone 5c, this method can be used without problems.

If the release has actually been done by this means you do not have to worry. Unless someone is very willing to access your iPhone 5, 5c or less, your data is properly secured. Here, Apple explains better how your data is protected.

One Answer Several Questions

Of course, unlocking an iPhone without necessarily knowing the password can pose a security risk for all iOS devices. But I believe that this is an isolated case, since newer iPhones have a more sophisticated security lock, Secure Enclave.

Despite the FBI denied in a news conference that the NAND mirroring works, is practically a consensus among experts that this was the technique used. However, a page on the site Cellebrite, the company that allegedly helped the FBI to unlock the iPhone terrorist, details a method that even works for iPhones younger, as 5s, 6 and 6 Plus – all with the Secure Enclave.

The alternative method, as we can see in the video above, uses a special cable and a special camera to mirror the unlock screen of the iPhone and find the password (also by brute force) without the iOS lock the device.

However, it is hard to believe in the word of the company itself against dozens of experts. As pointed out by the Zdziarski itself, it is appropriate that an Israeli newspaper – the same origin of the company – raised the possibility that she could unlock the iPhone for the FBI.

In addition, the company’s own employees gave tips in your social network that was Cellebrite cooperating with the FBI. There is no guarantee that this is just a game company to gain attention, since all flow into evidence in it, but the method they disclose differs with what the experts argue.

As we have seen, it is difficult to say with certainty which company was and the method that was used. If the US government share this information, probably the company or individual who could access the iPhone data would be compromised.

In past releases, Apple has already said he wants to know what method the FBI would use to unlock the iPhone, but the agency will not necessarily share this information (which surely would make the company put an end to a possible failure).

Anyway. Among many questions, what we learned from this process is that the debate between security and privacy is recurrent, even when it involves encryption and terrorism. The company should break your security protocol to help the United States to combat future terrorist attacks? It’s a complicated question.

Of course nothing is 100% safe (even digitally), but I imagine that you do not descabelar because an iPhone was invaded across the world. Although information on the release is not available, I imagine that Apple is already investigating and, if necessary, should further enhance the security of your devices.