iPhone Cracking: Why FBI Needed Outside Help And What It Means - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity
Commentary
3/24/2016
11:05 AM
Larry Loeb
Larry Loeb
Commentary
50%
50%

iPhone Cracking: Why FBI Needed Outside Help And What It Means

This week, the FBI said it now doesn't need Apple to crack into an iPhone. However, what does this tell us about encryption and the overall state of hardware security?

iPhone Encryption: 5 Ways It's Changed Over Time
iPhone Encryption: 5 Ways It's Changed Over Time
(Click image for larger view and slideshow.)

It was the 12-round, heavyweight title fight that was supposed to be watched around the world -- no Pay-Per-View needed. Then, just before the bell rang, one of the fighters decided to return to the locker room for some more training.

On March 21, hours before Apple, the FBI, and Justice Department prosecutors could meet in federal court to hash out the legal arguments over hacking into a iPhone, the FBI filed papers that claimed it had found an outside party that could crack the government-owned iPhone 5C that was used by Syed Rizwan Farook, one of the two people responsible for the San Bernardino shooting in December.

This meant, essentially, that FBI didn't need Apple to do its work for it.

See you in April.

IBT is reporting that an Israeli forensics firm, Cellebrite, is the company that is helping the FBI bypass Apple in order to crack into Farook's iPhone. The iPhone itself is actually owned by Farook's former employer -- the county of San Bernardino.

(Image: Images_By_Kenny/iStockphoto)

(Image: Images_By_Kenny/iStockphoto)

Cellebrite is "a subsidiary of Japan's Sun Corp, has its revenue split between two businesses: a forensics system used by law enforcement, military and intelligence that retrieves data hidden inside mobile devices and technology for mobile retailers," according to Reuters.

Cellebrite has done this before, it seems, at least according to ABC News. The firm's engineers might even know how to do it without forcing a software fix to be issued by Apple.

The question that lingers is how will Cellebrite's engineers actually go about doing the hack? It's a hardware approach, I think. The kind of hardware hack that security people out there wondered why it had not been tried on the 5C before going to Apple.

Are you prepared for a new world of enterprise mobility? Attend the Wireless & Mobility Track at Interop Las Vegas, May 2-6. Register now!

NAND mirroring, I bet, is the hardware technique that Cellebrite will be using. The technique is detailed by Zdziarski's Blog of Things posting and it seems reasonable.

Zdziarski's description of it makes the thrust of the technique clear:

Most of the tech experts I've heard from believe the same as I do -- that NAND mirroring is likely being used to some degree to brute force the pin on the device. This is where the NAND chip is typically desoldered, dumped into a file (likely by a chip reader/programmer, which is like a cd burner for chips), and then copied so that if the device begins to wipe or delay after five or ten tries, they can just re-write the original image back to the chip.

Now, was that so hard? The feds can access the hardware on that phone. They can desolder it and whatever else the agents need to do.

From an overall OpSec view, as Zdziarski put it: "The weak link in all of this has been Farook and his poor choice of security."

That brings us back to some of the recent "conversations" happening about how encryption and software relate to our society. Many of them ignore the particular facts about this iPhone 5C.

First of all, the government always owned it and can disassemble it however which way it wishes. It seems the FBI didn't realize -- or won't admit that it knew -- there were ways that have been around for a long time to do this sort of thing by mucking with the hardware. It was fortuitous that Japan, Inc. and Cellebrite were able to provide such experts.

Either that, or they were cynically trying to use the tragedy to get a rather nebulous claim ensconced in the courts. But, that discussion is for another day, maybe as soon as April 5.

In the meantime, the chairman of the US Senate Intelligence Committee says a bill to give law enforcement access to encrypted data could come as early as next week. Maybe that had more to do with the FBI's sudden change of plans rather than the technical know-how of Cellebrite. We'll see.

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He has written a book on the Secure Electronic Transaction Internet ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
GatineauJ611
50%
50%
GatineauJ611,
User Rank: Apprentice
3/24/2016 | 3:11:18 PM
Did the FBI really need Help
I have a hard time believing that the FBI needed help and actually went public with all this...who are they trying to kid

 


philnezz
jastroff
50%
50%
jastroff,
User Rank: Ninja
3/24/2016 | 4:31:23 PM
Re: Did the FBI really need Help
Yes, hard to believe the government could not find the info they wanted without the big dust-up with Apple

 

Does anyone come out ahead on this? Apple has people all over the world eager to break whatever security is has, just for the fun of it, or for money. The Justice department has egg all over its face one way or the other. And in the end, they are going to get the data and break Apple's security. Black eyes all around.
larryloeb
50%
50%
larryloeb,
User Rank: Author
3/24/2016 | 6:09:06 PM
Re: Did the FBI really need Help
@jastroff

Apple is starting to get its stuff  together about security. They've been forced to realize they can't play at it anymore.

Thye just hired a Director of Security, for the first time.

They are changing their servers around because someone may have slipped a hacked Juniper router into the farms that they use(d).

I like this kind of thinking on Apple's part. It shows some seriousness, which they are going to need very soon.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 2:51:11 PM
Re: Did the FBI really need Help

@Larryloeb    I am surprised that it took so long for the Apple to hire a Dir of Security.  Did they think their products were impenetrable ?    

Looks like it.    

But on the flip-side it is encouraging that they are taking the issue of security even more seriously moving forward.

larryloeb
50%
50%
larryloeb,
User Rank: Author
3/25/2016 | 4:45:59 PM
Re: Did the FBI really need Help
@tech

Yeah, me too.

They have sort of realized that what they were doing before wasn't really secure. They need to harden everything.

The new 10.4 release fixed some really, really bad bugs. They have to stop those kinds of bugs from happening, now.

 
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 2:45:45 PM
Re: Did the FBI really need Help

Agreed.  It is hard to believe the FBI didn't know of this method and that it will end up being much about nothing. 

I do wonder how this bill will affect things going forward though.

larryloeb
50%
50%
larryloeb,
User Rank: Author
3/25/2016 | 4:43:14 PM
Re: Did the FBI really need Help
@technocrati

Two weeks before the FBI demanded Apple crack it, the DEA used Cellebrite to crack another iphone. The docs for it are up on cryptome.

You would think someone should have got on the phone to them, huh?
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 4:51:37 PM
Re: Did the FBI really need Help

@larryloeb       One word.  Unbelievable !   Makes one wonder if there were not some ulterior motives for making such an issue of this then.

larryloeb
50%
50%
larryloeb,
User Rank: Author
3/25/2016 | 4:58:01 PM
Re: Did the FBI really need Help
@Tech

Besides trying to subvert privacy in all its forms, you mean?

"Policing is only easy for the policeman in a police state"
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 5:25:59 PM
Re: Did the FBI really need Help

@Larry    So true.  It is amazing how the Government wants to have "the ability" in just about every aspect of our lives now.  Enough already.   

 

No longer satisfied with the power of tax collection.  And unfortunately I think the problem is only going to get worse.

larryloeb
50%
50%
larryloeb,
User Rank: Author
3/25/2016 | 5:28:18 PM
Re: Did the FBI really need Help
Many discussions could be had on that topic.

But, the FBI comes out of this looking clueless.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 6:12:38 PM
Re: Did the FBI really need Help

"...But, the FBI comes out of this looking clueless."

 

They really do.   Time to catch up with this thing call technology.

larryloeb
0%
100%
larryloeb,
User Rank: Author
3/25/2016 | 8:54:56 PM
Re: Did the FBI really need Help
Yeah, but they won't hire the guys that get it because they may have smoked ganja during their lives.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
3/27/2016 | 10:58:19 PM
Re: Did the FBI really need Help
I'm not sure if I feel finally confident that the world's most powerful nation can now crack a phone on its own power, or disturbed that it is dragging its own reputation through the mud.
larryloeb
50%
50%
larryloeb,
User Rank: Author
3/28/2016 | 12:49:06 AM
Re: Did the FBI really need Help
@Broadway

Cracking that particular phone was never the problem here.

It ran iOS8 which does not have the SecureEnclave mechanism. All they needed to do was be able to bypass login protection.

Perhaps they were trying to set it up for when they really did have a problem.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
3/30/2016 | 9:48:09 PM
Re: Did the FBI really need Help
@larry, that's an important fact that I haven't seen mentioned enough in the repeated reporting of this story. A very important fact. It suggests that the cynics view of the government approach --- that they really want to access any phone, any time they want --- is perhaps not so cynical.
larryloeb
50%
50%
larryloeb,
User Rank: Author
3/31/2016 | 9:43:00 AM
Re: Did the FBI really need Help
@broadway

It's going to be interesting if the FBI has to tell Apple how they did it.

Apple, of course, will try to fix it in the future. Heh.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
3/31/2016 | 9:24:59 PM
Re: Did the FBI really need Help
@Larry, seriously? The FBI will have to tell Apple how they broke the phone? If they don't, the FBI is certainly taking on a black hat, anti-industry role that I really doesn't suit a government that is ultimately business friendly. Even more hypocritical will be if a Republican administration comes into power in 2017 and gets even more anti-Apple and anti any tech and telecomm company that puts up a fight.
larryloeb
50%
50%
larryloeb,
User Rank: Author
4/1/2016 | 5:00:17 AM
Re: Did the FBI really need Help
@Broadway

The FBI won't tell them how. They don't have to.

They will try to keep it underwraps so Apple can't counter.

How does it feel to have your privacy defended by a company, and not the government?
jastroff
50%
50%
jastroff,
User Rank: Ninja
4/1/2016 | 6:33:12 PM
Re: Did the FBI really need Help
Turn about is fair play, as we say

 

>> The FBI won't tell them how. They don't have to.

Apple made themselves a bigger target. Hope their shareholders appreciate that!
larryloeb
50%
50%
larryloeb,
User Rank: Author
3/24/2016 | 6:05:06 PM
Re: Did the FBI really need Help
The security theatre going on is wide and deep.

The FBI thought it could sneak the all writs action by, because everyone would be distracted by them waving the 5C high,

Ignoring all the tech for a sec; the FBI seems not ready to consider that if that phone was used for terror activities, the issuer of that phone might be liable too. And who owned it? San Bernadino. The FBI going to arrest them too?

 
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
3/25/2016 | 3:01:53 PM
Re: Did the FBI really need Help

"...the FBI seems not ready to consider that if that phone was used for terror activities, the issuer of that phone might be liable too. And who owned it? San Bernadino. The FBI going to arrest them too? "

 

 

@Larryloeb    Great point.  Another case of selective prosecution ?

larryloeb
50%
50%
larryloeb,
User Rank: Author
3/25/2016 | 4:47:39 PM
Re: Did the FBI really need Help
More like not seeing the connection that was there all the way through to the end.

They just focused on what they wanted.
Slideshows
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Commentary
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
News
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll