Sunday, April 3, 2016

Method to crack San Bernardino iPhone is close ended

A new method to crack open locked iPhones is so promising that US government officials have classified it. The government now says it may have figured out a way to get into the phone without Apple’s help. But it wants that discovery to remain secret, in an effort to prevent criminals, security researchers and even Apple itself from reengineering smartphones so that the tactic would no longer work.Currently, the Justice Department is still testing to make sure the method doesn’t damage or erase data stored on devices before using it on Farook’s phone.

The technique does successfully allow the government to get inside locked iPhones. Apple has said repeatedly that data stored on locked iPhones shouldn’t be able to be accessed without the user’s passcode, which Apple doesn’t have. Hacking into a locked smartphone requires exploiting a security flaw in its software, and most technology companies fix these flaws once they learn about them.This means that the government likely hasn’t found a usable panacea to getting around iPhone encryption.

Brains behind the tactic is Cellebrite – the provider of mobile forensic software from Israel  is helping the FBI in its attempt to unlock iPhone 5C that belonged to San Bernardino shooter.
The company's website claims that its service allows investigators to unlock Apple devices running iOS 8.x "in a forensically sound manner and without any hardware intervention or risk of device wipe.
The tool which they claim is Universal Forensic Extraction Device (UFED) that claims to help investigators extract all data and passwords from mobile phones but still I'm not sure whether they used this technique to hack into the phone . Although the technique the FBI used to crack the iPhone is not disclosed and likely will not be any time soon, several experts suspect it involved NAND Mirroring

This is a technique used to copy the contents of the phone's NAND memory chip and flash a fresh copy back onto the chip when the max number of attempts is exceeded. The plus is that both sides got what they wanted without setting a precedent and the negative is that the precedent was never actually decided, so we’ll probably get to go through all of this again. The upside of this downside is that it seems likely that the “crack” used by the FBI was a tricky and physical one, perhaps involving disassembling the device and even desoldering or piggybacking its flash storage chips. So, for all that an unintentional backdoor is now known to be available, it’s probably not a simple click and finish matter.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.