• 'NAND mirroring' could let FBI break into iPhone without Apple's help, researchers say


    Whether or not Cellebrite is involved, the FBI may be able to unlock the iPhone of San Bernardino shooter Syed Farook through a process known as "NAND mirroring," security researchers explained on Wednesday.



    The technique involves removing NAND storage from a device, copying it using a chip reader, and then reattaching the original chip using a harness, Jonathan Zdziarski told Re/code. That way, investigators always have a fallback even in the case of Farook's phone, which is set to self-delete its data after hitting iOS 9's passcode retry limit.

    Matthew Green, a cryptographer and assistant professor at the Johns Hopkins Information Security Institute, observed that while the process can circumvent encryption, it remains a dangerous approach. Investigators must de-solder a NAND chip to remove it, which runs the risk of doing damage and losing access entirely.

    Farook's iPhone, a 5c, is one of the last iPhone models the technique could apply to, since anything with Touch ID and hence a Secure Enclave would theoretically be immune.

    Zdziarski speculated that whoever is helping the FBI, the short two-week testing window requested by the U.S. Justice Department means the government is likely using an off-the-shelf unlock solution from a forensic firm.

    Just one day before a review of the court order issued to Apple, the Justice Department asked to postpone the hearing, saying that "an outside party" had shared a possible method of cracking Farook's phone without asking Apple to build a passcode limit removal. Earlier today reports identified that party as Cellebrite, an Israeli forensics firm.


    [via Recode]
    This article was originally published in forum thread: 'NAND mirroring' could let FBI break into iPhone without Apple's help, researchers say started by Caiden Spencer View original post
    Comments 7 Comments
    1. back9player's Avatar
      back9player -
      or it was confirmed here by me:

      http://modmyi.com/content/21652-appl...tion-flap.html
    1. webpager's Avatar
      webpager -
      What are they looking for that they cannot already get elsewhere? Besides setting a precedent?

      The calls and texts are stored by the carrier (and likely the NSA). The internet history (if used on the data plan, not if by wifi) is also stored by the carrier. If someone logged onto Facebook or gmail or Instagram or anything else, the IPs would be captured, and that data would allow LE to acquire the associated account information from the 3rd party. All the other data (up to 6 weeks?) before the attack is in iCloud, which Apple has given them access to.

      So except for notes or photos that were not sync'd with iCloud, what is it that the FBI really wants? I believe what they really want is just to set a precedent. And that's not a good thing since the iPhone is basically the official US government phone now, replacing the Blackberry. If Apple is required to do this, another government can force them to do the same. An agent of the government has info on their phone. The phone is acquired by, say, North Korea. It's kept in an enclosure that keeps out radio signals, negating the possibility of a remote wipe. You think North Korea, or China, or anywhere else cares about our rules of law?
    1. dsg's Avatar
      dsg -
      I don't believe there is anything of use on that iPhone, why burn so many others and leave one with info on
    1. Darkflame's Avatar
      Darkflame -
      http://modmyi.com/forums/iphone-news...ml#post7354656 Wow. I wonder where they got the idea from LOL j/k
    1. X-Men's Avatar
      X-Men -
      Apple respect privacy of its customers even the customer is killing innocent... Wow apple is great
    1. Feanor64's Avatar
      Feanor64 -
      This whole thing is just a deal to protect apples image. Of course you put up a fight at first because it's bad business to just cave into the authorities. You have to show a little muscle. Guarantee it eventually comes out that apple caved. Didn't hear a peep out of Tim Cook or Steve jobs before Edward Snowden went public. Think about that.
    1. Rakim's Avatar
      Rakim -
      Quote Originally Posted by webpager View Post
      What are they looking for that they cannot already get elsewhere? Besides setting a precedent?

      The calls and texts are stored by the carrier (and likely the NSA). The internet history (if used on the data plan, not if by wifi) is also stored by the carrier. If someone logged onto Facebook or gmail or Instagram or anything else, the IPs would be captured, and that data would allow LE to acquire the associated account information from the 3rd party. All the other data (up to 6 weeks?) before the attack is in iCloud, which Apple has given them access to.

      So except for notes or photos that were not sync'd with iCloud, what is it that the FBI really wants? I believe what they really want is just to set a precedent. And that's not a good thing since the iPhone is basically the official US government phone now, replacing the Blackberry. If Apple is required to do this, another government can force them to do the same. An agent of the government has info on their phone. The phone is acquired by, say, North Korea. It's kept in an enclosure that keeps out radio signals, negating the possibility of a remote wipe. You think North Korea, or China, or anywhere else cares about our rules of law?


      I believe that at the end of the day the FBI DID want the info, but I also believe that they were hoping to in the process push a new standard of invading privacy... (One that they could refer to from this point forward as grounds to do it in any other circumstances they deem correct.
  • Connect With Us

  • Twitter Box

  • Facebook