Researcher Shows Simple iPhone Hack FBI Said Couldn’t Be Done
Earlier this year, the FBI sparked a major controversy by seeking to force Apple to develop hacking tools for breaking into iPhones. Ultimately, the bureau backed down and found another, rather expensive way to hack into the particular iPhone in question, which had been used by one of the San Bernardino terrorists.
At the time, some security experts suggested an easier way for the FBI to bypass the iPhone’s security measures. The FBI said the technique, which involved removing the phone’s memory chip that stored user data, wouldn’t work.
But now one of those experts has written a paper demonstrating just how easily the technique could have been used. University of Cambridge researcher Sergei Skorobogatov says he was able to bypass the security measures that bedeviled the FBI, including the phone’s limit of 10 incorrect PIN code guesses that, if reached, would cause all data on it to be deleted.
“The process does not require any expensive and sophisticated equipment,” Skorobogatov writes. “All needed parts are low-cost and were obtained from local electronics distributors.”
The paper is embarrassing news for the FBI, which set off a big debate over security, civil liberties, and encryption policy in its showdown with Apple. But the technique is also bad news for Apple and iPhone owners, who now know that their most private information stored on the device could be hacked, albeit only under very specific circumstances.
Skorobogatov included much of the instructions for cracking the iPhone’s NAND memory chip in his paper, including detailed photographs. However, he did not describe the entire process of extracting data from the phone’s storage chip. “A video of the working proof-of-concept demonstration for this NAND mirroring process will be placed on the Internet,” he wrote.
For some experts who opposed the FBI’s arguments in its Apple showdown, the paper also demonstrated the folly of a policy law enforcers sought following the controversy. Senators Richard Burr, Republican from North Carolina, and Dianne Feinstein, a California Democrat, are reportedly trying to revive their bill which would force smartphone companies like Apple aapl to put a backdoor into all encrypted systems to allow law enforcement access if needed. Apple along with many tech, banking and security groups, opposed the bill on the grounds that the backdoor could also be exploited by criminals.
Now that Skorobogatov has shown a way for law enforcement to crack iPhones that they have already seized, backdoors aren’t needed, according to Susan Landau, a professor at the Worcester Polytechnic Institute Department.
The Burr-Feinstein approach “would make us less secure, not more so,” Landau wrote in a blog post on Thursday. “Instead we must increase law enforcement’s capabilities to handle encrypted communications and devices. This will also take more funding as well as redirection of efforts.”