The controversy began on February 16, when US magistrate judge Sheri Pym surprised Apple with an order compelling it to provide assistant to the FBI in its investigation into a particular iPhone used by Syed Rizwan Farook, one of the two attackers in the San Bernardino shooting, which killed 14 people and injured another 22. Farook and his wife, Pashfeen Malik, were killed by police in a shootout about five hours after the massacre.
Judge Pym ordered Apple to provide software to the FBI that would both nullify the short delay between passcode attempts, and prevent the iPhone from automatically erasing itself after 10 unsuccessful tries -- effectively defeating the iPhone's ability to protect users from "brute-force" attacks on passcodes, such as those used by hackers, thieves, and authorities who have seized an iPhone for whatever reason. Apple objected to the order, saying the software would create a security risk for all users, and expose the entire contents of the iPhone, which violates both the Fourth and Fifth Amendments to the US Constitution. The FBI, in turn, asked the judge to compel Apple to accept the order without a chance to challenge it.
The FBI ultimately found a company that had a tool to break into the phone, and rescinded the demand of help from Apple, which the judge granted. Comey hasn't name the company that the tool was purchased from, thought to be Cellebrite. Speaking with CNN, He said of the company that "The people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they are very good at protecting it, and their motivations align with ours." The FBI has a contract with Celebrite dating back at least to 2011, so assuming no ulterior motive, it isn't clear why the FBI decided to not try the company's offerings before launching an effort through the courts to force Apple to unlock the phone.
The FBI director has been steadfast in his insistence that the San Bern ardino iPhone 5c legal standoff wasn't about setting a precedent for future demands that Apple assist in unlocking phones. Comey wrote to the Wall Street Journal in response to an editorial saying that "You are simply wrong to assert that the FBI and the Justice Department lied about our ability to access the San Bernardino killer's phone." Comey goes on to seemingly suggest it was more an attempt to try and get assistance from outside the bureau to sort the problem.
Assuming Comey is telling the truth about the situation, his remarks don't directly say what method was used to penetrate the phone but give a pretty good indication that flash cell cloning was used. The iPhone 5S and above have Apple's secure enclave, which manages password attempts, and would still wipe even cloned flash cells after multiple unsuccessful login attempts.
Source: FBI: 'tool' used for San Bernardino 5c hack ineffective on new phones
No comments:
Post a Comment