How The FBI Might've Opened the San Bernardino Shooter's iPhone 5c

"Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor?" Slashdot reader LichtSpektren quotes Bruce Schneier: Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key. The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong.
Sergei's new paper describes "a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9." The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts... Although the process can be improved, it is still a successful proof-of-concept project.

Re:

[slashrio]

Correction: Stein says she is anti-war.

FBI was foolin'

[turkeydance]

they knowed how

Re: FBI was foolin'

[John Smith]

Yes. And Apple giving them a backdoor would not only give them a backdoor but not reveal that they could crack the iPhone anyway.

Re:

[slashrio]

That denial was part of their contract with Apple.

Is anyone really surprised?

[Jester998]

Is anyone REALLY surprised that the FBI was wrong? Government doesn't attract top-tier talent. Never has, never will. When your hiring practices, policies, procedures, compensation and benefits are all at the bottom of the barrel, well... that's what you get. The bottom of the barrel.

Re:

[geek]

Is anyone REALLY surprised that the FBI was wrong? Government doesn't attract top-tier talent. Never has, never will. When your hiring practices, policies, procedures, compensation and benefits are all at the bottom of the barrel, well... that's what you get. The bottom of the barrel.

I agree on policy and procedure but they have the best benefits and compensation I have ever seen. My aunt ran the Houston office of the FBI for years. She was able to retire at age 50 with a full sic figure a year pension that will last her the rest of her life. Everyone on that side of the family has lived into their 90's so do the math with that.

Re: Is anyone really surprised?

[cthulhu11]

Ran the office. So she was upper management ? The FBI tech jobs I've seen required relocation to a shithole and offered pathetic pay.

Re:

[Jester998]

Your argument is hilarious due to its fallacies.

Maybe private industry didn't go to the moon because there was no compelling business reason to do so. I guarantee you if the government had said "We will give a 200-year exclusive settlement and mining rights to the first corporation to land on the moon", it would have been done faster and cheaper than the government did it.

Maybe the government insists on maintaining its monopoly on road infrastructure and won't allow private roads to be built. Or maybe pr

Re:

[Impy the Impiuos Imp]

One need only look to the Internet to see the difference between public and private money.

Public developed it and kept its heart beating for 25 years as a novelty tool of universities. Then capitalism found a use for it, and several trillion dollars later, here we are.

Re:

[ShanghaiBill]

Yup, that's why we all remember the 1968 private Moon landing so well, right?

The moon race was a lavishly funded and otherwise pointless political exercise to show the world that we had bigger dicks than the Soviets. To use it as an example of government efficiency and effectiveness is silly.

Speaking of Soviet dick size: During WW2, the Soviet Red Army deployed a 2 inch trench mortar, but had difficulty keeping rain out of the barrel. Without explaining the purpose, they asked the Americans to supply thousands of condoms 12 inches long and 2 inches in diameter, which would fit pe

Re:Is anyone really surprised?

[KozmoStevnNaut]

Calling the moon landing and the space program in general a "pointless political exercise" is pretty ridiculous, when you consider the massive amount of spinoff technologies that we take for granted every single day of our lives.

Re:

[SScorpio]

Exactly, now I can just Velcro my shoes. And drink this delicious Tang.

Re:

[Coren22]

Both private inventions that were used by the space program, but not a result of it:

https://en.wikipedia.org/wiki/... [wikipedia.org]
https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[ShanghaiBill]

Most of the space-based spin-offs came from the development of communication satellites, not from the moon landings. The first comsat was in 1962, before the moon race even started.

Re:

[KozmoStevnNaut]

And who ran the hugely expensive space program that let those satellites get put into orbit? Exactly.

Re:

[hackwrench]

Whether or not Tang is a garbage drink, there is such a great diversity of drinks out there that Tang doesn't matter.

Re:

[KozmoStevnNaut]

That's easy for you to say after the fact. And velcro+tang aren't the best examples, they're quite simply concepts.

But look at the 2016 list of spinoffs: https://spinoff.nasa.gov/Spino... [nasa.gov]

Lots of stuff on there that would have been deemed unnecessary or a waste of money by private investors.

Re:

[Coren22]

NASA and the NSA, as well as Bletchley Park.

Re:Is anyone really surprised?

[jasnw]

There are at least two interpretations for this apparent failure: (1) the Feds are dumb as a box of rocks as you say, or (2) they knew perfectly well how to do this but wanted the courts to establish precedence for ordering manufacturers like Apple to provide access to customers' encrypted storage. Or it could be a little of both. I've worked with the Federal government for over 40 years, and either of these is well within the realm of possibility. I will say, however, that the recent tenor from the FBI and its director about encryption make me believe more in #2 than #1.

Re:

[Impy the Impiuos Imp]

This is the largest and most sophisticated of state actors. It is not inconceivable they could comission a secret billion-dollar machine to crack any electronic equipment.

There was that article a few days back about using doppler and timings of x-rays to read pages of a degenerating book, down through the layers.

Carefully shaving nanometer layers off a chip at near absolute zero ain't no thing.

Re:

[AHuxley]

Re Government doesn't attract top-tier talent. Never has, never will.
So the NSA and NRO are all built on the efforts of private sector contractors?
All we have is what the FBI said in public and wanted to be seen paying for or commenting on and big brand consumer grade encryption.
The same global consumer grade product lines the NSA has been tracking and reading without effort globally for a while.
If the FBI lets slip that they have an easy way in, or the NSA helped them, any interesting people still usi

Re:

[AchilleTalon]

How FBI was wrong? At my knowledge they never said what the summary states: 'They need a universal backdoor' in fact, in this very case, they never asked for a backdoor. A backdoor is something you put in place BEFORE, not AFTER. They asked for help from Apple to crack the iPhone.

That summary is really shitty. It seems written by someone not knowing the difference between his head and his ass. Bypassing the counter limit has nothing to do with cracking the encryption key by brute force attack. The iPhone pa

Re:

[Gussington]

Is anyone REALLY surprised that the FBI was wrong? Government doesn't attract top-tier talent. Never has, never will. When your hiring practices, policies, procedures, compensation and benefits are all at the bottom of the barrel, well... that's what you get. The bottom of the barrel.

Manhattan and Apollo programs seemed to do alright.

Re:

[unixisc]

Brute force wouldn't work here, since after 3 tries, the phone would be locked for good. That's why the FBI first approached Apple, and later, went to a third party to get that phone unlocked. But it's interesting whether that would have been possible had Syed Farook had an iPhone 6 or something w/ a more advanced iOS, which would have precluded even that break-in

This is not new information

[ravenspear]

It's been common wisdom for years that with physical access to the device and unlimited time and resources, almost all encryption schemes can be defeated. In many cases this might simply mean using a mechanism to bypass the encryption rather than defeating it through brute force. But the fact is, regardless of what protections they have, devices have to ultimately present the data to the user unencrypted to actually use it. So there is usually always some kind of way in.

Re:

[ShanghaiBill]

It's been common wisdom for years that with physical access to the device and unlimited time and resources, almost all encryption schemes can be defeated.

That is an utterly meaningless statement. Time are resources are NEVER "unlimited", because eventually, you will have to face the heat death of the universe.

Meanwhile, back to reality: Cryptography has been advancing way faster than cryptanalysis, and there are publicly available encryption algorithms that are essentially unbreakable, even using quantum computers. All of the cracking events you read about are done through social engineering and sloppy security practices. None of them happen because stat

Re:

[postbigbang]

In a perfect world, what you say is true, but the parent poster has a good point.

1. Because there's no such thing as a truly random number, one characterizes the number generator and then determine its bias. (See NSA-NIST->RSA foibles)

2. The decrypting machinery has to be perfect, and not cache the results in some mind-numbing way (see several CVEs)

3. In the actual case, the capability of resetting the NAND or using proximal bit-flipping techniques to force recounts to null are well-known. Just crowbar t

2,000 years of trying, none have lasted 20 years

[raymorris]

> are essentially unbreakable, even using quantum computers

The Enigma was "unbreakable", until it was broken.
DES was unbreakable, until it was broken.
MD5 was unbreakable, until it was broken.
RSA was "unbreakable" last year. Not so much this year.

There are some new algorithms which haven't quite been completely broken just yet. Well, unless the new algorithm is used by someone who -also- allows an older algorithm, im which case the service using the new algorithm is vulnerable to DROWN.

Re:

[ShanghaiBill]

DES was unbreakable, until it was broken.
MD5 was unbreakable, until it was broken.
RSA was "unbreakable" last year. Not so much this year.

DES was actually designed to be crackable.
MD5 is not an encryption algorithm.
RSA has not been considered robustly secure for a long time, and was never considered unbreakable.

If decryption takes 1e6 times as long as encryption, the algorithm is easily crackable. If it takes 1e12 times as long, it is good enough for casual communications. 1e15 is secure against all but the most determined government sponsored crackers. If the ratio is 1e100 it is uncrackable in the life of the universe (the number of quark

Re:

[Creepy]

RSA was tampered with by the NSA to allow for it to be easily cracked [reuters.com]. While we'd known there was tampering with it, the extent of that tampering wasn't known until the Snowden leaks. That said, the flaw is only with dual elliptic curve and I don't think anybody uses that anymore. Also the only thing cracked this year was RSA 220 [wikipedia.org], which is 729 bits and the next you'd logically expect to see broken. My secure emails use RSA-1024 (I didn't set that up, all I do is check a checkbox that says "Secure" and the r

Re:

[ravenspear]

All of the cracking events you read about are done through social engineering and sloppy security practices.

False. As I stated, many of the attacks involve sophisticated ways to simply bypass the encryption, rather than cracking it directly. These attacks are neither social engineering or because the vendor had sloppy security. Their security would in most cases stop 99.9% of attacks. However a government with essentially unlimited money to throw at it is another story.

None of them happen because state-of-the-art encryption is cracked. That doesn't happen.

Also false. I think you need to read some of the recent NSA disclosures. Widespread successful attacks against VPN and SSL are already becoming so

this isn't an external brute force attack

[YesIAmAScript]

This attack is still done on device. It just clones the NAND back to "0 strikes" after each 6 attempts.

This attack doesn't extract the memory and doesn't decode externally. It just copies NANDs.

Why is this significant? Because it means you can't do extraction in parallel, you still have to go through all the codes sequentially on the device.

It defeats the significant portions of the backoff. It defeats the erase after n failures. It's a very significant attack.

But no one said this type of attack was impossible. I personally read about variants on this attack while the controversy was going on. I even posited it myself. I believe Apple even addressed it claiming that this attack wasn't possible on later iPhones due to a change in how the failure count is stored.

Re:

[ELCouz]

NAND have limited write cycles... doing a re-write NAND bruteforce attack is not going to last very long!

Re:

[unixisc]

Yeah, the limit is 10k cycles PER SECTOR. In other words, they could copy the NAND to one place, try it as much, then when they are done, copy the next NAND to another sector, and lather, rinse, reuse...

Re:

[tlhIngan]

NAND have limited write cycles... doing a re-write NAND bruteforce attack is not going to last very long!

A 4 digit PIN code has around... 10,000 combinations. You get 10 tries before it wipes, but 6 tries before the delay gets long (1 hour). So if you guess 6 tries per flash, you only need to do 1,667 reflashes. Given the nature of the effacable storage flash, this is well under their use limit.

Re:

[unixisc]

That is what I was wondering. Internally, the phone would have a combination of NAND and NOR flash (usually in MCPs). Unsoldering is next to impossible, since we are talking BGA packages, especially since in this case, the flash would have to go back into the phone for the phone to work.

But like you say, they could read out the contents of the flash w/o turning on the phone, and then run their brute force attack on the phone. Only thing - this was a 5c, and if it used his fingerprints, they'd be out of

Thats quite impressive.

[NuttyBee]

As someone who can barely see a 0603 SMD device, I find this quite impressive. He was able to remove the flash from the board, get it to function, watch it communicate, and identify the multiple mechanisms used by the chip to communicate and where on the flash it accessed. I always suspected the way the FBI did it was a brute force attack on copies of the chip data.

Neat!

Nobody gets it

[RubberDogBone]

Of course they knew all along how to get into the phone, probably five different ways.

But all the public+media+dog had was speculation and unfortunately a big spotlight on the subject device.

Normally they work in secret and in the shadows and crack these phones all the time. But this one had everybody watching, and when everyone is watching, you do not get out your best-kept secrets and reveal them in front of the cameras. The agencies didn't want to confirm any of that by suddenly showing up with a crack

Obvious from the start

[kbg]

This is exactly what everyone was saying at the time. The FBI didn't really give a damn about what was on the phone. All they wanted was the legal precedent for forcing companies to give up their security.

Unlocked

[ourlovecanlastforeve]

You need to stop using the word "open" to refer to the act of unlocking a mobile device.

You don't "open" a smartphone.

There isn't a lid that you remove to gain access to it.

You unlock it.

Or you pull the power after each bad passcode

[BcNexus]

http://blog.mdsec.co.uk/2015/0... [mdsec.co.uk]

Vindication!

[sabbede]

I tried to explain this to a number of people on other forums and got a surprising amount of pushback. Nice to have someone prove me right.

#joke

[John McLane]

Is this a joke? hahahah "how the FBI opened the iPhone5c? Ohh how... after all, Apple does not help the Feds... AT ALL." Ok... CUT! Nice shot everyone... do you think they will believe it? How numb and dumb and fallen have we become... Brains, what I want you for?