They probably took a raw copy of the Flash, and then hacked the data. Either that, or they hacked into it through some bug. I guess these hackers now will be sought after, and can make big bucks for a while.
Israeli developers work on source code for Apple in Israel. Does anyone think for one moment that iOS and OSX haven't been deliberately compromised by MOSSAD and Shin Bet insiders working for Israel... Er, Apple?
There should be a counter lawsuit against the FBI to ensure proper laws are established and they are prevented from performing their illegal actions again.
Who cares if they are lying. If they bring the suit forward again in the future we'll know they weren't successful the first time and will make them look like fools.
And did they inform Apple of the security vulnerability that was used? Probably not, but they should as it could be an issue of national security.
They don't have to tell Apple anything...they tried to work with Apple but, Apple decided to make this something nasty in the media...good luck getting the FBI to work with you after a very public bashing
Hey, bud, it's the fracking FBI who crapped their big mouths in the media non stop for weeks AND initially fracked up the case by changing the Iphone cloud password.
Learn how to read.
The newer phones like the 5s have hardware limitations that the 5c didn't have and those POS morons at the FBI can go suck an egg.
Part of me thinks this is BS and they never got into the iPhone and withdrew because of all the bad press they were getting.
It was done through NAND memory duplication.
Easy way to think about this is like this: Virtual machine, or in this case, vitrual phone. Once they were duplicate the memory, they were able to run a simple password hack algorithm until they got the correct password. When ever the it reach the limit where the content would be deleted. They would just reset the virtual phone and continue right where they left off untill they went through all combinations.
Note this was reported in the news a few days back.
You can't do that BUD, man I'm tired of this shit, there is a god damn hardware Key that can't be copied out that's needed to decrypt, plus the decryption key that comes from the passcode and is built from the hardware key + passcode combination in a programmatic way.
They'd have to decapp the chip to get the key, reverse engineer Apple's code and create the virtual machine and you think they someone did that in a few fracking days? No chance.
They can copy out the memory, but trying the pins has to occur on this phone unless they want to spend a lot of engineering dollars.
No need to get all shaken and stirred up about this. It's a known fact that the encryption on these older phones is done all in software, the only tricky (and yes, in this case very tricky) part is to get access to the right hardware without destroying it. Once that was achieved you can simply make up a backup of the flash content and restore back as necessary, load it up to a flash simulator and connect that instead of the real flash, debug the content offline, potentially even emulate the CPU in software...
It's been done very often, even by less sophisticated hackers, so it's a lot more likely to happen by sophisticated tech companies. With newer iPhones this is exponentially harder since the keys are kept in the secure enclave (if Apple is not lying about this) and unlike a regular TPM I have much confidence that there're no backdoors built in.
Still there's a very high change that this is all made up BS by the FBI. They'd be pretty dumb to not think of this possibility very early on and instead let the conflict escalate. Most likely this is just a convincing stunt to show the only nation dumb enough to fall for it to demonstrate that the FBI is still on top of their game; potentially they even destroyed the iPhone in the process of trying to get to the data so they damage wouldn't grow farther if Apple is actually dictated to make it happen by law and they cannot not show the intact iPhone anymore. The only way this was even halfway convincing is if they announced and dropped all the open requests for data extraction and explained how they got into the iPhone. Anyone wager a bet?
And how do you get the hardware key on the phone? You do know you need this key hmmm.
You can do what you said, but the memory to be replace has to be connected to the phone itself. Unless you deactivate the timer, you have to reload the memory, reboot the phone everytime you try the passcode until it erases everything, restart (say 10 times). But since timer increases with each tries its probably easier to try it a few time, then reload.
The whole thing makes sense because its a short numeric pin. If it was a long alphanumeric, they wouldn't get anything even with all of that.
This means that if you want your stuff to remain safe, use a long alphanumeric passwords making sure the words are not in the dictionary
Great: now every sovereignty and every corporation (and individual) can be certain that Obama's FBI and NSA can search their communications at will and target anyone Obama does not lie.
Apple could've worked with the FBI behind the scenes and no one would've been any wiser but, Apple decided not to in an effort to protecting privacy. In doing so they've actually crated a much larger and more dangerous threat to privacy.
The FBI owes Apple nothing with regards to sharing how the phone was hacked and why should they? Why would the FBI say "here's exactly how we did it, now go ahead a patch that so we can have this same fight in the future"
I hope everyone thanks Mr Cook for creating a much larger and unregulated threat to your privacy.
Exactly correct.... don't kiss don't tell..... huge whole in Apples defense, dumb!!!
Maybe spelling "hole" correctly when it is at the center of your rebuttal and supposed wit would help make it less lame.
$15,278 according to several online stories over the weekend.
Couldn't celebrite get more money if they handed over their methods to Apple than selling them to the U.S. government? i'm pretty sure Tim cook would have paid more than $15K for this
Nope. Reason: NIH (Not Invented Here)
According to stories about Cellebrite, they pretty much work for anyone who requests their services. I'm sure they are loving the publicity.
Hahaha who'd have imagined *rolles eyes, sarcastically* The government can hire good hackers... Big surprise.
See, now if Apple had just unlocked it for them, they wouldn't have a backdoor key. Now they have a backdoor key they can use on seized property at will. By refusing to do the right thing and unlock a terrorist's phone, you have actually created the conditions where the FBI has gone AROUND Apple and now they DO have a full backdoor key. Great job!
Haha you make all Ricky's sound stupid. At least one method already existed to bypass the passcode on that phone. Full stop (the end for the learning challenged).
Apple already knows many (but of course not all) of the current weaknesses in trying to secure the passcode on modern phones. All the FBI did was press Apple to finally close all known holes, user experience be damned.
Thank you fools at the FBI and here for pressing Apple to make the iPhone more secure.
One theory: Apple and the FBI cut a deal. Apple would unlock the phone, but the FBI wouldn't tell. I'm not sure. I don't like to believe that Apple would do that, but it would make sense. Apple could do away with all the bad press and save their face, the FBI could get their phone unlocked... It would require a bold faced lie from the FBI, but I wouldn't put that past them considering how they've acted during the rest of this ordeal.
Yep, Apple embarrassed them so much that this was an easy out for them. Sure, that's what happened...idiot
The security community embarrassed the FBI so much the FBI finally threw in the towel and used one of the discussed method to break into the phone. Oh wait, didn't the former heads of the CIA and NSA embarrass the FBI also?
Let's hope the government is able to contain the cyber pathogen, or cyber botfly larvae, or whatever made-up term they used to escalate the rhetoric around this case. ;-)
It's unlikely we'll ever hear any more about what they did, or whether they disclosed the attack/crack vector to Apple, or what was on the phone. If in fact the g-men were able to defeat the iPhone's security it's likely that Apple will double down again on security and we'll be revisiting this scenario again in the very near future.
As much as I'd like to believe that the lines between who's right and who's wrong on these issues is always very clear ... I take a pragmatic or semi pessimistic or survivalist view on this. As an adult with a diverse background I know there are very evil people on this planet. I also know that dealing with them requires equally crafty but hopefully more socially responsible people who do bad things on our behalf to keep the needle in the good zone for the greatest number of people. In other words, we're only seeing the tip of the iceberg of what goes on behind the scenes. What's puzzling is that a government agency would show its inability and shortcomings in dealing with this situation in a very ugly and public way. They could have negotiated and sought outside help from people other than Apple without going nuclear grade negative PR against one of the most well respected companies on earth. The tactical approach chosen demonstrates that there is someone in the current administration whose has a personal vendetta against Apple that they view as being more important than solving the actual problem at hand.
I praise Tim Cook and Apple for standing up to the DOJ and FBI on this one and showing leadership even though it was a no-win scenario for Apple no matter the outcome because they still had to face the grieving families of the victims whether or not they stood on the high ground and acted globally responsible. Apple acted professionally and in the best interests of their global customers and constituents. I can't say the same for the DOJ/FBI who tried to publicly bully Apple into breaking the trust and respect Apple has earned with their customers. But I also know that there's a lot of unexposed iceberg and we'll never see everything that's behind the full story. All I know is that I have greater respect for Apple and less respect for the DOJ/FBI today than when this thing broke out into an emotionally charged public debacle.
They don't have to tell Apple anything...they tried to work with Apple but, Apple decided to make this something nasty in the media...good luck getting the FBI to work with you after a very public bashing
Hey, bud, it's the fracking FBI who crapped their big mouths in the media non stop for weeks AND initially fracked up the case by changing the Iphone cloud password.
Learn how to read.
The newer phones like the 5s have hardware limitations that the 5c didn't have and those POS morons at the FBI can go suck an egg.
"Go suck an egg" - Really??? How old are you?
yes, the FBI went to the media first but Apple decided to take any and all interviews about the subject with Mr Cook releasing an open letter. Apple went on the defense and then tried to go on the offensive...how did that work out?
Comments
Learn how to read.
The newer phones like the 5s have hardware limitations that the 5c didn't have and those POS morons at the FBI can go suck an egg.
They'd have to decapp the chip to get the key, reverse engineer Apple's code and create the virtual machine and you think they someone did that in a few fracking days? No chance.
They can copy out the memory, but trying the pins has to occur on this phone unless they want to spend a lot of engineering dollars.
and here
https://youtu.be/5yZJ138NQuM
You can do what you said, but the memory to be replace has to be connected to the phone itself.
Unless you deactivate the timer, you have to reload the memory, reboot the phone everytime you try the passcode until it erases everything, restart (say 10 times).
But since timer increases with each tries its probably easier to try it a few time, then reload.
The whole thing makes sense because its a short numeric pin. If it was a long alphanumeric, they wouldn't get anything even with all of that.
This means that if you want your stuff to remain safe, use a long alphanumeric passwords making sure the words are not in the dictionary
According to stories about Cellebrite, they pretty much work for anyone who requests their services. I'm sure they are loving the publicity.
Apple already knows many (but of course not all) of the current weaknesses in trying to secure the passcode on modern phones. All the FBI did was press Apple to finally close all known holes, user experience be damned.
Thank you fools at the FBI and here for pressing Apple to make the iPhone more secure.
It's unlikely we'll ever hear any more about what they did, or whether they disclosed the attack/crack vector to Apple, or what was on the phone. If in fact the g-men were able to defeat the iPhone's security it's likely that Apple will double down again on security and we'll be revisiting this scenario again in the very near future.
As much as I'd like to believe that the lines between who's right and who's wrong on these issues is always very clear ... I take a pragmatic or semi pessimistic or survivalist view on this. As an adult with a diverse background I know there are very evil people on this planet. I also know that dealing with them requires equally crafty but hopefully more socially responsible people who do bad things on our behalf to keep the needle in the good zone for the greatest number of people. In other words, we're only seeing the tip of the iceberg of what goes on behind the scenes. What's puzzling is that a government agency would show its inability and shortcomings in dealing with this situation in a very ugly and public way. They could have negotiated and sought outside help from people other than Apple without going nuclear grade negative PR against one of the most well respected companies on earth. The tactical approach chosen demonstrates that there is someone in the current administration whose has a personal vendetta against Apple that they view as being more important than solving the actual problem at hand.
I praise Tim Cook and Apple for standing up to the DOJ and FBI on this one and showing leadership even though it was a no-win scenario for Apple no matter the outcome because they still had to face the grieving families of the victims whether or not they stood on the high ground and acted globally responsible. Apple acted professionally and in the best interests of their global customers and constituents. I can't say the same for the DOJ/FBI who tried to publicly bully Apple into breaking the trust and respect Apple has earned with their customers. But I also know that there's a lot of unexposed iceberg and we'll never see everything that's behind the full story. All I know is that I have greater respect for Apple and less respect for the DOJ/FBI today than when this thing broke out into an emotionally charged public debacle.
yes, the FBI went to the media first but Apple decided to take any and all interviews about the subject with Mr Cook releasing an open letter. Apple went on the defense and then tried to go on the offensive...how did that work out?