Apple says it won't sue FBI to find out how San Bernardino iPhone 5c was hacked

Posted:
in iPhone
Saying that whatever method was used by the FBI will have a "short shelf life," Apple on Friday revealed it has no intention to sue the bureau in an effort to find out how it hacked the iPhone 5c used by a terrorist in California.


The IP Box setup, via MDSec.


Comments on the case were given on background, without names, by Apple attorneys in a conference call with members of the media. Officials apparently said they are confident that the method used by the FBI will not be a security concern for most users, according to ZDNet.

Apple's attorneys said they did not know what method the FBI used to crack the iPhone 5c at the center of the San Bernardino terror investigation, but said that normal product development would eventually address whatever exploit was used.

FBI director James Comey revealed on Thursday that the hack used won't unlock anything newer than the iPhone 5c. Beginning with the iPhone 5s and Touch ID, Apple began implementing a secure hardware enclave that makes it much more difficult to crack into a passcode-locked iOS device.

"This doesn't work on 6S, doesn't work on a 5S, and so we have a tool that works on a narrow slice of phones," Comey said.

Comey was also noncommittal as to whether the FBI would tell Apple about the method it used, but he expressed reluctance to lose what little access the bureau does have to locked iPhones.

"We tell Apple, then they're going to fix it, then we're back where we started from," he said. "We may end up there, we just haven't decided yet."




Since the FBI revealed its success late last month, most speculation regarding their method has centered around the so-called "IP Box" that first appeared last spring. That tool -- which retails for less than $300 -- latches onto a susceptible iPhone's power circuitry and enters PINs over USB.

When a wrong guess is detected, the tool aggressively cuts power to the iPhone's logic board before the guess is recorded, defeating the 10-try limit.

Apple is believed to have patched this hole in older iPhones with iOS 8.1.1; as the iPhone 5c in question is thought to be running iOS 9, the FBI has either chosen a different method or has purchased the device from a company that has discovered an as-yet unreported flaw in later software.

Beginning with the iPhone 5S, PIN guesses are managed in the hardware Secure Enclave, rendering such an attack useless.

Apple's decision not to sue the FBI, and the FBI's decision to drop its complaint against Apple in the San Bernardino case suggest the issue is dying down between both sides --?for now. But the encryption debate remains contentious between Apple the FBI's parent agency, the U.S. Department of Justice, which revealed on Friday it plans to continue pushing to force Apple to unlock an iPhone 5s at the center of a Brooklyn drug trafficking case.

Comments

  • Reply 1 of 16
    mtbnutmtbnut Posts: 190member
    Ala the "FAA Passenger Ban" article from the Onion, the iPhone 8 should contain just the box--opening it up reveals...nothing (just the instructions. Oh, and SIM Removal Tool--to help out friends with "insecure" iPhones)!

    This would be 100% effective against hacks. Guaranteed. 
    edited April 2016
  • Reply 2 of 16
    phone-ui-guyphone-ui-guy Posts: 1,018member
    This narrative goes against the one in the news today that Apple will work to find out what the hack was as part of the drug case in NY. They are said to push for the details as to understand what the FBI has done to try and get into the iPhone 5s they have in custody. 
  • Reply 3 of 16
    foggyhillfoggyhill Posts: 4,767member
    Because they probably already know, that's why they made the 5s.
    It's obvious what the FBI did.
    They went around the counter by copying out the memory, rebooting, trying a few time, copying in the saved memory,, rebooting, trying again,, etc... Until they got in.
    It's possible because the retry counter is in main memory; with the 5s, that's no longer the case, the counter is in the secure enclave.

    That only really work if you have a short numeric pin.
    If they had a long alpha passcode, they could have done that for a decade.

    The reason people don't use long pass code is because they're a bitch to type, well on the 5s, 6 and 6s, you don't have to most time because of touch ID, so you can make your pass code very long. That's another reason why the 5s is safer.
    edited April 2016
  • Reply 4 of 16
    Given the speed with which the courts move...
  • Reply 5 of 16
    If I had a suspicious nature, I might conclude that Apple agreed to open the IPhone in return for the FBI claiming they had help from a mysterious third party whose name shall not be spoken.  But that's just silly.  Isn't it?
  • Reply 6 of 16
    mike1mike1 Posts: 1,760member
    This narrative goes against the one in the news today that Apple will work to find out what the hack was as part of the drug case in NY. They are said to push for the details as to understand what the FBI has done to try and get into the iPhone 5s they have in custody. 
    Which may be why the attorneys had a conference call today, to stay ahead of the story.
  • Reply 7 of 16
    nolamacguynolamacguy Posts: 4,758member
    BizzBuzz said:
    If I had a suspicious nature, I might conclude that Apple agreed to open the IPhone in return for the FBI claiming they had help from a mysterious third party whose name shall not be spoken.  But that's just silly.  Isn't it?
    yes. idiotic, even. there are no secrets and it would leak and apple's invaluable reputation would be forever ruined.
    edited April 2016
  • Reply 8 of 16
    aujauj Posts: 2member
    My new favorite expression: " short shelf life ".
  • Reply 9 of 16
    slurpyslurpy Posts: 5,062member
    BizzBuzz said:
    If I had a suspicious nature, I might conclude that Apple agreed to open the IPhone in return for the FBI claiming they had help from a mysterious third party whose name shall not be spoken.  But that's just silly.  Isn't it?

    I know you're being sarcastic with the "silly" comment, implying your theory is very plausible, but it is, in fact, pretty damn silly. Apple has alot more to lose by making such a move, than to gain. 
    roundaboutnow
  • Reply 10 of 16
    tallest skiltallest skil Posts: 43,399member
    "We tell Apple, then they're going to fix it, then we're back where we started from," he said. "We may end up there, we just haven't decided yet."
    That’s the point, you fucking idiot. What right does the US government have to REDUCE the security of the people of the United States? None. In fact, you’re tasked with the opposite. You defend the security of the country. If we had some judges who weren’t traitors, taking this to court would end up forcing any government agency to immediately tell any private corporation how to better secure their devices.
    rob53bobschlob
  • Reply 11 of 16
    This narrative goes against the one in the news today that Apple will work to find out what the hack was as part of the drug case in NY. They are said to push for the details as to understand what the FBI has done to try and get into the iPhone 5s they have in custody. 
    Agreed. This strategy was announced several days ago when Apple requested a delay with court proceedings.

    Unless the new judge denies Apple's request for details, the DOJ/FBI will have to enter into evidence everything that has been tried to hack into the iPhone 5S.

    I suspect the new judge will deny Apple's request then proceed exactly as the DOJ/FBI instructs her to proceed just as the magistrate did in California and as Judge Côte did in the ebooks case. 

  • Reply 12 of 16
    joshajosha Posts: 901member
    So my iPhone 5c is exposed to spying.
    Oh well, no problem here as I don't have any sensitive info on it.  ;)
    Unless spam Emails and Text brings it in !   :o
  • Reply 13 of 16
    rob53rob53 Posts: 1,936member
    josha said:
    So my iPhone 5c is exposed to spying.
    Oh well, no problem here as I don't have any sensitive info on it.  ;)
    Unless spam Emails and Text brings it in !   :o
    You never know what the FBI would find sensitive. Something you emailed who emailed to someone else who emailed to a drug dealer means you're a suspect. The FBI doesn't have to have something intelligent they only need to convince a hand-picked judge that there might be something on the phone.
    jbdragon
  • Reply 14 of 16
    rob53rob53 Posts: 1,936member
    If I were still an AAPL stockholder, I'd demand a lawsuit be brought against the FBI (whether it would be accepted or not) for slander, libel, and to force the FBI to disclose how the iPhone was hacked. Stockholders have a right to know this because any type of attack against the company is an attack against the value of the stock. 
  • Reply 15 of 16
    popswapopswa Posts: 3member
    Beyond Apple being a rogue nation, they never told us what they found on the terrorist's phone once they got in.
  • Reply 16 of 16
    wood1208wood1208 Posts: 1,633member
    Forgiving, good citizen of United States.
Sign In or Register to comment.