FBI can't unlock anything newer than Apple's iPhone 5c, Comey reveals
The unlocking procedure used by the Federal Bureau of Investigation to break into an iPhone 5c at the center of the San Bernardino case cannot be used on new devices, the bureau's director said on Wednesday.
The IP Box setup, via MDSec.
Comey told a group of students and educators at Kenyon College in Ohio that his department had "purchased a tool" from a third party to unlock the iPhone in question, according to CNN Money. Though he stopped short of revealing the exact process, he did note that it would not work on more modern handsets.
"This doesn't work on 6S, doesn't work on a 5S, and so we have a tool that works on a narrow slice of phones," Comey said.
Discussing Apple's request that the bureau unveil its method, Comey was noncommittal but said he was worried about losing what little access the bureau does have.
"We tell Apple, then they're going to fix it, then we're back where we started from," he said. "We may end up there, we just haven't decided yet."
Since the FBI revealed its success late last month, most speculation regarding their method has centered around the so-called "IP Box" that first appeared last spring. That tool -- which retails for less than $300 -- latches onto a susceptible iPhone's power circuitry and enters PINs over USB.
When a wrong guess is detected, the tool aggressively cuts power to the iPhone's logic board before the guess is recorded, defeating the 10-try limit.
Apple is believed to have patched this hole in older iPhones with iOS 8.1.1; as the iPhone 5c in question is thought to be running iOS 9, the FBI has either chosen a different method or has purchased the device from a company that has discovered an as-yet unreported flaw in later software.
Beginning with the iPhone 5S, PIN guesses are managed in the hardware Secure Enclave, rendering such an attack useless.
The IP Box setup, via MDSec.
Comey told a group of students and educators at Kenyon College in Ohio that his department had "purchased a tool" from a third party to unlock the iPhone in question, according to CNN Money. Though he stopped short of revealing the exact process, he did note that it would not work on more modern handsets.
"This doesn't work on 6S, doesn't work on a 5S, and so we have a tool that works on a narrow slice of phones," Comey said.
Discussing Apple's request that the bureau unveil its method, Comey was noncommittal but said he was worried about losing what little access the bureau does have.
"We tell Apple, then they're going to fix it, then we're back where we started from," he said. "We may end up there, we just haven't decided yet."
Since the FBI revealed its success late last month, most speculation regarding their method has centered around the so-called "IP Box" that first appeared last spring. That tool -- which retails for less than $300 -- latches onto a susceptible iPhone's power circuitry and enters PINs over USB.
When a wrong guess is detected, the tool aggressively cuts power to the iPhone's logic board before the guess is recorded, defeating the 10-try limit.
Apple is believed to have patched this hole in older iPhones with iOS 8.1.1; as the iPhone 5c in question is thought to be running iOS 9, the FBI has either chosen a different method or has purchased the device from a company that has discovered an as-yet unreported flaw in later software.
Beginning with the iPhone 5S, PIN guesses are managed in the hardware Secure Enclave, rendering such an attack useless.
Comments
"We tell Apple, then they're going to fix it, then we're back where we started from,". Right back where you started from? You mean back to only being able to unlock older iPhones that don't use a Secure Enclave? Seems like Apple has ALREADY fixed it, starting with the 5S and A7 from several years ago.
Basically, this is a useless hack.
This is different than saying that the FBI cannot hack modern devices with different techniques.
Headline fail.
You just like to make stuff up out of thin air, don't you?
Do you understand what a logical fallacy is?
If the government were to do a bunch of R&D on the subject, I suspect they would be able to find hardware weaknesses somewhere in newer iPhones. It's just too complex to not have any.
Oh Fu** you comey.
people using 4 char numerics... even 6 character... deserve no privacy;-).
Probably will be harder to get used iPhones into India than it would be to bypass the passcode.
Only hope is that really the secure enclave itself has a bug, pretty unlikely
as this component has likely been tested to death (As it is so critical and failure would be very bad for Apple).
It also has a very narrow precise functionality, which makes testing easier.
Using even a 6 digit random alpha pin is probably sufficient to stop any FBI hack no matter what it has.
Anyone caring about security, like a terrorist... Would use at least a 8 alphanum pass code.
Best way to get the passcode would probably be to have some custom firmware to load before Apple's firmware so you can have people give you the passcode
Or even just swap out their phone and put your own in and wait for them to enter their passcode into the fake phone! Then just unlike the phone.
Or just put cameras everywhere and wait for them to not have it, enter into the phone and copy out everything and put it back
If people are already known, getting info from the phone is easy.
That's probably why Apple has bought the firmware security firm; it's a slim but existing vulnerability.