A group of three news outlets, including Gannett, the Associated Press and Vice Media, filed a lawsuit today against the FBI on grounds relating to the bureau's decision to keep its method of hacking into San Bernardino shooter Syed Farook's iPhone a secret. The news organizations are looking for more information about how exactly the FBI entered the iPhone, what "outside party" helped with the process, and how much the government paid for it (via USA Today).

Gannett, the AP, and Vice Media have each sought details on the hack under the Freedom of Information Act, but the FBI denied the requests, arguing that "revealing the records would imperil its enforcement efforts." Now the organizations are teaming up and asking the court to force the FBI to release the requested information.

iphone5c
While the security drama swirls, University of Cambridge researcher Sergei Skorobogatov has released proof countering the FBI's claim that it couldn't get into Farook's iPhone without Apple's help. In his report (via Engadget), Skorobagatov detailed his process in bypassing the passcode retry counter of an iPhone 5c running iOS 9, which he said "does not require any expensive and sophisticated equipment."

This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c.

After removing the NAND from the iPhone -- which requires "a temperature above 300 ºC...due to heavy heat sinking of the main PCB" -- he created a backup of it and placed it onto a custom-built, special test board. To continue the NAND mirroring process, following a successful creation and verification of the backup copy, the original chip is placed back into the iPhone 5c, where the researcher entered six passcode attempts, and then power cycled the device. In total, the process takes 90 seconds each time, meaning the true password could feasibly be discovered in "less than two days."

Once the phone is powered up and the screen is slid the passcode can be entered six times until the delay of one minute is introduced again. Then the process of mirroring from backup can be repeated again and again until the correct passcode is found. On average each cycle of mirroring for six passcode attempts takes 90 seconds. Hence, a full scan of all possible 4-digit passcodes will take about 40 hours or less than two days.

The fight between Apple and the FBI began earlier in the year when Apple refused to help the government unlock Farook's iPhone 5c under the belief that it could set a fearful precedent for security and privacy moving forward. The FBI didn't know what could potentially be on the device, but believed that any information gathered from it would potentially help move the case of the San Bernardino shooting forward in meaningful ways.

Although that particular case is over, FBI director James Comey said that he expects litigation over the encryption of mobile devices to continue, as encryption is "essential tradecraft" of terrorist organizations like ISIS. Technology and security have intersected more and more as smartphones grow more popular, with Comey also stating that WhatsApp's new end-to-end encryption was already "affecting the criminal work [of the FBI] in huge ways."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

HappyDude20 Avatar
107 months ago
This is absolutely great that the news organizations brought this up to them and is practically calling them out on their bs.
Score: 9 Votes (Like | Disagree)
soupcan Avatar
107 months ago
Round 2: FINISH HIM.
Score: 3 Votes (Like | Disagree)
Weaselboy Avatar
107 months ago
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
It will be interesting to see how it plays out. The way Freedom of Information Act (FOIA) requests work is everything is presumed to be subject to disclosure unless the info falls under specific exemptions in the act. It sounds like the FBI is relying on the exemption quoted below. I guess it will be the court's job to decide if the exemption applies in this case.

Quote from FOIA FAQ here ('https://www.foia.gov/faq.html#exemptions'):
7(E). Would disclose techniques and procedures for law enforcement investigations or prosecutions.
Score: 3 Votes (Like | Disagree)
OriginalClone Avatar
107 months ago
Arguments start in 3..2..1..
Score: 2 Votes (Like | Disagree)
thisisnotmyname Avatar
107 months ago
It's interesting how quickly Vice is gaining prominence. My introduction to them was the series of "travel" documentaries they did (definitely worth a watch if you haven't seen them). They do seem to have a distinct viewpoint and it shows in their coverage but I generally like their work. Much more interesting to me than what a lot of the traditional media is doing.

And good for these groups in pushing for access to the information, it's been sketchy how the FBI has been avoiding federal rules of disclosures in this case.

edit: this reminds me that we haven't heard anything with the release of the iPhone 7 about improvements to the secure enclave and firmware flashing. I wonder whether any steps were taken to reduce or eliminate their ability to apply updates without the consent of the device owner.
Score: 2 Votes (Like | Disagree)
2457282 Avatar
107 months ago
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
Score: 1 Votes (Like | Disagree)

Popular Stories

iPhone SE 4 Thumb 1

iPhone SE 4 With Apple's Own 5G Modem 'Confirmed' to Launch in March

Tuesday November 19, 2024 12:12 pm PST by
Barclays analyst Tom O'Malley and his colleagues recently traveled to Asia to meet with various electronics manufacturers and suppliers. In a research note this week, outlining key takeaways from the trip, the analysts said they have "confirmed" that a fourth-generation iPhone SE with an Apple-designed 5G modem is slated to launch towards the end of the first quarter next year. In line with previo...
airtag purple

AirTag 2 Rumored to Launch Next Year With These New Features

Sunday November 17, 2024 5:18 am PST by
Apple released the AirTag in April 2021, so it is now three over and a half years old. While the AirTag has not received any hardware updates since then, a new version of the item tracking accessory is rumored to be in development. Below, we recap rumors about a second-generation AirTag. Timing Apple is aiming to release a new AirTag in mid-2025, according to Bloomberg's Mark Gurman....
at t turbo indicator iphone 16 pro max v0 8hrh7w5f3w1e1

AT&T Turbo Indicator Showing Up in iPhone Status Bar for Subscribers

Wednesday November 20, 2024 3:42 am PST by
AT&T has begun displaying "Turbo" in the iPhone carrier label for customers subscribed to its premium network prioritization service, according to reports on Reddit. The new indicator seems to have started appearing after users updated to iOS 18.1.1, but that could be just coincidence. Image credit: Reddit user No_Highlight7476 The Turbo feature provides enhanced network performance through ...
Generic iOS 18 Feature Real Mock

Apple Releases iOS 18.1.1 and iPadOS 18.1.1 With Security Fixes

Tuesday November 19, 2024 10:10 am PST by
Apple today released iOS 18.1.1 and iPadOS 18.1.1, minor updates to the iOS 18 and iPadOS 18 operating systems that debuted earlier in September. iOS 18.1.1 and iPadOS 18.1.1 come three weeks after the launch of iOS 18.1. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. Apple has also released iOS 17.7.2 for...
Magic Mouse Next to Keyboard

No, Apple CEO Tim Cook Didn't Say He Prefers Logitech's MX Master 3 Over the Magic Mouse

Sunday November 17, 2024 3:03 pm PST by
While the Logitech MX Master 3 is a terrific mouse for the Mac, reports claiming that Apple CEO Tim Cook prefers that mouse over the Magic Mouse are false. The Wall Street Journal last month published an interview with Cook, in which he said he uses every Apple product every day. Soon after, The Verge's Wes Davis attempted to replicate using every Apple product in a single day. During that...
iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Rumored to Surpass iPhone 6 as Thinnest iPhone Ever

Monday November 18, 2024 1:07 pm PST by
In a research note with Hong Kong-based investment bank Haitong today, obtained by MacRumors, Apple analyst Jeff Pu said he agrees with a recent rumor claiming that the so-called "iPhone 17 Air" will be around 6mm thick. "We agreed with the recent chatter of an 6mm thickness ultra-slim design of the iPhone 17 Slim model," he wrote. If that measurement proves to be accurate, there would be ...
bug security vulnerability issue fix larry

Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities

Tuesday November 19, 2024 10:52 am PST by
The iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 updates that Apple released today address JavaScriptCore and WebKit vulnerabilities that Apple says have been actively exploited on some devices. With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted...
apple card feature2

Apple Card 3% Daily Cash Back Now Available From Two More Apple Partners

Tuesday November 19, 2024 10:36 am PST by
Apple has partnered with select merchants to offer Apple Card users three percent Daily Cash back on their purchases, and two new companies were added to the partner list today. When purchasing goods and services from Booking.com and ChargePoint, Apple Card users will now get more cash back. Booking.com is a site for reserving flights, cars, cruises, and hotels, while ChargePoint sells...