Slashdot Mirror
FBI Hires Cellebrite To Crack San Bernadino iPhone (reuters.com)
tlhIngan writes: Earlier this week, the FBI asked the court for a continuance so it could do some research into a proposed method of cracking the [iPhone belonging to one of the San Bernardino, California shooters]. It turns out the FBI has contracted Cellebrite for $15,000 to break into the phone. Cellebrite is an Israeli software provider specializing in mobile phone forensics software. If they succeed, it would mean Apple would no longer need to be involved.
apple can pull some DCMA BS and sue them. Now will they be that much of a dick?
Stimulating the global economy. Win-win!
It'd be pretty hilarious if they just try the 10 most common PIN's and either get in or hand the FBI back the bricked phone with a "whops".
How is it that tiny little war torn Israel always seems to have the latest in technology that we can't seem to get here in America?
The irony is sweet with this one:
http://www.bloomberg.com/news/...
Doing this to keep it from going to an amendment court case, which FBI would lose, setting a precedent they'd rather not set.
There must not be too much secret sauce involved if they're going to do it that cheaply.
While that listing shows that they have bought SOMETHING from Cellbrite, I think I'd like to see a little more evidence before I'm convinced that this shows they hired Cellbrite to hack the San Bernardino iPhone. https://www.fpds.gov/ezsearch/... shows that the Secret Service bought $781k worth of something from them on the 10th of March.
A single FPDS entry doesn't really mean anything.
Wow, they should of asked for more. They would of had to pay 10 times, at least, that in any sort of legal battle.
Troll is not a replacement for I disagree.
Brasil Sadness? - Regret over missing pubic hair.
It's legal to hack a phone then? Good to know.
How do you maintain chain of custody of the evidence if you hand it over to a company that's not governed by our laws?
If the Israeli company recovers data that gives them leads to other suspected terrorists, does the FBI have legal authority to pursue those leads when the information was "extracted" by a foreign company and it may or may not be fabricated? The only proof that they have that the information was really on the phone is because this company said so.
All that bullshit because the FBI wanted to save $15 thousand dollars?
Someone should be fired for such a dramatically bad decision as fighting it out in the court of public opinion, let alone federal court.
excitingthingstodo.blogspot.com
Sounds illegal in both national and international levels, but I am still waiting for the encryption ban after this.
Imagine every LEO calling a mumble "Encryption" or "Code". Everything not understood must be encrypted. Remember the gang signs lockup for waving? Any files on your phone must be plain, and in all languages or it must be hidden messages. New tools for racists or classist members of LE or Government.
what is up with the AC delay between posts? . it is being measured in hours nowadays ?
It is hard to imagine that Cellebrite has a method that doesn't involve the well discuessed method of physically reading the serial off the chip. Perhaps the FBI sees it as a win win situation. They already have admitted that its unlikely there is much of use on the phone. If it works they have a company that has proven itself proficent at this sort of hacking and if it doesn't, it strengthens their legal argument against Apple
If they're only paying $15,000, they may only be paying to have this phone hacked, without being told the key details of how it's done. They don't have to share information that they don't have.
Hmmm, how can we back down from a battle, we are clearly losing, to Apple while saving face and boosting our Israeli relations related to terrorism?
-- Disclaimer: I can't really back up anything I post on
This might be jumping the gun - if you view the awarded contract the description of work for the $15k says "IGF::OT::IGF UFED software renewals for seven machines."
Here's a PDF brief about the software's hacking capabilities:
http://www.cellebrite.com/Media/Default/Files/Forensics/Data-Sheets/4PC-DataSheet.pdf
Physical extraction and decoding while bypassing pattern lock / password / PIN from Android devices including Samsung Galaxy S family, LG, HTC, Motorola, and more
Physical and file system extraction and decoding from Android devices running OS 4.2 – 4.4.3
Physical extraction from BlackBerry® devices running OS 4 – 7. Exclusive decoding: BBM data, apps, emails, Bluetooth and more
Widest support for extraction and decoding from Apple devices
Physical extraction and decoding from locked
Nokia BB5 devices – password extraction from selected devices
Unrivalled access to locked devices by bypassing, revealing or disabling the user lock code
Physical extraction and decoding from Windows
Phone devices running OS 8.0 – 8.1
File system extraction from any device running
Windows Phone, HTC, Samsung, Huawei and ZTE
Recover a greater amount of deleted data from unallocated space in the device’s flash memory
Decoding of JTAG physical extractions from a rich set of data
TomTom® trip-log decryption, and data extraction from other portable GPS devices
WhatsApp encrypted history database can now be decrypted
then the TPTA may force them to be locked up. I think the fbi can get them in to a very nice club fed.
Lol. Love the subject. I had a gut feeling you'd jump on this one.
I wonder if the FBI understands that this should be as embarrassing for them as the O.J. Simpson evidence cock up. It'll work for them this time, but due to their poor handling of evidence in this case, in the future, it will be borderline impossible to decrypt phones even with Apple's help.
Just because the FBI contracts with a company or individual does not mean that criminal and civil laws do not apply. Breaking the encryption for one iPhone lowers the value of every iPhone as well as damaging the brand name. If it would be illegal for me to crack into a phone then it would be equally illegal for a contractor or even the FBI itself to do the same thing.
The irony is sweet with this one: http://www.bloomberg.com/news/...
Doubtful. They are protecting sources and methods by refusing to disclose to Apple.
And then let Apple pay them $20,000 to show them how they did it, so Apple can plug that vulnerability too.
That being said, I'm less worried about there being a way to hack a device if the hack requires physical possession.
It's remote carte blanche access I that concerns me the most.
At this stage I'd have to conclude that the FBI have known about this all along. Cellebrite is not a new company and they have supplied equipment and services to the FBI and other agencies on multiple occasions.
If they have had this option all along, why bother with Apple? The only reason was to set a precedent for the modern day use of All of Writs Act against a high profile tech company. Also, if they were successful with Apple, then it would give the FBI and other agencies leverage against Microsoft and Google.
According to the FBI they have other phones they wanted to unlock as well, so why wait until now? Because this phone is related to terrorism, and 'terrorism' is a trigger word for the hearts and minds of the American public. I suspect that they thought a company with a high reliance on their PR profile would crumble in the face of claims of abetting terrorism. Maybe they thought that Apple wouldn't put up much of a fight, or that they would roll over because they have helped the government in the past. The reality certainly hasn't played out that way for the FBI.
Why give up now? The FBI have acknowledged that the personal phones the couple used were destroyed (which is where the key information would have been) and that the iPhone was not likely to have had much if any useful information. It is possible they have already unlocked the iPhone and have found this out. It is also possible that the FBI's legal team thought they would lose against Apple's latest filing.
Where to from here? Hard to say. Both Apple and the FBI will try to spin this in their favour. The process has already been classified by the DoD, but this is probably more to prevent Apple from trying to claim breach of their trade secrets by the Cellebrite.
View, next to Award ID gives the details of the contract.
https://www.fpds.gov/common/jsp/LaunchWebPage.jsp?command=execute&requestid=66871710&version=1.4
It says that this is: "UFED Software renewal for seven machines." Now that could well be FBISpeak for butt out, we're going to do whatever we want, but are we sure this really is a $15k contract to crack the bomber's phone?
http://www.cbc.ca/news/canada/...
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
http://technoramauk.blogspot.co.uk/2016/03/how-to-decrypt-iphone.html
Earlier this week, the FBI asked the court for a continuance so it could do some research into a proposed method of cracking the [iPhone belonging to one of the San Bernardino, California shooters].
Why are you putting that in brackets?
Usually brackets like this indicate an alteration to a quote for clarity or taste, such as 'The defendant stated that he had "never seen the stupid [female dog]"'
If you're not linking to something from which this can be seen to be a quote, why are you putting the brackets in? It's not helpful.
systemd is Roko's Basilisk.
With a low UID like yours, I suspect you and I may be of similar vintage. I therefore trust you'll understand when I say "you can't fight City Hall".
And get bought out by Apple as soon as they do it so they can find out how to fix their phones.
There were eye witnesses and both of the shooters are dead. I highly doubt that anything in that cell phone will lead to additional arrests.
Good LAWD that's a lot of money- John McAffee would have done it for bath salts!
If Apple does the hack, they can at least maintain the appearance that iPhones are secure because only Apple can crack them. However, they ruin their public image because the public will no longer trust them to keep their data secure. In fact, I expect Apple's sales to fall because the public knows Apple will crack their iPhones for the government whenever they want.
If the Israeli company cracks the phone, then Apple's public image is ruined because the truth, that iPhones were never secure in the first place, leaks out. I expect Apple's sales to fall because the public knows the government will crack their iPhones whenever they want.
The real question: is cracking iPhones really worth it to the government when the result is the loss of so much income tax revenue? What's that? Apple doesn't pay taxes because all the income is credited to stateless corporate entities and all the money is stored off shore in foreign banks? Well, it seems we've uncovered the real reason for this legal fight. I doubt the FBI really needs anything from the dead terrorist's iPhone after all.
Naturally, however, the government is screwing it all up and doing it wrong. Instead of bullying Apple into bringing their money home and paying taxes, there's a better way that would benefit all of America instead of just the federal government. We need to repeal the 1913 Federal Reserve Act, destroy the Federal Reserve, and help the rest of the world (especially the EU) destroy their central banks, too. Instead of a our current system of currency where we borrow money into existence and attempt to pay it off with tax income, we need to switch to a new system of currency.
America must replace its entire supply of U.S. Dollars printed as "Federal Reserve Notes" with U.S. Dollars printed as "United States Notes". Then we must gather up all the "Federal Reserve Notes" along with all the U.S. bonds which manifest our national debt and incinerate them all together. In that one move, which will take only a few months, we will eliminate our entire twenty trillion dollar national debt.
Our new system of currency is a simple one. Once congress makes reasonable and responsible decisions about how much money to spend for its annual budget and the president signs it into law, the U.S. Mint will print exactly that much money. Our current system of currency injects freshly printed money into the economy through loans which creates more debt and helps to enslave our country and all its people. Using debt to create equity and a false sense of value in our currency is wrong. It has always been wrong. Our system of currency, specifically the 1913 Federal Reserve Act, was always illegal and unconstitutional.
The new system of currency injects the freshly printed money into the economy through trade. The government spends it into the economy to purchase the goods and services it needs to conduct its business and keep the country running. The equity invested and traded for the currency to give it value is real. Before private contractors can earn profits on their goods and services, those goods and services must be produced first. Labor must be hired, raw materials must be purchased, new factories must be built and equipped, existing factories must be maintained, and the work must be done. The cost of doing all this is the equity value created to exchange for the freshly printed money. The total of the profits earned by the private contractors is the expansion of the economy (e.g. the total increase in the wealth represented by all the currency). Also, the profits earned by private companies from private spending also expand the economy and would manifest by increases in the value of the U.S. Dollar. Imagine that. A more valuable U.S. dollar will provide price deflation which is a good thing because dollars that are more valuable purchase more stuff. That's completely different than economic deflation which is a bad thing.
Finally, once our new systems of currency and government spending are in place, t
Haha. This is why I love the cow/app guy. Every now and then he's perfectly on topic! The rhyming subject line is sauce.
That's not against national security at all! Aaaaawww Yeah!
First paragraph of the Wikipedia page for the Israeli Defense Industry says "The Defense industry of Israel is a strategically important sector and a large employer, as well as major supplier of the Israel Defense Forces. Israel is one of the world's major exporters of military equipment, accounting for 10% of the world total in 2007. Three Israeli companies were listed on the 2010 Stockholm International Peace Research Institute index of the world's top 100 arms-producing and military service companies: Elbit Systems, Israel Aerospace Industries and RAFAEL.[1][2] The Defense industry in Israel is a strategically important sector and a large employer within the country. It is also a major player in the global arms market and is the 6th largest arms exporter in the world as of 2014.[3] Total arms transfer agreements topped 12.9 billion between 2004 to 2011.[4] There are over 150 active defense companies based in the country with combined revenues of more than 3.5 billion USD annually.[5] Israeli defense equipment exports have reached 7 billion U.S. dollars in 2012, making it a 20 percent increase from the amount of defense-related exports in 2011. Much of the exports are sold to the United States and Europe. Other major regions that purchase Israeli defense equipment include Southeast Asia and Latin America.[6][7][8] India is also major country for Israeli arms exports and has remained Israel's largest arms market in the world.[9][10]"
I am thought Mcafee was offering to do it for free.
Pick up the phone and call Geohot!
https://www.youtube.com/watch?... :P
Great idea; ain't going to happen. The ability of the big boys to ever extend their copyrights is a clear sign of who's got the power in this area.
Isn't there some diet pill which will eliminate cellebrite?
"National Security is the chief cause of national insecurity." - Celine's First Law
Errrmmm, no, is just a software renewal;
"UFED software renewals for seven machines"
https://www.fpds.gov/common/jsp/LaunchWebPage.jsp?command=execute&requestid=66872388&version=1.4
This is a RUMOR that I do not have concrete information on.
However,...
I've read at least twice, that the perps deliberately physically destroyed their personal phones. The phone in question is a business phone. The likelyhood of anything being on this phone is very very slim. Simply by the fact they had the sense to kill the other phone, it implies this one is super likely to be empty.
May not be the actual case and could be untrue, but if it is, all this is likely to be for nothing.
If you quote out of the Babylonian Talmud how Rabbi Jews regard non-jews as animals and can rape them and take property without compenstation, then welcome all takedown requests to higher priority based on the complainant saying quotes are defamitory.
Cellebrite.iPhorensics.Suite.Government.and.Law.Enforcement.Edition.x64.v1.02.incl.Keygen.-.CoRE
Now every kiddie can haXX0r da iPhonez
When the copyright term is "forever minus a day", live every day like it's the last.
Must be nearing the end of the FBI's fiscal year, where they need to spend all the rest of their money fast, to use up their budget.
What else would explain pouring obscene amounts of money into an effort to crack a phone with NOTHING ON IT purportedly to obtain data THEY ALREADY HAVE to help them catch suspects THEY'VE ALREADY KILLED.
Unless I'm missing something the purchase order linked to doesn't say anything explicit about reading the NAND off the iPhone. It seems to be for
IGF::OT::IGF UFED software renewals for seven machines.
See https://www.fpds.gov/common/js...
Now yes, UFED is a forensics device for extracting info from phones (http://www.cellebrite.com/Mobile-Forensics/Products/ufed-touch), but the contract says software renewals, which means the FBI already had these devices beforehand.
Plus, the Bloomberg article says the identity of the contractor is unknown. So how are we sure this is Cellebrite? I remember posters saying it would take millions of dollars to try and read the physical portion of the key, so is this just simple flash and dump to circumvent the 10 attempt limit? And they think they can do it with 7 machines in parallel?
It is true that the purchase order date (3/21/2016) makes it look at least related to this iPhone case. But the place of execution is in Cook County Illinois. Is the San Bernardino phone being held in Illinois?
They don't yet know whether there is anything they can use even in the investigation, much less in court. If they want to use it in court, they'll have to pay the company to send an expert witness and testify about it. There's a lot more to pay if and when they decide to use it in court.
https://apple.slashdot.org/comments.pl?sid=8913137&cid=51766723
Allows apple to make an iOS version which is *effectively* the 8.1 or 7 or whatever, a downgrad of iOS, then have it loaded on the phone then let the FBI use the linked device ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Unbelievable! Israel is the biggest threat to national security and world peace, bar none. We should not be co-operating with them in any way, shape or form.
I'm not an expert, I just clicked the link that read "View" to see the details.
$15k sounds about right for software licensing to me, how exactly do you get them hacking the iPhone in question from that?
I'm a 2000 man.
They don't even give it a week after explaining exactly how to crack an iphone and they publish something else. The simple solution of cloning the encrypted area and then hard wiring the chip to a clone of that made 100% sense. What am I missing?
That's all it would cost? 15K to crack the encryption?
Thank you for ur valuable information...!
....backup the data from NAND, reset phone, copy back an encrypted file.with some known data, Now you are free to simply change the PIN lock as fast and as many times as you like (since you're changing it not unlocking phone) until you hit the right one?