FBI Unlocks iPhone Without Apple's Help In San Bernadino Case

New submitter A_Mang writes: After asking for a delay last week, today the FBI revealed that a third party has succeeded in unlocking the iPhone used by a shooter in the San Bernadino attack. They've asked the court to vacate their request for an injunction forcing Apple to provide tools for unlocking the phone. "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court's Order," the filing reads. The report doesn't elaborate on how they've gained access, nor does it reveal any of the information stored on the phone. What we do know is that last week the FBI contracted Israeli software provider, Cellebrite, to help break into the phone.

Re:Suggestions anyone?

[Mr+D+from+63]

So, how does this now play for Apple, who banked on their phones being secure as a selling point?

Re:Suggestions anyone?

[Space+cowboy]

It was an iPhone 5c. It doesn't have the "secure enclave" that later models have, and is nowhere near as secure as these recent models, and by "recent", I mean anything that's a 5s or above.

See https://www.apple.com/business... for the gory details, or https://www.mikeash.com/pyblog... for a more readable version, but basically the secure enclave is designed to prevent brute-force attacks like the FBI wanted to use.

I'm reasonably certain that Apple's security team will have a larger remit on the next phone, to the extent that the secure enclave is invulnerable even to Apple (the above link speculates that it currently is not, and would therefore be vulnerable to a court warrant akin to the recent furore).

Re:Apple's response?

[dbIII]

Charles Stross has a bit about this on his blog. He suspects that Apple is moving into the electronic funds transfer sector a bit more than they already are and that if there was a publicly known backdoor that would screw over trust issues enough to mess up potential future business.
He phrases it as the FBI wanting a backdoor into what will effectively be an ATM machine network. Not a good look for the vendor of such a thing.

In around 2000 there were people buying fuel at the pump in one country via their phones but the banks got in the way of that being a viable payment method in general. Now Apple probably have the ability to do to the banks what they did to the music companies and actually implement the old electronic wallet idea. I'm not saying it's necessarily a good thing or a bad thing, just that it looks like Apple is heading in that direction and the FBI having a backdoor into it would be a danger to such a system.