Slashdot Mirror

← Back to Stories (view on slashdot.org)

LAPD Hacked An iPhone 5s Before The FBI Hacked San Bernardino Terrorist's iPhone 5c (latimes.com)

Posted by BeauHD on from the bypassed-security dept.

According to recently released court papers, Los Angeles police investigators found a way to break into a locked iPhone 5s belonging to April Jace, the slain wife of "The Shield" actor Michael Jace. The detectives were able to bypass the security at around the same time period the FBI was demanding Apple unlock the iPhone 5c belonging to San Bernardino terrorist Syed Rizwan Farook. LAPD detective Connie Zych wrote on March 18, the department found a "forensic cellphone expert" who could "override the locked iPhone function," according to the search warrant. There's no mention of how the LAPD broke into the iPhone or what OS the iPhone was running (Note: iOS 8, which features improved encryption and security features, came out months after the killing). The information stored on the iPhone should help in the criminal case against Jace's husband, who is charged with the May 19, 2014, killing.

47 comments

  1. Michael Jace was several years ago. by AbRASiON · · Score: 4, Insightful

    https://en.wikipedia.org/wiki/...

    I just looked it up because of this article, that was nearly a full 2 years ago. I imagine several significant holes in iOS have likely been patched by now.
    Apple are seemingly getting close to having an airtight phone, assuming you have it locked of course with a reasonable pass / pin. This seems like a good thing for the consumer.

  2. The files are in the computer by ItsJustAPseudonym · · Score: 1

    Obligatory Zoolander: https://www.youtube.com/watch?...

    1. Re:The files are in the computer by BeauHD · · Score: 1

      This is exactly how I imagine the "experts." Thanks for sharing. Lol

    2. Re:The files are in the computer by Anonymous Coward · · Score: 0

      Obligatory XKCD: https://xkcd.com/538/

  3. How stupid are the editors? by peragrin · · Score: 4, Insightful

    IOS 8 was released Sept of 2014. Or four months after the killing.

    The phone would have been running iOS 7at best.

    Let's have a big headline and dupe idiots into thinking it was hard.

    --
    i thought once I was found, but it was only a dream.
    1. Re:How stupid are the editors? by Swampash · · Score: 1

      parent deserves +5

    2. Re:How stupid are the editors? by aitikin · · Score: 1

      parent deserves +5

      For pointing out the specific details of a statement that was generalized in TFS?

      (Note: iOS 8, which features improved encryption and security features, came out months after the killing).

      --
      "Don't meddle in the affairs of a patent dragon, for thou art tasty and good with ketchup." ~ohcrapitssteve
    3. Re:How stupid are the editors? by tom229 · · Score: 0

      So iPhones were easy to break into all the way back in those dark ages 18 months ago, but are completely secure now? Got it. How's that koolaid taste anyways?

      --
      If it ain't broke, don't fix it.
    4. Re:How stupid are the editors? by peragrin · · Score: 1

      Exactly then why make abig deal of it today? Because the phone was only hacked recently.

      It is making a big deal of Android 4.0 being hacked. Hence the sensational headline.

      Now if someone hacks ios9 phone then go for it.

      --
      i thought once I was found, but it was only a dream.
  4. Inmates? by Tablizer · · Score: 1

    There's no mention of how the LAPD broke into the iPhone

    They probably just asked inmates to help out: they have experience and time.

    --
    Table-ized A.I.
  5. Laos budget by Anonymous Coward · · Score: 2, Informative

    Lapd has enormous budget, saw a documentary which said they had people stationed internationally. Mission creep on overdrive.

    1. Re:Laos budget by Anonymous Coward · · Score: 0

      Are you telling me that NCIS: Los Angeles is really about LAPD?

      That explains those missions to Russia to save whats-his-faces gf's dad's ex-roommates cousin because TV.

  6. Can please you get provenance correct? by Anonymous Coward · · Score: 1

    "belonging to San Bernardino terrorist Syed Rizwan Farook". No, it belonged to the county of San Bernardino.

    1. Re:Can please you get provenance correct? by Anonymous Coward · · Score: 0

      You're being needlessly pedantic. It was his work phone, so while he may not have had actual ownership of it, in the sense that it was provided to him to use exclusively, then yes, it was his phone.

  7. precedent by 101percent · · Score: 1

    There is a reason FBI chose this huge terrorism case out of their huge load. They politicized everything in order to establish a precedent.

    1. Re:precedent by Anonymous Coward · · Score: 0

      There is a reason FBI chose this huge terrorism case out of their huge load. They politicized everything in order to establish a precedent.

      Which is why the US is currently considering allowing the FBI remote access to any device connected to the internet. Win or lose with terrorism case...they win. Apple unlocks the phone? Win - now "we" can have them do it again. Apple doesn't unlock the phone? Win - "we" made our efforts public, instead of remaining quiet as is our usual approach, and the "courts" will eat it up because we made the data central to the investigation.

  8. Re: Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    Aliens? No. Don't be ridiculous. They were made by Dilbert. They are the Dupeys.

  9. dey r all haxx0rz by Anonymous Coward · · Score: 0

    It really doesn't mean squat any longer, so stop derping about "hacking" already.

  10. Re:Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    I'm not sure how you're jumping to the conclusion of "airtight phone." Nobody even knows how the most recent one was hacked, including the FBI if that's to be believed.

    It certainly is hard enough to crack that the letter agencies have to shell out millions to shady "consultants" to do their dirty work, on the other hand...that's good for everyone _else_ at least.

  11. Eh by Xabraxas · · Score: 1

    It was probably locked with a fingerprint.

    --
    Time makes more converts than reason
    1. Re:Eh by Impy+the+Impiuos+Imp · · Score: 1

      The problem with fingerprints is they can force you to unlock it (with a warrant).

      Forcing you to say your password has 5th Amendment implications.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  12. Re:Michael Jace was several years ago. by windwalkr · · Score: 1

    Are you saying Apple's programmers are now able to create a computer program as complex as an operating system with no bugs and no flaws whatsoever?

    This is a good point in general, however the kind of security we're talking about here is restricted to the "login screen", not the general purpose OS. That's a much smaller attack surface. Once you've logged in, and are running third-party code on the device, you're much more likely to be able to break something.

    It's reasonable to say that GP's claim of them "getting reasonably close to having an airtight phone, assuming you have it locked" is accurate. There will always be workarounds (decapping the chips, forcing the owner to reveal the passcode, etc.) but short of a screw-up on Apple's side, the practical options for bypassing the lock screen via a hack are getting more and more limited.

  13. Re: Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    the 5c was haxked with a hacked bootloader. everybody knows how.

  14. Re:Michael Jace was several years ago. by Wrath0fb0b · · Score: 2, Informative

    Yes, iOS 7 was vulnerable to a very simple hardware hack:

    (1) Hook up your own battery emulator to replace the battery
    (2) Try a passcode, if it fails, cut power before the phone has a chance to write down the failure attempt
    (3) Profit (seriously, these hack-boxes were like $50k each while they worked)

    The solution on the phone side is reordering the events -- first execute failedAttempts++ and make sure it's synced to persistent storage, then evaluate the passcode and, if it's good, write failedAttempts=0 and unlock the phone. Not too complicated but counterintuitive to declare each attempt a failure beforehand and the undo your work later.

    Oh, and syncing it one of those simple things that are notoriously difficult to nail down in practice. fsync is perennially misunderstood as ensuring data is written to persistent storage, it actually only means it's moved out to the device (cf F_FULLFSYNC). Linux spent a while on write barriers, but then settled on different IO ordering semantics.

  15. Re:Michael Jace was several years ago. by Wrath0fb0b · · Score: 0

    Yes, iOS 7 was vulnerable to a very simple hardware hack:

    (1) Hook up your own battery emulator to replace the battery
    (2) Try a passcode, if it fails, cut power before the phone has a chance to write down the failure attempt
    (3) Profit (seriously, these hack-boxes were like $50k each while they worked)

    The solution on the phone side is reordering the events -- first execute failedAttempts++ and make sure it's synced to persistent storage, then evaluate the passcode and, if it's good, write failedAttempts=0 and unlock the phone. Not too complicated but counterintuitive to declare each attempt a failure beforehand and the undo your work later.

    Oh, and syncing it one of those simple things that are notoriously difficult to nail down in practice. fsync is perennially misunderstood as ensuring data is written to persistent storage, it actually only means it's moved out to the device (cf F_FULLFSYNC). Linux spent a while on write barriers, but then settled on different IO ordering semantics.

  16. Re:Michael Jace was several years ago. by AbRASiON · · Score: 1

    My understanding as a total encryption and technical newbie (compared to most of slashdot) is the 5c is a weaker, simpler phone, the 5s with it's thumbscanner has some kind of hardware encryption key (or some such?) between each component, so replacing a component to fake thumb prints or something like that isn't possible.

    I'm not sure EXACTLY how the c was hacked to be honest but TLDR, my understanding is the s is vastly more secure, going forward obviously for newer models too.

    I see downsides to it, definitely - when it comes to death in the family kind of stuff but honestly, I don't want people with access to my stuff without my approval, ever.

  17. Re:Michael Jace was several years ago. by tlhIngan · · Score: 2

    Yes, iOS 7 was vulnerable to a very simple hardware hack:

    No, there are easier hacks in iOS7 - there have been many lock screen hacks that let you in without consuming attempts on your passcode.

    Just google for iOS7 lock screen bypasses and there's an ugly list of 3-4 different bugs. I believe even iOS 8 has similar lockscreen bypasses. Heck, even iOS9 had one using Siri until Apple fixed it server-side.

  18. Crime by easyTree · · Score: 2

    Illegal unless you're one of the good guys.

    --
    Requiem for the American Dream
  19. Sounds like a waste of money by Anonymous Coward · · Score: 0

    He confessed on the phone, then signed a confession in police custody.

    Why do they need help against that? Are they stupid or just plain dumb?

  20. Re:Michael Jace was several years ago. by tom229 · · Score: 1

    but short of a screw-up on Apple's side, the practical options for bypassing the lock screen via a hack are getting more and more limited.

    There's no way you can know that and it's just historically untrue. This is a complex proprietary system, so it's already less secure than mature industry standards. Also, this system relies on an obfuscated process to allow the user to encrypt data with a weak pin. So you have fundamentally weak security (pin code), on an unproven closed system, relying on security through obscurity principles - I would not assume an iPhone is ever more secure than any volume secured with simple software encryption and a good password. In fact, if Apple really wanted you to secure your device they'd, let you disable all their binary garbage, install dm-crypt, and do it yourself. Apple has never been about choice, or user safety though. Hint: forced encryption incentivises cloud backups.

    --
    If it ain't broke, don't fix it.
  21. seems like every one can hack an iphone 5 by Anonymous Coward · · Score: 0

    except the fbi, unless of course they had an alterior motive for not being able to do so? nah an honest federal dept. wouldnt do that !

  22. Can I please have an unencrypted phone? by tom229 · · Score: 1

    I think critically, so I own a Samsung and this doesn't apply to me yet - but indications are it soon will. Google has been encrypting their phones by default for a couple generation's and are warning OEMs they might require it for Android branding soon. As a society we need to stop the trend towards this nonsense.

    There's nothing on my phone worth encrypting. If there was, I'd encrypt it. However there's lots on my phone that I'd never want to lose. I do backups, but I don't get to it every day, every week, or even every month. I would like the option to be able to emergency recover my data (impossible if it's encrypted) vs. keeping some non-existent nefarious agency from seeing a video of my son take his first steps.

    This is like Levis putting an unbreakable lock on my wallet. If anyone tampers with it, or if I forget the password, the contents are virtually incinerated. I'm either asked to dutifully keep a copy of everything myself, or virtually store a copy of all my personal documents at Levis warehouse - both unfavorable options to simply selling me a wallet without a lock.

    --
    If it ain't broke, don't fix it.
    1. Re:Can I please have an unencrypted phone? by heypete · · Score: 1

      Why not get the best of both worlds and have automated backups and an encrypted phone?

      If you're not comfortable with Google's various backup options (e.g. Google Photos' cloud backup), that's fine: there's alternatives. I use BitTorrent Sync to sync the camera folders on my and my wife's smartphones with our various computers and NAS. Not only does this make it easier to share photos and video with family (I find it easier to share from a computer, rather than from a phone), but it runs continuously so there's only a few seconds between when the photo was taken and when it's available on the computers. Works incredibly well.

      You can choose whether or not to sync using your cellular data or just on wifi, depending on your needs.

    2. Re:Can I please have an unencrypted phone? by tom229 · · Score: 1

      Of course I have discovered my own backup solutions that align to my ideals. I would still rather not have an encrypted device, that I don't need, just in case. Why am I supposed to be fine with something I don't need, or want? Data encryption should not be a default option simply because there are many real-world problems when using it, and few real-world cases where it's actually needed.The confusion likely arises with engineers trying to extend the ideals for default encrypted communications. There is no drawback to all communications being encrypted, it is just good sense. So the logical extension might go: what is the point of encrypted communication if the data storage isn't also? Well, passive remote snooping is the biggest concern, and communication logs can, and should be encrypted as needed (almost no need for average citizens). Encrypting the entire storage volume of a device to augment encrypted communication is unnecessary and reckless. It's a failure in design philosophy. One that needs to stop persisting when we already have so few choices in mobile platforms.

      --
      If it ain't broke, don't fix it.
    3. Re:Can I please have an unencrypted phone? by laird · · Score: 1

      Encrypted storage these days works quite well, and is built into Windows and MacOS at no cost. When we have employees working in insecure areas (such as shared offices) we encrypt their hard drives, and there's no noticeable performance impact. If they forget their credentials they lose access to their hard drive, but they also can't get to their email, calendar, file servers, etc., so that's hardly insurmountable.

      And the value of encrypting storage is pretty high - if a laptop is lost or stolen, encrypting storage protects source code, email, documents, etc.

      To be fair, five years ago the situation was different - the encryption software back then could rendering machines painfully slow, and the productivity cost was too high. But either from faster CPU and disk, or better software, these days disk encryption is free and painless, so it's worth doing.

      --
      Enable 3D printed prosthetics!
    4. Re:Can I please have an unencrypted phone? by tom229 · · Score: 1

      so it's worth doing

      I never said it wasn't. The problem is there's also many instances where encrypting data is worth NOT doing, and on many of these mobile platforms there is no option for that. Forced encryption is bad design, likely intended to encourage users into using cloud services, not to protect them - of course that's how they'll sell it though.

      --
      If it ain't broke, don't fix it.
  23. Re: Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    So I'm sure you have a few links that both back up your remark as well as providing a more complete explanation, right?

    Let's see them.

  24. Re:Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    This is a complex proprietary system, so it's already less secure than mature industry standards

    There's no causation between these two things.

    Also, this system relies on an obfuscated process to allow the user to encrypt data with a weak pin.

    iOS absolutely lets you chose a strong password, and in fact, encourages you to do so.

    on an unproven closed system, relying on security through obscurity principles

    No... on AES encryption, which is a well known, well proven, open encryption scheme.

    I would not assume an iPhone is ever more secure than any volume secured with simple software encryption and a good password.

    You mean... extremely secure. AES encrypted data on a volume is as far as we currently know, impossible to access without extracting the key from the user.

    In fact, if Apple really wanted you to secure your device they'd, let you disable all their binary garbage, install dm-crypt, and do it yourself

    Why would they do that? That would introduce far more steps into the process of making data secure, and therefore make 99% of users less secure.

  25. Re:Michael Jace was several years ago. by edtice1559 · · Score: 1

    No what is being said is that not every bug is a defect that can lead to third-parties being able to decrypt the phone. You're right that there may be more exploits out there. However, both the severity of the defects and the ease with which they can be exploited have been going asymptotically to zero so it's reasonable to believe that we may be at least getting very close to zero. I

  26. Re:Michael Jace was several years ago. by macs4all · · Score: 1

    Are you saying Apple's programmers are now able to create a computer program as complex as an operating system with no bugs and no flaws whatsoever?

    Are Apple's programmers aliens from another planet with superior intelligence? Is this why Apple's new HQ looks like a "spaceship"?

    Shhh! Don't tell anyone...

  27. Re:Michael Jace was several years ago. by macs4all · · Score: 1

    This is a complex proprietary system, so it's already less secure than mature industry standards.

    Oh, you mean like those "Mature industry standards" ssl and ssh?

  28. Re:Michael Jace was several years ago. by tom229 · · Score: 1

    Yes I do. Now this will be the last response I'll give to someone that has chosen the name "macs4all" when talking about the inherent weakness of proprietary systems.

    --
    If it ain't broke, don't fix it.
  29. Re:Michael Jace was several years ago. by macs4all · · Score: 1

    Yes I do. Now this will be the last response I'll give to someone that has chosen the name "macs4all" when talking about the inherent weakness of proprietary systems.

    Promise?

  30. Re:Michael Jace was several years ago. by Wrath0fb0b · · Score: 1

    Yes, but those only get you access to Class C and D files. You need the actual passcode to unlock the Class A and Class B files, because the encryption key for those is actually derived from the passcode itself.

    So you need to be able to make 1000 attempts on the passcode, and to do that, you need to be able to revert the counter of failed attempts.

  31. Re:Michael Jace was several years ago. by Anonymous Coward · · Score: 0

    so replacing a component to fake thumb prints or something like that isn't possible.

    I think you'll find that it is possible to use a fake thumb print to fool the sensor, I'm not sure why you'd go to the trouble of replacing the sensor when the sensor just transmits the print and doesn't authenticate it.

  32. A few points by laird · · Score: 1

    There are a dew distinct aspects to this (IMO):
    - There's a fundamental difference between "police can hack into iPhones" and "Apple puts a backdoor into iPhones so that iPhones are trivially hackable by anyone with the key", because Apple's role in the process matters. If Apple's job is to make iPhones secure, the police (and criminals) can of course still hack phones, but any vulnerabilities are treated as bugs to be fixed, and the iPhone gets more and more secure over time. If the police can force Apple to put a backdoor into the iPhone, then when the key is leaked (which always happens, when you give a key to thousands of police departments and other agencies, their contractors and vendors, etc., just as happened with DVDs) then anyone who can get the key can hack any iPhone, rendering it fundamentally insecure, and because it's required by a law, Apple cannot make the iPhone more secure, forever.
    - The iPhone will never be 100% secure, because there's no such thing as 100% secure - the goal of security measures is to increase the cost/time of a successful attack, but infinite money/time can always ultimately succeed. For example, AES 256 is quite secure, but that just means that brute forcing a key would take enough time and harder (e.g. https://www.reddit.com/r/theyd...) that it's not worth it - you'd have to be a government to have the resources to do so, and very few secrets are worth spending a building full of supercomputers to hack. Every so often new techniques or technologies emerge that can change the equation (quantum computing...) but the same is true of physical locks - if you can photograph a key you can 3D print a duplicate. So it's always been a game of "cat and mouse" between lock-makers and lock-breakers.
    - Because encryption is software, which can't be controlled globally, any laws restricting encryption only limits what can be embedded in systems from US manufacturers. But it won't have any control over anyone with internet access, since the rest of the planet can (and does) produce uncompromised security systems with no backdoors, which anyone on the planet can download and use (including good open source, free tools). So any law against secure systems won't help against real criminals, because presumably they'll either avoid digital communications (i.e. what real terrorists do now) or use true end-to-end encryption, but it'll certainly make it easier to eliminate privacy for the rest of us. Compare, for example, how the data collected by the government's massive surveillance of phone calls and emails hasn't helped against terrorists at all, but has been used for other purposes, such as to allow a government agent to spy on his wife to see if she was cheating on him.

    --
    Enable 3D printed prosthetics!