Slashdot Mirror

← Back to Stories (view on slashdot.org)

LAPD Hacked An iPhone 5s Before The FBI Hacked San Bernardino Terrorist's iPhone 5c (latimes.com)

Posted by BeauHD on from the bypassed-security dept.

According to recently released court papers, Los Angeles police investigators found a way to break into a locked iPhone 5s belonging to April Jace, the slain wife of "The Shield" actor Michael Jace. The detectives were able to bypass the security at around the same time period the FBI was demanding Apple unlock the iPhone 5c belonging to San Bernardino terrorist Syed Rizwan Farook. LAPD detective Connie Zych wrote on March 18, the department found a "forensic cellphone expert" who could "override the locked iPhone function," according to the search warrant. There's no mention of how the LAPD broke into the iPhone or what OS the iPhone was running (Note: iOS 8, which features improved encryption and security features, came out months after the killing). The information stored on the iPhone should help in the criminal case against Jace's husband, who is charged with the May 19, 2014, killing.

6 of 47 comments (clear)

  1. Michael Jace was several years ago. by AbRASiON · · Score: 4, Insightful

    https://en.wikipedia.org/wiki/...

    I just looked it up because of this article, that was nearly a full 2 years ago. I imagine several significant holes in iOS have likely been patched by now.
    Apple are seemingly getting close to having an airtight phone, assuming you have it locked of course with a reasonable pass / pin. This seems like a good thing for the consumer.

  2. How stupid are the editors? by peragrin · · Score: 4, Insightful

    IOS 8 was released Sept of 2014. Or four months after the killing.

    The phone would have been running iOS 7at best.

    Let's have a big headline and dupe idiots into thinking it was hard.

    --
    i thought once I was found, but it was only a dream.
  3. Laos budget by Anonymous Coward · · Score: 2, Informative

    Lapd has enormous budget, saw a documentary which said they had people stationed internationally. Mission creep on overdrive.

  4. Re:Michael Jace was several years ago. by Wrath0fb0b · · Score: 2, Informative

    Yes, iOS 7 was vulnerable to a very simple hardware hack:

    (1) Hook up your own battery emulator to replace the battery
    (2) Try a passcode, if it fails, cut power before the phone has a chance to write down the failure attempt
    (3) Profit (seriously, these hack-boxes were like $50k each while they worked)

    The solution on the phone side is reordering the events -- first execute failedAttempts++ and make sure it's synced to persistent storage, then evaluate the passcode and, if it's good, write failedAttempts=0 and unlock the phone. Not too complicated but counterintuitive to declare each attempt a failure beforehand and the undo your work later.

    Oh, and syncing it one of those simple things that are notoriously difficult to nail down in practice. fsync is perennially misunderstood as ensuring data is written to persistent storage, it actually only means it's moved out to the device (cf F_FULLFSYNC). Linux spent a while on write barriers, but then settled on different IO ordering semantics.

  5. Re:Michael Jace was several years ago. by tlhIngan · · Score: 2

    Yes, iOS 7 was vulnerable to a very simple hardware hack:

    No, there are easier hacks in iOS7 - there have been many lock screen hacks that let you in without consuming attempts on your passcode.

    Just google for iOS7 lock screen bypasses and there's an ugly list of 3-4 different bugs. I believe even iOS 8 has similar lockscreen bypasses. Heck, even iOS9 had one using Siri until Apple fixed it server-side.

  6. Crime by easyTree · · Score: 2

    Illegal unless you're one of the good guys.

    --
    Requiem for the American Dream