Computer Scientist Cracks Security of Phone Model Used in San Bernardino Shooting
A computer scientist appears to have broken Apple’s iPhone security by simply opening the phone and replacing the main memory chip with a cloned version. As long as the researcher kept switching the chips, it allowed an unlimited number of password attempts. The researcher said that the technique, which is known and referred to as Nand mirroring, cracked a 4-digit code in 40 hours and a 6-digit code in “hundreds of hours.”
Dr. Sergei Skorobogatov, a University of Cambridge computer scientist, used the technique to bypass the security of an iPhone 5C using £75 (about U.S. $97.21) worth of cloned memory chips and other electronic components, according to a Sept. 19 BBC News report.
The topic of cracking the security of an iPhone 5C resulted in legal wrangling between the U.S. government and Apple, and spurred debates about privacy after two shooters killed 14 people in San Bernardino, Calif., late last year. The FBI wanted Apple’s help unlocking the iPhone 5C of one of the shooters in hopes of identifying collaborators in the attack, but the technology company resisted, stating that it would set a precedent that could eventually compromise the security of all iPhone users. Ultimately, the FBI was able to access the device without Apple’s assistance.
Critically, the FBI at the time said that Nand mirroring wouldn’t work, the BBC News story said.
When a PIN is input incorrectly a certain amount of times, the phone locks. However, Skorobogatov would use another cloned chip and try again. The 100 bucks spent to hack the phone is a far cry from the $1 million the agency is said to have paid a security firm to extract data from the gunman’s phone, according to the BBC.
The researcher has been quoted saying that the method he used on the iPhone 5C might not be possible on newer iPhone models.
What the FBI had sought, though, was a fast and cost-efficient way to break Apple’s security. “Hundreds of hours” for a 6-digit PIN may not have qualified.