Netease Technology News on January 15, according to the BNN Bloomberg website, the FBI is putting pressure on Apple to help crack two iPhones seized from terrorists. But cyber security and digital forensics experts say the FBI can actually crack these devices without Apple’s help.
Security experts said investigators could use a series of iPhone security vulnerabilities to hack into the phone, and related cracking tools can be obtained directly or from cracking solution providers such as Cellebrite and Grayshift.
On December 6, last year, Saudi Air Force member Mohammed Saeed Alshamrani carried out a shooting attack at Naval Air Base in Pensacola, Florida, killing three people. Alshamrani owns an iPhone 5 and an iPhone 7, which were first released in 2012 and 2016, respectively. Arshamrani was shot dead, but the two phones were also locked, which forced the FBI to find a way to crack them.
Well-known former jailbreak hacker Will Strafach pointed out: “For an iPhone 5 and an iPhone 7, you can definitely enter it. I won’t say this is a child’s play, but it is not particularly difficult. Stuffach now runs a mobile security company called “Guardian Firewall.”
This view is contrary to the US government. On Monday, U.S. Attorney General William Barr slammed Apple, saying that Apple had not done enough to help the FBI crack the iPhones associated with the shootings.
These remarks put Apple under even greater pressure to provide law enforcement with special access to the iPhone. Apple declined to establish such backdoors, saying they would also be used by bad guys.
Stefach and other security experts said that, in fact, Apple doesn’t need to create a backdoor for the FBI in order to enter the two iPhones belonging to Alshamrani.
Neil Broom, a security expert working with law enforcement agencies to unlock the device, warned that software versions on the iPhone 5 and iPhone 7 could make cracking the phone more difficult. But cracking is still possible.
“If these two iPhones use a specific version of iOS, it may take only an hour. But they may be equipped with a flawless version of iOS.”
On Tuesday, US time, a spokesman for the US Department of Justice said he did not have any recent progress on law enforcement to unlock the phone. Apple’s policy reiterated comments made on Monday.
Apple says they are helping the FBI investigate terrorist attacks in Florida.
However, it takes time to discover new vulnerabilities and exploit them. Now, security companies such as Apple and Cellebrite play cat and mouse games. When Apple releases a new device or a new version of the iOS operating system, it can lock everything. Security companies and researchers then conduct research immediately, often finding ways to hack the iPhone after a few months. The loopholes they find sometimes turn into tools used by the FBI and police to access iPhone data.
Bloom pointed out that US law enforcement agencies cooperate with security companies such as Cellebrite and that these companies will “do their best” to help the government to win large contracts.
Cellebrite, a subsidiary of Japan’s Sun Corpation, stated in a statement: “Our technology is used by thousands of organizations worldwide to legally access and analyze very specific digital data. According to company policy, we Do not comment on any ongoing investigations. “In 2016, the company helped the FBI crack an iPhone held by the killer in San Bernardino, California.
The GrayKey black box currently used to crack iOS devices is provided by Atlanta-based Grayshift, whose employees include former Apple software security engineer Braden Thomas. Grayshift did not respond to a request for comment on Tuesday.
According to Stuffach and other security researchers, a new security flaw called “Checkm8” affected iPhone chips released between 2011 and 2017, including the iPhone 5 and iPhone 7.
“With the Checkm8 vulnerability, you should be able to get a clear picture of the file system unless they are protected by a long password,” Stuffach pointed out.
He said that the iPhone 7 uses Secure Enclave, a dedicated chip for storing fingerprint data and other sensitive information, but even this chip may be cracked.
Stufach added: “The question is simple, will the government pay the contractor to crack these phones. If they cannot complete the task using the Checkm8 vulnerability directly, they can pay the contractor to complete it.
The Checkm8 vulnerability could support Cellebrite’s upgraded hacking tools. This hacking tool provided by the Israeli-based company to law enforcement agencies and other customers includes a “UFED Physical Analyzer” client-side analysis software, a special “Touch2” tablet, and a “4PC” PC software. Bloom says the cost of the hacking tool is about $ 15,000. He said the hacking tool costs more than $ 4,000 a year to maintain.
The FBI may need other tools to unlock the iPhone, such as Grayshift’s GrayKey black box or Cellebrite Premium, a special internal service for law enforcement agencies. Bloom says they could cost $ 100,000 to $ 150,000.
“The FBI already has these tools nationwide, so they don’t have to pay anything to break these phones anymore, they just have to wait for vulnerabilities like Checkm8 to emerge,” Bloom said.
On Monday, U.S. time, Apple said that through Internet-based services such as iCloud, it provided all “relevant information” related to the two iPhones involved.
However, some data that the FBI may be interested in is only available on these two iPhones. For example, iMessage text is encrypted when stored in the cloud, but is usually readable on the device.
The San Bernardino shootings in 2016 ended with the FBI using Cellebrite’s technology to crack the iPhone in question. If the security experts are correct, then this time is likely to end like this.
But this does not end the deadlock between the FBI and Apple.
Yotam Gutman, director of marketing for cybersecurity company SentinelOne, points out that as the iPhone becomes more complex, companies such as Cellebrite will become more difficult to penetrate the iPhone.
Stuffach said that compared with the old iPhone, it is much more difficult to crack the latest iPhone 11.