In the wake of news that the FBI was able to access the data on San Bernardino shooter Syed Farook’s iPhone 5c, the government indicates it might not show Apple how the crack was performed.
ArsTechnica asked a government law enforcement official if the FBI would reveal the method used, and was met with an almost amusing, rather Apple-like reply:
“We cannot comment on the possibility of future disclosures to Apple,” the law enforcement official said in response to a question from Ars.
Apple has said it would demand information about the method used for a crack such as the one apparently performed on Farook’s iPhone.
The White House has long maintained the government would consider the pros and cons of each case before disclosing device and operating system vulnerabilities discovered by its law enforcement agencies.
A CNN report says the method used was specific to the iPhone 5c model in question, which does not include the secure enclave of later iPhone. This indicates the bureau may have used a NAND mirroring technique previously described by Edward Snowden.
All the FBI needs to do to avoid any irreversible auto erase is simple to copy that flash memory (which includes the Effaceable Storage) before it tries 10 passcode attempts. It can then re-try indefinitely, because it can restore the NAND flash memory from its backup copy […]
The FBI can simply remove this chip from the circuit board (“desolder” it), connect it to a device capable of reading and writing NAND flash, and copy all of its data. It can then replace the chip, and start testing passcodes. If it turns out that the auto-erase feature is on, and the Effaceable Storage gets erased, they can remove the chip, copy the original information back in, and replace it. If they plan to do this many times, they can attach a “test socket” to the circuit board that makes it easy and fast to do this kind of chip swapping.
Israel mobile forensics company Cellebrite reportedly assisted the FBI in accessing the information on Farook’s iPhone.