Skip to content
  • About Me
  • Books
  • Photography
  • Papers
  • Security
  • Forensics
  • Essays
  • Christianity

Calendar

March 2023
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Feb    

Archives

  • February 2023
  • December 2022
  • November 2022
  • July 2022
  • March 2022
  • January 2022
  • December 2021
  • November 2021
  • September 2021
  • July 2021
  • December 2020
  • November 2020
  • March 2020
  • September 2019
  • August 2019
  • November 2018
  • August 2018
  • March 2018
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • June 2015
  • March 2015
  • February 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • January 2014
  • October 2013
  • September 2013
  • June 2013
  • May 2013
  • April 2013
  • December 2012
  • May 2012
  • September 2011
  • June 2011
  • August 2010
  • July 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • July 2009
  • May 2008
  • March 2008
  • January 2008
  • June 2007
  • August 2006
  • February 2006

Categories

  • Apple
  • Christianity
  • Essays
  • Forensics
  • General
  • Machine Learning
  • Music
  • Opinion
  • Photography
  • Politics
  • Security











ZdziarskiDFIR, security, reverse engineering, photography, theology, funky bass guitar. All opinions are my own.
  • About Me
  • Books
  • Photography
  • Papers
  • Security
  • Forensics
  • Essays
  • Christianity
Apple . Forensics . Politics . Security

FBI Breaks Into San Bernardino iPhone

On March 28, 2016 by Jonathan Zdziarski

As expected, the FBI has succeeded in finding a method to recover the data on the San Bernardino iPhone, and now the government can see all of the cat pictures Farook was keeping on it. We don’t know what method was used, as it’s been classified. Given the time frame and the details of the case, it’s possible it could have been the hardware method (NAND mirroring) or a software method (exploitation). Many have speculated on both sides, but your guess is as good as mine. What I can tell you are the implications.

If a hardware method was used, only A6 devices would be affected; this would mean the iPhone 5c and older devices could likely be accessed using such a hardware method. Newer devices with a Secure Enclave would require a much more advanced technique than we presently have the capabilities to execute.

If a software method was used, it is possible that the technique could work on newer devices with a Secure Enclave. Many security researchers and cryptographers were surprised to find that the SEP isn’t quite as much the enforcer as we thought it was, and I’m willing to concede at this point that, given code execution, brute forcing the PIN may be possible on these devices given the current state of their firmware.

What is certain, however, is that the only reason this was possible is because Farook chose to use a weak form of security on his iOS device – namely, a numeric pin. Numeric pins, whether four digit or six digit, have an extremely limited key space, which means that your data is ultimately only protected by the processor’s security. Code execution vulnerabilities are patched by the dozens every major firmware update, and so it’s no surprise that relying on processor security isn’t a good strategy.

To protect your device against both a hardware and software attack, use an alphanumeric passcode. Apple claims, in their iOS Security guide, that a six digit alphanumeric passcode would take up to 5 1/2 years to brute force. A 16 digit alphanumeric passcode is believed to take over 100 years to brute force. No matter how exploited the operating system is, brute forcing must take place on the hardware, and the rules of math cannot be broken.

Of course, your choice of passcode is only one small component of your overall security strategy. You could have a 20 digit passcode, yet be completely exposed by typing it in front of a security camera. The security of your pair records (on your desktop machine) are equally important to protect with strong encryption. Ensuring that you’re not copying data off to external services (such as iCloud backups) prevent information leakage. Using additional layers of security, such as those in third party applications, can help to strengthen data security. Security is a lot easier when you’ve been shot dead, your iPhone has been shut off, and you no longer care about security. It’s much harder for the living (and in particular, the innocent) who still care about their day to day security.

UPDATE: On March 28, 2016, the FBI cut a purchase order to Cellebrite for $218.004.85, citing “Information Technology Supplies; this sounds like the DOD equivalent of a $50,000 toilet seat. Here is the link to the purchase order.

Screen Shot 2016-03-29 at 11.41.13 AM

Archives

  • February 2023
  • December 2022
  • November 2022
  • July 2022
  • March 2022
  • January 2022
  • December 2021
  • November 2021
  • September 2021
  • July 2021
  • December 2020
  • November 2020
  • March 2020
  • September 2019
  • August 2019
  • November 2018
  • August 2018
  • March 2018
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • June 2015
  • March 2015
  • February 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • January 2014
  • October 2013
  • September 2013
  • June 2013
  • May 2013
  • April 2013
  • December 2012
  • May 2012
  • September 2011
  • June 2011
  • August 2010
  • July 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • July 2009
  • May 2008
  • March 2008
  • January 2008
  • June 2007
  • August 2006
  • February 2006

Calendar

March 2023
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Feb    

Categories

  • Apple
  • Christianity
  • Essays
  • Forensics
  • General
  • Machine Learning
  • Music
  • Opinion
  • Photography
  • Politics
  • Security

All Content Copyright (c) 2000-2022 by Jonathan Zdziarski, All Rights Reserved