Skip to content

TechRepublic

  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • TechRepublic Premium
  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • See All Topics
  • Sponsored
  • Newsletters
  • Forums
  • Resource Library
TechRepublic Premium
Join / Sign In
Apple

How did the FBI hack an Apple iPhone? The story so far

By Fox Van Allen April 11, 2016, 5:57 PM PDT

Image
1
of 21

fbi-apple-san-bernadino-shooter.jpg
fbi-apple-san-bernadino-shooter.jpg
How did the FBI hack an Apple iPhone? The story so far

It begins with a tragedy...

Image: Composite by Fox Van Allen

It begins with a tragedy...

The FBI’s battle with Apple over phone encryption is a high-stakes one. Here’s how we got where we are.

It begins with a tragedy: On December 2, 2015 at 10:59 a.m., married extremists Syed Rizwan Farook (inset) and Tashfeen Malik opened fire on the Inland Regional Center in San Bernardino, California.

The act, quickly classified as a terrorist attack, claimed the lives of 14 people and seriously injured 22 others.

Image: Composite by Fox Van Allen
fbi-apple-underwater-search.jpg
fbi-apple-underwater-search.jpg
How did the FBI hack an Apple iPhone? The story so far

The search for clues begins

Image: Ringo Chiu/ZUMA Press/Corbis

The search for clues begins

In the aftermath, the FBI mounted a massive effort to uncover evidence that the killers may have disposed of. This included a diver search of Seccombe Lake (shown) and the killers’ home.

Image: Ringo Chiu/ZUMA Press/Corbis
fbi-apple-iphone-5c.jpg
fbi-apple-iphone-5c.jpg
How did the FBI hack an Apple iPhone? The story so far

One man's trash...

EPA/Justin Lane

One man's trash...

FBI investigators discovered two crushed phones in Farook’s trash. A third device, an Apple iPhone 5C belonging to Farook’s employer, was also found.

EPA/Justin Lane
fbi-apple-locked-phone.jpg
fbi-apple-locked-phone.jpg
How did the FBI hack an Apple iPhone? The story so far

All its secrets are just four numbers away

Image: Erik S. Lesser/epa/Corbis

All its secrets are just four numbers away

The iPhone 5C, owned by Farook’s employer, was PIN protected.

Though the FBI had permission from said employer to search the phone, attempting to guess at Farook’s chosen PIN could fully erase its contents after 10 attempts.

Image: Erik S. Lesser/epa/Corbis
fbi-apple-fbi-presser.jpg
fbi-apple-fbi-presser.jpg
How did the FBI hack an Apple iPhone? The story so far

"The digital footprint is incredibly important"

Image: Zhang Chaoqun/Xinhua Press/Corbis

"The digital footprint is incredibly important"

Those phones became key pieces of evidence in the FBI investigation.

“As to those devices, obviously we’ve said from day one, the digital footprint is incredibly important for us to hopefully learn any contacts, any context, and ultimately any intent on their part,” said Assistant Director in Charge of the Los Angeles Field Office David Bowdich (shown). “I think that’s very, very important.”

Image: Zhang Chaoqun/Xinhua Press/Corbis
fbi-apple-judge.jpg
fbi-apple-judge.jpg
How did the FBI hack an Apple iPhone? The story so far

The FBI wins Round 1

Image: 237/Chris Ryan/Ocean/Corbis

The FBI wins Round 1

The FBI filed suit in the Central District of California federal court to compel Apple to allow access to the iPhone in question.

On Feb. 16, 2016, Judge Sheri Pym sided with the government, ordering Apple to break its own encryption on the phone.

Image: 237/Chris Ryan/Ocean/Corbis
fbi-apple-protest.jpg
fbi-apple-protest.jpg
How did the FBI hack an Apple iPhone? The story so far

The protests begin

Image: Michael Reynolds/epa/Corbis

The protests begin

The court’s demand, issued under the authority of a 227-year-old law called the All Writs Act, proved incredibly controversial.

Pro-privacy protesters quickly began surfacing outside FBI headquarters, as this man did on Feb. 23, 2016.

SEE: Apple vs. FBI: TechRepublic members speak out, side with Apple

Image: Michael Reynolds/epa/Corbis
fbi-apple-tim-cook.jpg
fbi-apple-tim-cook.jpg
How did the FBI hack an Apple iPhone? The story so far

Apple fires back

SHAWN THEW, © SHAWN THEW/epa/Corbis

Apple fires back

Apple said complying with the court’s request was impossible without breaking the security on all phones.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” the company responded on its website.

SHAWN THEW, © SHAWN THEW/epa/Corbis
fbi-apple-hearing.jpg
fbi-apple-hearing.jpg
How did the FBI hack an Apple iPhone? The story so far

And then... it got even messier

Image: EPA/Shawn Thew

And then... it got even messier

A federal magistrate judge in New York made matters far more complex when he ruled, in an entirely different drug-related case, that it would be unconstitutional to force Apple to break its phone encryption via the 1789 All Writs Act.

It was “clear that the government has made the considered decision that it is better off securing such crypto-legislative authority from the courts (in proceedings that had always been, at the time it filed the instant Application, shielded from public scrutiny) rather than taking the chance that open legislative debate might produce a result less to its liking,” Judge James Orenstein wrote in his Feb. 29, 2016 ruling.

Image: EPA/Shawn Thew
fbi-apple-tim-cook-another-one.jpg
fbi-apple-tim-cook-another-one.jpg
How did the FBI hack an Apple iPhone? The story so far

It's about privacy, too

Image: Christoph Dernbach/dpa/Corbis

It's about privacy, too

Apple said it would fight the FBI all the way to the Supreme Court to protect its encryption.

“People like to frame this argument as privacy versus national security. That is overly simplistic and it is not true,” Apple’s Tim Cook said in a February 2016 interview with ABC’s World News Tonight. “This is also about public safety. The smartphone that you carry has more information about you on it than any other singular device or any other singular place.”

Image: Christoph Dernbach/dpa/Corbis
fbi-apple-phone-forensics.jpg
fbi-apple-phone-forensics.jpg
How did the FBI hack an Apple iPhone? The story so far

Mobile forensics to the rescue?

Image: Jebb Harris/ZUMA Press/Corbis

Mobile forensics to the rescue?

Unable to expeditiously force Apple’s hand through the courts, the FBI dropped its case and looked for a solution elsewhere.

In March 2016, Israeli newspaper Yedioth Ahronoth reported that the FBI was using a mobile forensics company named Cellebrite to help it break into the iPhone.

Image: Jebb Harris/ZUMA Press/Corbis
fbi-apple-iphone-5c-teardown.jpg
fbi-apple-iphone-5c-teardown.jpg
How did the FBI hack an Apple iPhone? The story so far

Did they use NAND mirroring?

Image: Bill Detwiler/TechRepublic

Did they use NAND mirroring?

It was speculated that Cellebrite would use a NAND mirroring technique to access the phone’s data. This involves desoldering the NAND storage chip and using a chip reader to make a full copy of its contents.

With its contents copied, the phone can be restored even after a lock screen wipe.

Image: Bill Detwiler/TechRepublic
fbi-apple-ip-box.jpg
fbi-apple-ip-box.jpg
How did the FBI hack an Apple iPhone? The story so far

Automating the attack

Image: Ubaldo GSM

Automating the attack

The phone would then, according to Apple iOS security researcher Jonathan Zdziarski, likely be connected to a device similar to the IP-Box forensics device shown. Available in the US only to law enforcement, the device connects directly to phones to automate the process of guessing PINs until the correct one is found.

However…

Image: Ubaldo GSM
fbi-apple-hacker.jpg
fbi-apple-hacker.jpg
How did the FBI hack an Apple iPhone? The story so far

Bring in the grey hats

Image: 68/Ocean/Corbis

Bring in the grey hats

On April 12, 2016, The Washington Post‘s Ellen Nakashima reported that Cellebrite wasn’t hacking the iPhone after all. Instead, her sources say the FBI paid a one-time fee to “grey hats” — for-profit hackers who find and sell access to otherwise unknown zero-day security vulnerabilities.

Image: 68/Ocean/Corbis
fbi-apple-james-comey.jpg
fbi-apple-james-comey.jpg
How did the FBI hack an Apple iPhone? The story so far

A limited solution

Image: Shawn Thew/epa/Corbis

A limited solution

The purchased tool only works, in the words of FBI Director James Comey (shown), on a “narrow slice of phones” — only iPhone 5C devices running iOS 9. The tool cannot be used to hack phones with more complex encryption or Touch ID.

Image: Shawn Thew/epa/Corbis
fbi-apple-james-comey-panel.jpg
fbi-apple-james-comey-panel.jpg
How did the FBI hack an Apple iPhone? The story so far

Keeping a secret from Apple

Image: Jim Lo Scalzo/epa/Corbis

Keeping a secret from Apple

The FBI has declined to tell Apple exactly how it accomplished the task… for now.

“We tell Apple, then they’re going to fix it, then we’re back where we started from,” explains Comey. “We may end up there, we just haven’t decided.”

SEE: Apple demands to know how FBI cracked San Bernardino iPhone

Image: Jim Lo Scalzo/epa/Corbis
fbi-apple-richard-burr.jpg
fbi-apple-richard-burr.jpg
How did the FBI hack an Apple iPhone? The story so far

Details on a need-to-know basis

Image: Ron Sachs/CNP/AdMedia/AdMedia/Corbis

Details on a need-to-know basis

It’s not a secret to everybody, though. The FBI did give a briefing on its methods to Sens. Richard Burr (R-NC) and Dianne Feinstein (D-CA), ranking members of the Senate Intelligence Committee.

Image: Ron Sachs/CNP/AdMedia/AdMedia/Corbis
fbi-apple-dianne-feinstein.jpg
fbi-apple-dianne-feinstein.jpg
How did the FBI hack an Apple iPhone? The story so far

Congress doesn't understand encryption

Image: Jim Lo Scalzo/epa/Corbis

Congress doesn't understand encryption

In response to the controversy, The Hill reported that Sens. Burr and Feinstein (shown) have drafted a new bill requiring companies to provide the government with decryption services when served with a court order.

It would, essentially, mandate dangerous security backdoors.

Image: Jim Lo Scalzo/epa/Corbis
fbi-apple-protester-thank-you-apple.jpg
fbi-apple-protester-thank-you-apple.jpg
How did the FBI hack an Apple iPhone? The story so far

"Ludicrous, dangerous, technically illiterate"

Image: Eugene Garcia/epa/Corbis

"Ludicrous, dangerous, technically illiterate"

The leaked Burr-Feinstein bill was absolutely excoriated by tech critics.

“I gotta say, in my nearly 20 years of work in tech policy this is easily the most ludicrous, dangerous, technically illiterate proposal I’ve ever seen,” Kevin Bankston, director of the New America Foundation’s Open Technology Institute, told WIRED.

Image: Eugene Garcia/epa/Corbis
fbi-apple-ron-wyden.jpg
fbi-apple-ron-wyden.jpg
How did the FBI hack an Apple iPhone? The story so far

A pro-security filibuster

Image: Jay Mallin/ZUMA Press/Corbis

A pro-security filibuster

Senator Ron Wyden (D-OR) blasted the proposed bill and said he would filibuster it if necessary. “I believe that weakening strong encryption puts at risk millions of Americans, families, and communities from one end of the country to another,” he said.

Image: Jay Mallin/ZUMA Press/Corbis
fbi-apple-jackie-speier.jpg
fbi-apple-jackie-speier.jpg
How did the FBI hack an Apple iPhone? The story so far

Or should we target burners, instead?

Image: Ehsan Ahmad/Demotix/Corbis

Or should we target burners, instead?

Rep. Jackie Speier (D-CA), meanwhile, put forth an alternative bill that instead targets access to anonymous burner phones. Under her plan, you would need to provide basic ID information to purchase a phone.

Terrorists used burner phones to plot the 9/11 attacks, the November 2015 Paris attack, and the March 2016 bombing of Brussels.

SEE: How would Android fare under the FBI’s scrutiny?

Image: Ehsan Ahmad/Demotix/Corbis
  • Apple
  • Security
  • Account Information

    Share with Your Friends

    How did the FBI hack an Apple iPhone? The story so far

    Your email has been sent

Share: How did the FBI hack an Apple iPhone? The story so far
Image of Fox Van Allen
By Fox Van Allen
Fox Van Allen is a Los Angeles-based writer for CBS Interactive covering technology, tech lifestyle and gaming topics for GameSpot, CNET, ZDNet and TechRepublic. He has previously worked as a news and feature writer for a number of other sites, inclu
  • Account Information

    Contact Fox Van Allen

    Your message has been sent

  • |
  • See all of Fox Van's content

TechRepublic Premium

  • TechRepublic Premium

    Vendor contract renewal planner

    Determining how and when to renew support contracts can be tedious and time-consuming. Our vendor contract renewal planner will help you schedule support renewals and budget the related costs. From the planner: Some companies schedule their support contract renewals to take effect all at once, such as on January 1. This provides a convenient renewal ...

    Published:  February 1, 2023, 11:00 AM EST Modified:  February 2, 2023, 12:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    IT staff systems and data access policy

    IT pros typically have access to company servers, network devices and data so they can perform their jobs. However, that access entails risk, including exposure of confidential information and interruption in essential business services. This policy from TechRepublic Premium offers guidelines for governing access to critical systems and confidential data. From the policy: SUMMARY IT ...

    Published:  January 31, 2023, 11:00 AM EST Modified:  February 1, 2023, 12:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    Windows administrator’s PowerShell script kit

    The Windows GUI is the traditional way to perform administrative tasks, but scripting offers faster and more versatile methods that can help further your technical skills. This download includes 21 publicly available PowerShell scripts, along with a document explaining each one, to help you up your scripting game and administer your AD environment more efficiently. ...

    Published:  January 31, 2023, 11:00 AM EST Modified:  February 1, 2023, 12:00 PM EST Read More See more TechRepublic Premium
  • TechRepublic Premium

    Scheduled downtime policy

    Maintenance tasks, equipment upgrades and installations must be completed regularly — potentially creating disruptions and preventing employees from doing their work. This policy is designed to help your organization determine procedures for scheduling and communicating server, system and network downtime with the goal of minimizing the impact and inconvenience for your staff, clients and contractors. ...

    Published:  January 30, 2023, 11:00 AM EST Modified:  January 31, 2023, 6:00 PM EST Read More See more TechRepublic Premium

Services

  • About Us
  • Newsletters
  • RSS Feeds
  • Site Map
  • Site Help & Feedback
  • FAQ
  • Advertise
  • Do Not Sell My Information

Explore

  • Downloads
  • TechRepublic Forums
  • Meet the Team
  • TechRepublic Academy
  • TechRepublic Premium
  • Resource Library
  • Photos
  • Videos
  • TechRepublic
  • TechRepublic on Twitter
  • TechRepublic on Facebook
  • TechRepublic on LinkedIn
  • TechRepublic on Flipboard
© 2023 TechnologyAdvice. All rights reserved.
  • Privacy Policy
  • Terms of Use
  • Property of TechnologyAdvice