Thursday, March 31, 2016

Who Could Have Hacked the Locked iPhone for FBI and How?

The FBI has now retrieved the data from the locked iPhone 5C used by San Bernardino shooter Syed Rizwan Farook after getting help from an unnamed "third party"(hint: it wasn't Apple).

The FBI hasn't officially confirmed who this third party is, but it's become plainly evident that the Bureau has enlisted the help of an Israeli software forensics company called Cellebrite. According to Cellebrite's website, the company provides forensics solutions which can "give access to and unlock the intelligence of mobile data sources to extend investigative capabilities, accelerate investigations, unify investigative teams and produce solid evidence." The company further boasts that it employs high-tech methods capable of extracting data from all types of feature phones and smartphones. It is said that the FBI may have signed a $15,278 contract with Cellebrite to open Syed Farook's Apple iPhone 5c.

But how did they do it?
Digital forensics expert Bradley Schatz — an Adjunct Associate Professor at the Queensland University of Technology who also runs a consulting firm — says speculation has been rife in tech circles, with two possible theories proving to be the most popular.
1. They finds a new bug in iOS 9.x
Dr Schatz says the FBI could have taken the exploitation route — as in they loaded some foreign software onto the phone to let them in. From Cellebrite, it's unlocking capability supports the following devices: iPhone 4S / 5 / 5C, iPad 2 / 3G / 4G,iPad mini 1G, and iPod touch 5G running iOS 8.x. However, the shooter's iPhone 5c is said to run on iOS 9.x. So it is a big challenge for Cellebrite to discover the new bugs in iOS 9.x.
2. They copied the chip
For iPhone running iOS 9.x, users can opt to erase their data after the wrong passcode is entered more than 10 timesThis was a big concern for the FBI, as they couldn't have been sure they would be able to try more than nine passcodes without wiping the iPhone's data. But Dr Schatz says authorities could have copied the phone's flash storage chip so they could make as many attempts as they wanted to. 
An easier way to get off data from your  locked iOS device
Like Cellebrite, Gihosoft Technology Limited is a company devoting to mobile phone data recovery and transfer technology. It offers Free iPhoneRecovery which help users to recover and extract data from locked iOS devices. With this tool, it could be much easier for you to retrieve your precious iPhone data such as text messages, photos, contacts and more data even though you forgot your passcode. It supports all iPhone, iPad and iPod touch models, including those running iOS 9.x.
Step 1: Run iPhoneRecovery on PC or Mac which trusted your locked iPhone before.
Step 2: Connect your device to computer; Scan data from iPhone or iTunes backup.
Step 3: Preview the files and click "Recover" to export data to computer.
Note: To take users’ privacy into consideration, please use this tool on your OWN locked device in case you forgot the passcode.

No comments:

Post a Comment