SoylentNews is people
SoylentNews
Security researcher Sergei Skorobogatov has bypassed the iPhone 5c's firmware using NAND mirroring. The achievement comes too late for the FBI to save some money:
The FBI told Congress it couldn't hack the San Bernardino shooter's phone without Apple's aid, but a researcher has proved that claim was inaccurate. "The process does not require any expensive and sophisticated equipment," wrote University of Cambridge researcher Sergei Skorobogatov. "All needed parts are low cost and were obtained from local electronics distributors."
Security firm Trail of Bits argued earlier this year that it would be possible to replace the iPhone firmware with a chip that doesn't block multiple password attempts. You could then try every single one until you're in, a process that would take less than a day with a four-digit code, and a few weeks with a six-digit one.
[...] "Despite government comments about feasibility of the NAND mirroring for iPhone 5c it was now proved to be fully working," the paper says. That again lends credence to FBI critics who said that the FBI was only pushing for Apple's assistance to create a precedent in court. A magistrate judge ruled against Apple, so law enforcement could use that decision to make other companies cooperate in encryption cases.
Update: The Associated Press, Vice Media and Gannett, the parent company of USA Today, have sued the FBI for information about how the agency accessed the locked iPhone 5c.
(Score: 1, Interesting) by Anonymous Coward on Saturday September 17 2016, @05:52PM
The OWLR contains a modern Intel processor, which means it requires running unauditable binary software blobs supplied by Intel to even boot, and it contains a dedicated coprocessor with full control over the system, running unauditable code that can only be supplied by Intel.
(Score: 2) by JNCF on Saturday September 17 2016, @08:05PM
Yeah, that's a totally valid concern. I think their "three dimensional active shield" [youtube.com] is interesting, and might be very difficult to work around if the signals were timed correctly, which is why I was interested in the other (?) AC's take on how long it would take to gain physical access without triggering the key erasing mechanism. Even if this implementation has flaws, it's a promising design for a computer. I knew systems like this existed, but I didn't know they could be manufactured that cheap. I don't remember the linked video mentioning it, but that shell is made from a plastic that is highly prone to shattering when cut or drilled. I'm sure that a state actor could gain physical access if they really cared, but I don't know how long it would take them.