SoylentNews

takyon [soylentnews.org] writes:

Security researcher Sergei Skorobogatov has bypassed the iPhone 5c's firmware [engadget.com] using NAND mirroring. The achievement comes too late [bloomberg.com] for the FBI to save some money:

The FBI told Congress [engadget.com] it couldn't hack the San Bernardino shooter's phone without Apple's aid, but a researcher has proved [arxiv.org] that claim was inaccurate. "The process does not require any expensive and sophisticated equipment," wrote University of Cambridge researcher Sergei Skorobogatov. "All needed parts are low cost and were obtained from local electronics distributors."

Security firm Trail of Bits [engadget.com] argued earlier this year that it would be possible to replace the iPhone firmware with a chip that doesn't block multiple password attempts. You could then try every single one until you're in, a process that would take less than a day with a four-digit code, and a few weeks with a six-digit one.

[...] "Despite government comments about feasibility of the NAND mirroring for iPhone 5c it was now proved to be fully working," the paper says. That again lends credence to FBI critics who said that the FBI was only pushing for Apple's assistance to create a precedent in court. A magistrate judge ruled [engadget.com] against Apple, so law enforcement could use that decision to make other companies cooperate in encryption cases.

Original Submission