Skip to main content

Government says it may not reveal to Apple the method used to access the San Bernardino iPhone

iphone5c

While the FBI has successfully accessed the data on the iPhone 5c in the San Bernardino shootings, and the court battle is over for now, the government says that it may not accede to Apple’s demand to be told the method used.

The White House said back in 2014 that the government would consider the pros and cons of disclosing vulnerabilities discovered by its various law enforcement agencies. ArsTechnica asked whether the FBI would reveal the method used in this case, and was told that it wasn’t saying one way or the other …

“We cannot comment on the possibility of future disclosures to Apple,” the law enforcement official said in response to a question from Ars.

However, given a CNN report that the method used was specific to the iPhone 5c, which lacks the Secure Enclave of later iPhones, it seems likely that the NAND mirroring technique described by Edward Snowden was used.

With this approach, the effaceable storage is copied, ten attempts made to access the device and then the original data written back to the NAND memory to reset the counter. Israel mobile forensics company Cellebrite was said to be the company carrying out the work for the FBI.

Photo: iFixit iPhone 5c teardown

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. iSRS - 8 years ago

    Wonder what, if anything, the freedom of information act could do in this case.

    Obviously the FBI doesn’t want to help Apple make the phones even more secure.

    • iSRS - 8 years ago

      Oh, and just thought of something. It would be better if they did not release to Apple. Then once it gets out (and we know it will), the “well the hack we wanted Apple to create would never get out” argument would be proven wrong.

    • uniszuurmond - 8 years ago

      To me, it sounds a lot more like the FBI being a cry baby.

      FBI: “Open the phone for us.”
      Apple: “No we won’t.”
      FBI: “We’re going to court.”
      Most of the word: “Apple is right.”
      FBI: “We found a way in. We’re not going to court.”
      Apple: “Show us how you got in.”
      FBI: “No we won’t.”
      Apple: “Show us what you found.”
      FBI: “No we won’t.”

      Cry baby, I say.

      • Rich Davis (@RichDavis9) - 8 years ago

        Apple probably already knows the method, and Apple has discontinued the 5C and they have a newer security system. But the point of being Cry Babies? Yeah, I’ll agree with that.

      • Raheel Sadiq - 8 years ago

        I think the Apple itself unlocked the iPhone to FBI and showed the people that FBI hacked. And now the Apple’s latest update will bring the unbreakable securty. Like a charm ;)

      • shareef777 - 8 years ago

        I see it the other way around. The FBI kept asking Apple for help to open the iPhone and Apple (rightfully so) refused. Now that the FBI figured out a solution, it’s Apple that’s hypocritical in asking for help on figuring out how they did it. If Apple doesn’t want to talk to the FBI about hacking into an iPhone then they have no right in asking how they did it. Doesn’t matter what the reasons are. The whole debate was about security vs privacy, why would Apple think that the FBI is NOW going to to choose privacy by divulging their method.

      • uniszuurmond - 8 years ago

        @shareef777 Do you really think so? Do you think the FBI actually cracked it? Why did they drop the court case, if in future it could help them (i.e. why did they stop fighting the principle)? I think they’re trying to walk away without egg on their face, none the wiser they ever were, as the rest of the world is enjoying eggs benedict.

      • srgmac - 8 years ago

        Shareef777, Please do not distort the facts here. Apple never refused to help the FBI. They sent engineers out to assist the FBI right away! The fact that the FBI first attempted to get the data without even telling Apple about it was the problem here. They changed the iCloud password without letting Apple know, remember? If the password wasn’t changed, it’s highly likely they would have got the data they wanted from iCloud; not to mention Apple immediately gave the FBI access to the previous iCloud backups. I can’t stand when I read comments that say things like “Apple refused to help” — total NONSENSE!
        Apple has a GREAT relationship with the FBI, they have helped them out countless times before and this time was no different on their end. What was different on the FBI’s end was asking Apple a very unreasonable and not to mention dangerous request to alter their software.

      • varera (@real_varera) - 8 years ago

        Raheel, you are dead wrong. It is a fact, Israeli company hacked the phone.

    • srgmac - 8 years ago

      The FBI and DOJ want independent hackers to publicly release exploits when they are found, right?
      I recall there is some legislation about this…though the details are murky. I think it’s to prevent people from coming up with exploits and then selling them to criminal cartels and brutal despotic regimes.
      If exploits are publicly disclosed we are all safer in the long run, just like encryption.
      Once again it’s do as I say not as I do from the government.

  2. 89p13 - 8 years ago

    Hopefully – no matter how (or, IF) they did it, it spurs Apple to improve the security of future iOS devices. Building the encryption in the silicon and increasing the security of the “Secure Enclave” would prevent this whole fiasco from ever happening in the future. NAND storage becoming part of the secure enclave would certainly be a great start.

    Apple – I’m proud you took the stand that you did and stood firm!

    • 89p13 - 8 years ago

      And one other thought – IF you are really concerned about securing your iOS device – Use a long and diverse pass code. Choose to not use the 4 digit pass code and use a 12 to 20 character (letters, numbers, symbols) as your pass code and even in the unlikely event that someone tries to brute force your phone – it will take them decades to use the method described in the article.

      I would love to see a 2 stage pass code for a rebooted iPhone or an iPhone being placed into the DFU mode.

      Who You Calling Paranoid? ;)

    • srgmac - 8 years ago

      Agreed. They should (IMHO) permanently store the timeout values in the Secure Enclave and make it so they can not be altered at a later date and time.
      I believe the Secure Enclave already has methodology to prevent someone from altering the counter through nefarious means (ie. re-writing the registers that store this data), which is great. In a way, I think we are very lucky that this extremist piece of poo was using a 5C; because if he had a 5S or later, or any device with a Secure Enclave, the FBI would be pushing even harder for Apple to go in the opposite direction; not that they aren’t already pushing hard, but I do think their “crusade” against Apple would be much more vehement.

  3. Josh Hutton - 8 years ago

    I think that the government is just pulling wool over our eyes. They knew that they weren’t going to win in court so to save face they concocted this story about being able to break into the phone themselves. In the end they will tell us that there was nothing useful on the phone and of course will not share how they “did it”. If they had continued to pursue legal action in court, and lost, it would have set a judicial precedent that they may not have wanted to deal with.

    • 89p13 - 8 years ago

      I agree with most of your post – I disagree with them telling what they did / did not find. It will be under the veil of “National Security” from now until the end of time. They will not admit what most of us suspect – they must save face and hope to fight another battle the next time this happens.

  4. John Smith - 8 years ago

    Obviously they should not reveal the method to Apple.

    Normally if a researcher or anyone else becomes aware of a security weakness then they should carry out ‘responsible disclosure’ – manufacturer first then public disclosure second, only when the manufacturer has had a chance to fix it.

    But this is not a ‘responsible’ manufacturer.

    This is Apple and Apple is now on the other side. In this case we have a manufacturer who would use the information to further obstruct law enforcement/assist criminals. Telling Apple would be like the FBI finding out some new way to catch bank robbers and telling people who are known to help the bank robbers – obviously that’s not the sort of people the FBI should be telling things.The FBI might tell trustworthy, responsible, banks but not people who are proven to be untrustworthy.

    Apple are now part of the problem – not part of the solution – and must be treated as such.

    • Walter Tizzano - 8 years ago

      Not really. Apple was very reasonable and responsible, and I completely approve the position they held in this situation. Whatever method they used to violate this phone (*IF* they acctually did it) is probably no longer applicable to latest devices, and if it is Apple will make sure that it’s not on the newly released iPhones, whether they say how they did it or not: the method will eventually become of public domain, no matter what the FBI wants or says,

    • Apple already knows what any smart person knows – the FBI didn’t gain access to this phone and will never gain access.

      • varera (@real_varera) - 8 years ago

        FBI did access the phone. But they have hired some help to do so. Not so expensive either.

    • Felix Santamarina - 8 years ago

      I live in the UK. A while back somebody made a fraudulent phone call to an organization I have links with. The police got my phone number from a list of callers and showed up at my door with printed details of all calls I had made from my mobile, obviously abusing their “anti-terror” powers to deal with a petty crime. I just couldn’t believe it. They quickly realized their mistake. They could avoided this simply by mentioning my name to the organization in question before obtaining copies of my phone bills, but they were too lazy or too stupid to do that.

      I’m fully siding with Benjamin Franklin’s take, and I will *happily* accept some increased risk of being blown to bits by terrorists over surrendering my privacy to government. I really find it worrying that so many people seem to think otherwise.

  5. Robert Wood - 8 years ago

    FBI, if you say so. Now, leave alone Apple to do it’s job of making great products and you can apply your hack to those 75 iphones waiting to be hacked.

  6. Steven Moore (@Stniuk) - 8 years ago

    I just plain don’t believe them.

  7. appleisgrindingmygears - 8 years ago

    Apple will figure it out without the help of the US Gov and hopefully tighten it’s security in later releases of the iOS. Governments are already in the bedroom of America and freedom is fleeting in the US.

  8. Michael Weisberg - 8 years ago

    Please tell me no one was naive enough to think they would? And it is just my opinion, but personally I think they used the NAND mirroring option for getting into the phone. That means this ‘hack’ only works with a device that doesn’t have a secure enclave. This won’t work on a device with a a7 or newer processor (5s or newer).

  9. alanaudio - 8 years ago

    I think that it’s better if the means used was not disclosed to Apple. If they were told, then presumably there would be a condition or obligation preventing Apple from patching that weakness. On the other hand, if the FBI insist that it’s a big secret and that Apple can’t be told, then if Apple works out how they did it and plugs the gap, Apple will only have done what they routinely do – keep working to ensure that security is as good as possible. Furthermore, Apple are beefing up password protection anyway and encouraging users to employ stronger passwords, which is likely to make future hacks more difficult.

    The bonus for Apple is that if this technique is declared to be ultra secret and it leaks out in any way, it will be a very clear demonstration that the FBI are unable to keep a secret and therefore could never be trusted with a ‘back door’ to IOS.

    The FBI are playing this fight like a guy who’s been dumped by his girlfriend. Despite initially being seen to do everything possible to get her back, he’s now insisting that he never wanted her and is telling anybody who’ll listen that he has a new girlfriend and with bigger boobs too.

  10. Gary Weisbrodt - 8 years ago

    As I recall the FBI hired a firm to get the information. Will apple go after this other company and the FBI? Did the FBI obtain Apple’s intellectual property and how would they use that in the future?

  11. JBDragon - 8 years ago

    I don’t have a problem with the FBI not telling Apple. They’ll want to use it on other phones as long as they can. It can cost a lot of money finding a new hole to get around the encryption. Not telling Apple in fact would force Apple to dig deeper looking for ways though the security and fix more then just the hole they were told about.

    As Apple shouldn’t have to help the FBI. The FBI shouldn’t have to help Apple.

  12. guacho8 - 8 years ago

    Oh, it only works one way for the FBI. interesting

    • ebenjaminkw - 8 years ago

      Guys the bigger picture here for me is less about privacy and more about our safety ……. People with bad intentions are using IOS strong security measures to plot and commit acts of terrorism. How is the FBI wrong for trying to uncover more information? 14 people lost their lives

      • You’re confusing freedom fighters with terrorists. The terrorists fly under the US flag dropping bombs.

  13. kevinhancox - 8 years ago

    All this will do is drive a wedge between them, it is all well and good saying you must write GovOS but what this will drive if indeed a law change proves to be coming, is that Apple, will have the Software written in a foreign country by one of the overseas businesses and it will be licensed back to the USA so they will in effect have no power over what is written, and if the law becomes specific, they will write 2 OS one for the USA and one for the rest of the world and people will just spoof the OS into being abroad for update…

    Either way, the Government are screwed, as Apple are definitely gonna up there game now in terms of what encryption and security they use to make sure it can’t be beaten…!

    The US Government overstepped the mark on this, especially when the Telecommunications legislation actually forbids them for asking a company that provides services or hardware to write software that would reduce security…!!!

  14. justcbreathe - 8 years ago

    FBI never got in that phone that is why they won’t tell. Who said Apple cares. Media is our worst enemy. They know if they went to court they would lose and set a precedent so the FBI lied to get court to cancel. Let’s wait to see if that phone gets any arrests the we can maybe say someone got in

  15. Matthew Fox - 8 years ago

    change your passcode to aA1!1234 and the government would have to rewrite the nand chip 670,478,095,451,712 times, the extra dight increases the number of Nand chips necessary from 7,057,664,162,649.5

  16. dray (@73dray) - 8 years ago

    Apple is on the wrong side of this argument. The phone belonged to an employer, so whatever use and data that existed on the phone belonged to that employer. When the employer also wanted help with providing a method to comply with a legal warrant, Apple made excuses after excuse why it couldn’t be done. Guess they were wrong. They had an opportunity to do the right thing and learn from it in their labs.

    This whole argument that our government is out to get us is crazy. Does the government leverage justice equally, of course not. But give me an example of any institution from the work place to day care that does.

    • iSRS - 8 years ago

      The employer either (1) didn’t have the proper tools in place to manage these devices, or (2) did not use those tools. The FBI, if the “known” information is to be believed, also actively took steps that would have allowed them to gain further access.

      Additionally, the court order was above and beyond any “reasonable” request, to comply. Apple in FACT did help the government as much as it was REASONABLY expected too. Perhaps more than what would be considered reasonable.

      Apple last year, last month, last week, yesterday – DOES NOT HAVE what the FBI asked for. They are not withholding anything. I know these facts get in the way of those who wish to vilify Apple, but, really, why do people feel the need to vilify them? The FBI was able to get what they wanted without Apple’s help. Or at least get what they publicly stated they wanted. This should be an accomplishment everyone is satisfied with. If the data on this “one phone, this one time” is truly what the FBI wanted, then they are done and we should all be moving on.

      But most of us believe that what the FBI wanted was something that doesn’t exist, and wanted to set a precedent with Apple for all future technology companies to force them to follow. It didn’t work.

      I am also not narcissistic enough to believe the government wants anything on my iPhone. But there are people out there who would love an easy way to hack into any given number of iPhones and steel all sorts of information, the types of information that people who say “I have nothing to hide” seem to forget about.

      It is not, and never has been “our government is out to get us” – it has been the fact that software is comprised of nothing more than 1’s and 0’s. Just because “our government is not out to get us” does not mean that some government, or other party, somewhere in the world is not out to get some other party.

      So don’t be obtuse.

  17. Harry Lime - 8 years ago

    I’ll tell you exactly what’s going on here: the FBI has not determined or been provided a way to break into this phone. And how it went down:

    The FBI determines the odds are highly unlikely that they will be able to break into the phone, and they are pretty sure that–at this time–they cannot legally make Apple do it. They decide to bluff, first casually asking Apple to do so, and after being rebuffed they take their case first to the court of public opinion, and then threaten them with legal action. Apple is one of the richest companies in the world, and pays for the best attorneys money can buy. They decide they are on pretty solid legal footing, and decide to call the FBI’s bluff and refuse to help them.

    The FBI has painted themselves into a corner. They can’t make Apple help them unlock the phone, and by admitting defeat they will have advertised to the world that the iOS platform provides a method of communication that they cannot break in to. That is an unacceptable message. Thus, they decide to announce that they have broken into the phone. Do they have to prove this to Apple, the public, or anyone? Of course not. Trust us, we’ve cracked the nut, iOS is not secure. Nothing else to see here, move along.

    This correlates with the hand-wringing stories in the media, dropped by and/or quoting from intelligence officials decrying Whatsapp and Telegram as encrypted safe havens for terrorists. Those are the apps/services that they have turned into honeypots, either by breaking into them or buying/pressuring their way in.

  18. chasinvictoria - 8 years ago

    You’ll notice that not a single media report has — or will ever — reveal what the FBI found on that iPhone, if anything. There’s two possible reasons for this:

    1. They never did crack the iPhone — they lied to the court to get out of the case once it became obvious they would lose.

    2. They cracked the iPhone and found exactly what experts and fellow SBCHD employees said they’d find — nothing. They put the Constitution of the US on the line for nothing, because they never cared about what was on this iPhone — it was a ruse to gain more power and to destroy encryption/privacy all along.

  19. Gregory Wright - 8 years ago

    The article didn’t say Apple asked the government to tell it how access was gained. I suspect Apple does not want to know how the iPhone was accessed. As far as Apple is concerned its done its part to protect data as best as it can. They are on record as being oppose to the government. That’s a PR win for Apple. If the government finds a work around, so be it, says Apple. Our customers know where we stand. So, be on the look out for Apple buying Cellebrate.

  20. André Hedegaard - 8 years ago

    Apple, so full of double standards and unethical morals!

    Didn’t want to help FBI, so why should FBI help Apple? Seriously.

  21. Fortunately the FBI is very adept at keeping things secret … like the identity of the company that helped them.

    Couldn’t Apple just fork over $15K and ask the same company to crack Phil Schiller’s phone? I’m fairly certain they could scrounge up that much from under the well-designed sofa cushions.

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear