State-Level Actors

You Want The Data? Go Get It!

The FBI on Monday:

On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone.

[Source]

Without any doubts, when the government issues a legal warrant (such as the one they had back in December to searh Farook’s car), they should puruse all avenues of investigation, and subpeona all those who have information to give. Apple provided all the information it had, via Farook’s iCloud backup. It didn’t have the information on the phone itself, and had not access to the information. The extraordinary request to backdoor the phone crossed the line.

The FBI is now confirming what many in the industry have been saying - they don’t need Apple to get into this phone.

Jonathan Zdziarski’s take:

NAND mirroring is likely being used to some degree to brute force the pin on the device. This is where the NAND chip is typically desoldered, dumped into a file (likely by a chip reader/programmer, which is like a cd burner for chips), and then copied so that if the device begins to wipe or delay after five or ten tries, they can just re-write the original image back to the chip.

[Zdziarski]

The implications of this method are brilliant - but they would take significant resources (manpower, research, funding) to do. The resources at play here are and would only be accessible to high-level actors like a national law enforcement agency. It was wrong for the FBI to attempt to coop Apple into backdooring their own product, but I have no qualms with a method like this.

Warrants should give law enforcement the power to acquire data off phones, but not at the expense of creating a software backdoor. An effort like recovering data from an encrypted device should take the dedicated efforts from a state-level actor. If the FBI wants the data, they need to go get it themselves, and this method may be how they accomplish that. I’m good with them legally breaking into phones - as long as it’s from the outside looking in, not the other way around.

Update

Israel’s Cellebrite, a provider of mobile forensic software, is helping the U.S. Federal Bureau of Investigation’s attempt to unlock an iPhone used by one of the San Bernardino, California shooters, the Yedioth Ahronoth newspaper reported on Wednesday.

[Reuters via The Loop]


Typed on AEKII & Octopage

Dialogue & Discussion