Jump to content
Facebook Twitter Youtube

Hardware hack defeats iPhone passcode security


BaTMaN-
 Share

Recommended Posts

People holding iPhones

IPhone passcodes can be bypassed using just £75 ($100) of electronic components, research suggests.
A Cambridge computer scientist cloned iPhone memory chips, allowing him an unlimited number of attempts to guess a passcode.
The work contradicts a claim made by the FBI earlier this year that this approach would not work.
The FBI made the claim as it sought access to San Bernardino gunman Syed Rizwan Farook's iPhone.
Cheap trick
2014 file image of Tashfeen Malik, left, and Rizwan Farook, as they passed through O'Hare International Airport in ChicagoImage copyrightAP
Image caption
Syed Rizwan Farook and his wife, Tashfeen Malik, killed 14 people at an office party on 2 December
Farook and his wife killed 14 people in the California city last December before police fatally shot them.
The FBI believed his iPhone 5C contained information about collaborators, but its security system prevented easy access.
The agency pressured Apple to give it a software backdoor into the phone, and, when it refused, reportedly paid $1m to a security company to retrieve data from the phone.
Now, Dr Sergei Skorobogatov, from the University of Cambridge computer laboratory, has spent four months building a testing rig to bypass iPhone 5C pin codes.
In a YouTube video, Dr Skorobogatov showed how he had removed a Nand chip from an iPhone 5C - the main memory storage system used on many Apple devices.

A worker checks an iPhone, file picture

He then worked out how the memory system communicated with the phone so he could clone the chip.
And the target phone was modified so its Nand chip sat on an external board and copied versions could be easily plugged in or removed.
In the video, Dr Skorobogatov demonstrated locking an iPhone 5C by trying too many incorrect combinations.
He then removed the Nand chip and substituted a fresh clone, which had its pin attempt counter set at zero, to allow him to keep trying different codes.
"Because I can create as many clones as I want, I can repeat the process many many times until the passcode is found," he said.
Known as Nand mirroring, the technique is one FBI director James Comey said would not work on Farook's phone.
Finding a four-digit code took about 40 hours of work, Dr Skorobogatov said.
And finding a six-digit code could potentially take hundreds of hours
Using a slightly more sophisticated set-up should make it possible to clone memory chips from other iPhones, including more recent models such as the iPhone 6.
However, Dr Skorobogatov said, more information was needed about the way Apple stored data in memory on more recent phones.
The different techniques could make it "more challenging to analyse and copy", he added.
Apple has not responded to a request for comment on Dr Skorobogatov's research.
Susan Landau, on the Lawfare news blog, said the work showed law enforcement agencies should not look for software backdoors to help their investigations but should develop or cultivate hardware and computer security skills.
"Skorobogatov was able to do what the FBI said was impossible," she said.

  • I love it 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

WHO WE ARE?

CsBlackDevil Community [www.csblackdevil.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSBD has over 70k members in continuous expansion, coming from different parts of the world.

 

 

Important Links