Hardened Security Features of iPhone 5s Successfully Hacked in LAPD Murder Investigation

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, May 5, 2016.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    Los Angeles police investigators have discovered a workable method to bypass the hardened security features of a locked iPhone 5s, according to The Los Angeles Times.

    In court documents seen by the newspaper yesterday, LAPD detectives found a "forensic cellphone expert" who could unlock the iPhone 5s belonging to April Jace, the slain wife of "The Shield" actor Michael Jace, who is accused of killing her at their L.A. home in 2014.

    The claim appeared in a search warrant filed during the same period that the FBI was demanding Apple unlock the earlier model iPhone 5c of San Bernardino shooter Syed Rizwan Farook. In that high-profile case, the FBI eventually unlocked the phone with the help of professional hackers, paying them up to $1 million for a tool exploiting a security vulnerability.

    According to FBI director James Comey, the method obtained by the bureau only worked on a "narrow slice of phones", which did not include models of the iPhone 5s and after, presumably because the latter devices are equipped with Apple's proprietary Secure Enclave, a separate security-hardened portion of the core processing chip with its own secure boot and personalized software where private encryption keys are stored and used to secure data.

    Prior to the the FBI's acquisition of its hacking method, several security experts warned that the ability the bureau sought from Apple would in fact work on later devices, while Apple claimed back in February that the method the FBI asked it for to unlock an iPhone 5c was also possible on newer devices with the Secure Enclave. According to TechCrunch, Apple said at the time that the technical solutions would be different than they are on the iPhone 5c, but not impossible.

    According to The Times, the search warrant filed in the April Jace killing did not detail the method used by the LAPD to open the later-model iPhone 5s, nor did police reveal the identity of the cellphone expert. It's also unclear what operating system April Jace's phone had.

    The iPhone 5s has been at the center of the investigation after it was claimed that the actor and his wife argued "about their relationship" via text message shortly before he is alleged to have shot her. Michael Jace's attorneys successfully persuaded a judge to delay his murder trial, arguing that the dead woman's phone should undergo a more exhaustive search than one initially conducted by police.

    Shortly after her killing, April Jace's cellphone was locked by a passcode, which "hindered" the investigation. But in January 2015, an Apple technician was ordered by an L.A. judge to help police extract data from the phone, according to the search warrant.

    That attempt apparently failed to obtain any information and a second attempt by the L.A. County district attorney's office the same month left the phone "disabled". The following month, authorities tried to inspect the iPhone but it didn't even turn on, the warrant stated.

    But in March, investigators learned that a forensic cellphone expert could "override" the security features and let authorities view the phone's contents. A senior investigator with the district attorney's office was apparently then able to examine the phone in April. Jace, 53, is currently awaiting trial in the case.

    Last week it was reported that the FBI will not reveal to Apple the method it used to hack into the iPhone of the San Bernardino shooter, because it does not have the rights to the technical data about how the method functions. Apple wants details on the flaw so a fix can be implemented. Until it does, the FBI can keep using the vulnerability so long as it remains unpatched.

    Amid its dispute with the FBI, reports suggest Apple has already begun work on implementing stronger security measures to protect iOS devices in order to counter the threat of hackers rather than the government. Apple has also said it has revamped its internal security teams.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Hardened Security Features of iPhone 5s Successfully Hacked in LAPD Murder Investigation
     
  2. Jsameds macrumors 68030

    Joined:
    Apr 22, 2008
    #2
    I'd be willing to bet they lifted a fingerprint from somewhere and made a fake finger using the print.
     
  3. 8692574 Suspended

    8692574

    Joined:
    Mar 18, 2006
    #3
    I can say I hacked the Pentagon but that doesn't make it true....(oh you did not hear about it because they are trying to chase me and don't want to give any hint and help me escape!!!)
    If there's no proof they can say whatever they want (and badmouthing Apple is all they care now) but going public claiming you are hacking into things does not make you look like the good guy....especially if you are the government!
     
  4. Mac Fly (film) macrumors 65816

    Mac Fly (film)

    Joined:
    Feb 12, 2006
    Location:
    Ireland
    #4
    They should be made to reveal how they unlocked the phones so Apple can keep its millions or customers safer, because anyone can use other encryption methods. Yes it makes law enforcement's job harder, but it also impedes framing in the technology age and it's not Apple's job to make law enforcement's job easier. It's Apple's job to provide its customers and its millions of using public security. Apple cannot suddenly make humans less primitive in their private lives. People will be people.
     
  5. Recognition macrumors 6502

    Recognition

    Joined:
    Jun 27, 2013
    #5
    The article says the phone was locked with a passcode in January. It wasn't until April they 'accessed' the phone.
    It couldn't of been via Touch ID as that reverts to a passcode after 48hrs (I think), four months had passed and the phone had been powered off since the incident and them finally accessing the phone.
     
  6. mabaker macrumors 65816

    mabaker

    Joined:
    Jan 19, 2008
    #6
    I think they just might have guessed the password.
     
  7. alphaod macrumors Core

    alphaod

    Joined:
    Feb 9, 2008
    Location:
    NYC
    #7
    Another instance of the US government not caring about the privacy and rights of citizens.
     
  8. carlsson macrumors regular

    carlsson

    Joined:
    Jul 18, 2001
  9. ForkHandles macrumors regular

    ForkHandles

    Joined:
    Jun 8, 2012
    #9
    Security is always going to be a game of cat and mouse.

    The chap who invented the first ever wooden door thought he was quite secure, then someone stole his iPhone so he had to invent a door lock!
     
  10. dmylrea macrumors 68000

    dmylrea

    Joined:
    Sep 27, 2005
    #10
    You mean the murdered, dead citizens? I'm sure April Jace put a PIN on her iPhone so that if she were murdered, no one could get to the evidence to convict her killer! Puh-lease... :rolleyes:
     
  11. sofila macrumors 6502a

    sofila

    Joined:
    Jan 19, 2006
    Location:
    Ramtop Mountains
    #11
    Everything digital can be hacked with proper resources
    Time money skills and will
     
  12. Breaking Good macrumors 6502a

    Joined:
    Sep 28, 2012
    #12
    If I understand correctly, the defendant in this case also wanted the phone unlocked.

    I'm not seeing a problem here.
    --- Post Merged, May 5, 2016 ---
     
  13. mrkramer macrumors 603

    mrkramer

    Joined:
    Jul 11, 2006
    Location:
    Somewhere
    #13
    Nope, no problem as long as Apple works to find out what the hole is so they can try to patch it and keep our phones safe.
     
  14. diddl14 macrumors 6502a

    diddl14

    Joined:
    Aug 10, 2009
    #14
    Sounds like a healthy way for law enforcement in dealing with locked phones.

    Now they only need to comfortably move on when all hacking attempts fail, instead of trying to force suppliers to weaken security...
     
  15. hudson1 macrumors 6502

    Joined:
    Jun 12, 2012
    #15
    Phones are not beings... they don't care if they're "safe". I personally don't get all the angst over cracking phones. It seems way down the list from things like the IRS potentially seizing your assets and stuff like that.
     
  16. 69Mustang macrumors 601

    69Mustang

    Joined:
    Jan 7, 2014
    Location:
    In between a rock and a hard place
    #16
    Serious question. How is your phone not safe? Blanket statements like that are useless and hyperbolic. As someone stated above, the iPhone is an electronic device. It's never going to be 100% un-hackable. As it stands now, it takes a pretty concerted effort to do it.

    "Keep our phones safe" should be the new "but think of the children".
     
  17. willmtaylor macrumors G3

    willmtaylor

    Joined:
    Oct 31, 2009
    Location:
    A Natural State
  18. mrkramer macrumors 603

    mrkramer

    Joined:
    Jul 11, 2006
    Location:
    Somewhere
    #18
    There is personal information on there. If no one knows how to hack into it it is safe. However now we know that hackers have figured out a way to get in so potentially that personal information is at risk if someone were to steal my phone. Obviously nothing is unhackable, but if there are known flaws that aren't fixed the safety of data on a phone is compromised much more than if the flaw was there but unknown.
     
  19. b1wils1 macrumors regular

    b1wils1

    Joined:
    Dec 27, 2006
    Location:
    SoCal
    #19
    there is a common denominator in these cases. these are phones of people that commit crimes; not "steal from a gas station" crimes, but serious theft/arson/homicide. i might be in the minority, but when you try to wrong or harm another human, for whatever reason, you've surrendered your right to privacy.

    I certainly believe you should be given fair trial and every step to obey the legal process should be taken. but, if you want your privacy, don't affect someone else's well-being or rights.
     
  20. mrkramer macrumors 603

    mrkramer

    Joined:
    Jul 11, 2006
    Location:
    Somewhere
    #20
    I'm not too worried about the government, I'm more worried about someone stealing my phone and being able to get into it and getting personal data off of it. And while the phone doesn't have a brain to worry about if it is safe or not, their owners presumably do.
    --- Post Merged, May 5, 2016 ---
    The problem is if left un patched these security flaws can lead to theft of personal information from an innocent person's phone. Of course those situations won't make the news, unless it is a celebrity involved. I think most people have no problem with the government paying a hacker to get in with a valid warrant, but they should work with Apple to get the holes fixed.
     
  21. H2SO4 macrumors 68040

    Joined:
    Nov 4, 2008
    #21
    I’ve never been sure how this works. 48 hours after what exactly?
     
  22. b0nd18t macrumors 6502

    b0nd18t

    Joined:
    Apr 9, 2012
    #22
    Not surprising considering you can bypass it on brand new phones running iOS 9.
     
  23. blackcrayon macrumors 68000

    Joined:
    Mar 10, 2003
    #23
    That's true, but we don't know if there is a security hack somewhere that allows a fingerprint unlock after 48 hours.
     
  24. Piggie macrumors 604

    Piggie

    Joined:
    Feb 23, 2010
    #24
    So when you live in in danger, your family in kidnapped, your daughter raped, your car stolen etc etc.
    Are you going to turn to Apple for help or the Law agencies?
     
  25. d5aqoëp macrumors 6502a

    d5aqoëp

    Joined:
    Feb 9, 2016
    #25
    You cannot do that. After 2-3 days, it will ask for passcode before allowing usage of TouchID again. If the battery dies or if the phone is rebooted, it will still ask for passcode.

    I think, they found a way to copy encrypted contents of flash Nand and brute force encryption on separate hardware.
     

Share This Page