Hardened Security Features of iPhone 5s Successfully Hacked in LAPD Murder Investigation

MacRumors

macrumors bot
Original poster
Apr 12, 2001
7,416
8,485



Los Angeles police investigators have discovered a workable method to bypass the hardened security features of a locked iPhone 5s, according to The Los Angeles Times.

In court documents seen by the newspaper yesterday, LAPD detectives found a "forensic cellphone expert" who could unlock the iPhone 5s belonging to April Jace, the slain wife of "The Shield" actor Michael Jace, who is accused of killing her at their L.A. home in 2014.

The claim appeared in a search warrant filed during the same period that the FBI was demanding Apple unlock the earlier model iPhone 5c of San Bernardino shooter Syed Rizwan Farook. In that high-profile case, the FBI eventually unlocked the phone with the help of professional hackers, paying them up to $1 million for a tool exploiting a security vulnerability.

According to FBI director James Comey, the method obtained by the bureau only worked on a "narrow slice of phones", which did not include models of the iPhone 5s and after, presumably because the latter devices are equipped with Apple's proprietary Secure Enclave, a separate security-hardened portion of the core processing chip with its own secure boot and personalized software where private encryption keys are stored and used to secure data.

Prior to the the FBI's acquisition of its hacking method, several security experts warned that the ability the bureau sought from Apple would in fact work on later devices, while Apple claimed back in February that the method the FBI asked it for to unlock an iPhone 5c was also possible on newer devices with the Secure Enclave. According to TechCrunch, Apple said at the time that the technical solutions would be different than they are on the iPhone 5c, but not impossible.

According to The Times, the search warrant filed in the April Jace killing did not detail the method used by the LAPD to open the later-model iPhone 5s, nor did police reveal the identity of the cellphone expert. It's also unclear what operating system April Jace's phone had.

The iPhone 5s has been at the center of the investigation after it was claimed that the actor and his wife argued "about their relationship" via text message shortly before he is alleged to have shot her. Michael Jace's attorneys successfully persuaded a judge to delay his murder trial, arguing that the dead woman's phone should undergo a more exhaustive search than one initially conducted by police.

Shortly after her killing, April Jace's cellphone was locked by a passcode, which "hindered" the investigation. But in January 2015, an Apple technician was ordered by an L.A. judge to help police extract data from the phone, according to the search warrant.

That attempt apparently failed to obtain any information and a second attempt by the L.A. County district attorney's office the same month left the phone "disabled". The following month, authorities tried to inspect the iPhone but it didn't even turn on, the warrant stated.

But in March, investigators learned that a forensic cellphone expert could "override" the security features and let authorities view the phone's contents. A senior investigator with the district attorney's office was apparently then able to examine the phone in April. Jace, 53, is currently awaiting trial in the case.

Last week it was reported that the FBI will not reveal to Apple the method it used to hack into the iPhone of the San Bernardino shooter, because it does not have the rights to the technical data about how the method functions. Apple wants details on the flaw so a fix can be implemented. Until it does, the FBI can keep using the vulnerability so long as it remains unpatched.

Amid its dispute with the FBI, reports suggest Apple has already begun work on implementing stronger security measures to protect iOS devices in order to counter the threat of hackers rather than the government. Apple has also said it has revamped its internal security teams.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: Hardened Security Features of iPhone 5s Successfully Hacked in LAPD Murder Investigation
 
  • Like
Reactions: rshrugged

8692574

Suspended
Mar 18, 2006
1,247
1,865
I can say I hacked the Pentagon but that doesn't make it true....(oh you did not hear about it because they are trying to chase me and don't want to give any hint and help me escape!!!)
If there's no proof they can say whatever they want (and badmouthing Apple is all they care now) but going public claiming you are hacking into things does not make you look like the good guy....especially if you are the government!
 

Mac Fly (film)

macrumors 65816
Feb 12, 2006
1,437
3,953
Ireland
They should be made to reveal how they unlocked the phones so Apple can keep its millions or customers safer, because anyone can use other encryption methods. Yes it makes law enforcement's job harder, but it also impedes framing in the technology age and it's not Apple's job to make law enforcement's job easier. It's Apple's job to provide its customers and its millions of using public security. Apple cannot suddenly make humans less primitive in their private lives. People will be people.
 

Recognition

macrumors 6502a
Jun 27, 2013
596
654
I'd be willing to bet they lifted a fingerprint from somewhere and made a fake finger using the print.
The article says the phone was locked with a passcode in January. It wasn't until April they 'accessed' the phone.
It couldn't of been via Touch ID as that reverts to a passcode after 48hrs (I think), four months had passed and the phone had been powered off since the incident and them finally accessing the phone.
 

Breaking Good

macrumors 65816
Sep 28, 2012
1,174
764
If I understand correctly, the defendant in this case also wanted the phone unlocked.

I'm not seeing a problem here.
[doublepost=1462447727][/doublepost]
Another instance of the US government not caring about the privacy and rights of citizens.
 
  • Like
Reactions: mw360

0007776

Suspended
Jul 11, 2006
6,474
8,051
Somewhere
If I understand correctly, the defendant in this case also wanted the phone unlocked.

I'm not seeing a problem here.
[doublepost=1462447727][/doublepost]
Nope, no problem as long as Apple works to find out what the hole is so they can try to patch it and keep our phones safe.
 

diddl14

macrumors 6502a
Aug 10, 2009
826
853
Sounds like a healthy way for law enforcement in dealing with locked phones.

Now they only need to comfortably move on when all hacking attempts fail, instead of trying to force suppliers to weaken security...
 

hudson1

macrumors 6502
Jun 12, 2012
358
162
Nope, no problem as long as Apple works to find out what the hole is so they can try to patch it and keep our phones safe.
Phones are not beings... they don't care if they're "safe". I personally don't get all the angst over cracking phones. It seems way down the list from things like the IRS potentially seizing your assets and stuff like that.
 

69Mustang

macrumors 604
Jan 7, 2014
6,929
12,434
In between a rock and a hard place
Nope, no problem as long as Apple works to find out what the hole is so they can try to patch it and keep our phones safe.
Serious question. How is your phone not safe? Blanket statements like that are useless and hyperbolic. As someone stated above, the iPhone is an electronic device. It's never going to be 100% un-hackable. As it stands now, it takes a pretty concerted effort to do it.

"Keep our phones safe" should be the new "but think of the children".
 

0007776

Suspended
Jul 11, 2006
6,474
8,051
Somewhere
Serious question. How is your phone not safe? Blanket statements like that are useless and hyperbolic. As someone stated above, the iPhone is an electronic device. It's never going to be 100% un-hackable. As it stands now, it takes a pretty concerted effort to do it.

"Keep our phones safe" should be the new "but think of the children".
There is personal information on there. If no one knows how to hack into it it is safe. However now we know that hackers have figured out a way to get in so potentially that personal information is at risk if someone were to steal my phone. Obviously nothing is unhackable, but if there are known flaws that aren't fixed the safety of data on a phone is compromised much more than if the flaw was there but unknown.
 

b1wils1

macrumors regular
Dec 27, 2006
146
198
SoCal
there is a common denominator in these cases. these are phones of people that commit crimes; not "steal from a gas station" crimes, but serious theft/arson/homicide. i might be in the minority, but when you try to wrong or harm another human, for whatever reason, you've surrendered your right to privacy.

I certainly believe you should be given fair trial and every step to obey the legal process should be taken. but, if you want your privacy, don't affect someone else's well-being or rights.
 

0007776

Suspended
Jul 11, 2006
6,474
8,051
Somewhere
Phones are not beings... they don't care if they're "safe". I personally don't get all the angst over cracking phones. It seems way down the list from things like the IRS potentially seizing your assets and stuff like that.
I'm not too worried about the government, I'm more worried about someone stealing my phone and being able to get into it and getting personal data off of it. And while the phone doesn't have a brain to worry about if it is safe or not, their owners presumably do.
[doublepost=1462450622][/doublepost]
there is a common denominator in these cases. these are phones of people that commit crimes; not "steal from a gas station" crimes, but serious theft/arson/homicide. i might be in the minority, but when you try to wrong or harm another human, for whatever reason, you've surrendered your right to privacy.
The problem is if left un patched these security flaws can lead to theft of personal information from an innocent person's phone. Of course those situations won't make the news, unless it is a celebrity involved. I think most people have no problem with the government paying a hacker to get in with a valid warrant, but they should work with Apple to get the holes fixed.
 

H2SO4

macrumors 601
Nov 4, 2008
4,351
3,748
The article says the phone was locked with a passcode in January. It wasn't until April they 'accessed' the phone.
It couldn't of been via Touch ID as that reverts to a passcode after 48hrs (I think), four months had passed and the phone had been powered off since the incident and them finally accessing the phone.
I’ve never been sure how this works. 48 hours after what exactly?
 

blackcrayon

macrumors 68000
Mar 10, 2003
1,990
1,482
The article says the phone was locked with a passcode in January. It wasn't until April they 'accessed' the phone.
It couldn't of been via Touch ID as that reverts to a passcode after 48hrs (I think), four months had passed and the phone had been powered off since the incident and them finally accessing the phone.
That's true, but we don't know if there is a security hack somewhere that allows a fingerprint unlock after 48 hours.
 
  • Like
Reactions: Recognition

Piggie

macrumors G3
Feb 23, 2010
8,286
2,471
They should be made to reveal how they unlocked the phones so Apple can keep its millions or customers safer, because anyone can use other encryption methods. Yes it makes law enforcement's job harder, but it also impedes framing in the technology age and it's not Apple's job to make law enforcement's job easier. It's Apple's job to provide its customers and its millions of using public security. Apple cannot suddenly make humans less primitive in their private lives. People will be people.
So when you live in in danger, your family in kidnapped, your daughter raped, your car stolen etc etc.
Are you going to turn to Apple for help or the Law agencies?
 
  • Like
Reactions: AleXXXa and H2SO4

d5aqoëp

macrumors 65816
Feb 9, 2016
1,049
1,412
I'd be willing to bet they lifted a fingerprint from somewhere and made a fake finger using the print.
You cannot do that. After 2-3 days, it will ask for passcode before allowing usage of TouchID again. If the battery dies or if the phone is rebooted, it will still ask for passcode.

I think, they found a way to copy encrypted contents of flash Nand and brute force encryption on separate hardware.