Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

News Organizations Team Up in Lawsuit Against FBI Over San Bernardino iPhone Hacking Case

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
66,869
36,534



A group of three news outlets, including Gannett, the Associated Press and Vice Media, filed a lawsuit today against the FBI on grounds relating to the bureau's decision to keep its method of hacking into San Bernardino shooter Syed Farook's iPhone a secret. The news organizations are looking for more information about how exactly the FBI entered the iPhone, what "outside party" helped with the process, and how much the government paid for it (via USA Today).

Gannett, the AP, and Vice Media have each sought details on the hack under the Freedom of Information Act, but the FBI denied the requests, arguing that "revealing the records would imperil its enforcement efforts." Now the organizations are teaming up and asking the court to force the FBI to release the requested information.

iphone5c.png

While the security drama swirls, University of Cambridge researcher Sergei Skorobogatov has released proof countering the FBI's claim that it couldn't get into Farook's iPhone without Apple's help. In his report (via Engadget), Skorobagatov detailed his process in bypassing the passcode retry counter of an iPhone 5c running iOS 9, which he said "does not require any expensive and sophisticated equipment."
This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c.
Click to expand...
After removing the NAND from the iPhone -- which requires "a temperature above 300 ºC...due to heavy heat sinking of the main PCB" -- he created a backup of it and placed it onto a custom-built, special test board. To continue the NAND mirroring process, following a successful creation and verification of the backup copy, the original chip is placed back into the iPhone 5c, where the researcher entered six passcode attempts, and then power cycled the device. In total, the process takes 90 seconds each time, meaning the true password could feasibly be discovered in "less than two days."
Once the phone is powered up and the screen is slid the passcode can be entered six times until the delay of one minute is introduced again. Then the process of mirroring from backup can be repeated again and again until the correct passcode is found. On average each cycle of mirroring for six passcode attempts takes 90 seconds. Hence, a full scan of all possible 4-digit passcodes will take about 40 hours or less than two days.
Click to expand...
The fight between Apple and the FBI began earlier in the year when Apple refused to help the government unlock Farook's iPhone 5c under the belief that it could set a fearful precedent for security and privacy moving forward. The FBI didn't know what could potentially be on the device, but believed that any information gathered from it would potentially help move the case of the San Bernardino shooting forward in meaningful ways.

Although that particular case is over, FBI director James Comey said that he expects litigation over the encryption of mobile devices to continue, as encryption is "essential tradecraft" of terrorist organizations like ISIS. Technology and security have intersected more and more as smartphones grow more popular, with Comey also stating that WhatsApp's new end-to-end encryption was already "affecting the criminal work [of the FBI] in huge ways."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: News Organizations Team Up in Lawsuit Against FBI Over San Bernardino iPhone Hacking Case
 
Article Link
https://www.macrumors.com/2016/09/16/news-organizations-lawsuit-fbi/
  • Like
Reactions: Sunny1990
It's interesting how quickly Vice is gaining prominence. My introduction to them was the series of "travel" documentaries they did (definitely worth a watch if you haven't seen them). They do seem to have a distinct viewpoint and it shows in their coverage but I generally like their work. Much more interesting to me than what a lot of the traditional media is doing.

And good for these groups in pushing for access to the information, it's been sketchy how the FBI has been avoiding federal rules of disclosures in this case.

edit: this reminds me that we haven't heard anything with the release of the iPhone 7 about improvements to the secure enclave and firmware flashing. I wonder whether any steps were taken to reduce or eliminate their ability to apply updates without the consent of the device owner.
 
  • Like
Reactions: cbaca51 and Jess13
Oh, boo hoo Comey, everyone should just obey you because you shouldn't have to work hard to keep up? You've already abdicated your responsibility to be objective, thus becoming a minion of whoever the current administration is. Now you're going to whine, implying corporations should be obligated to make your job easier??

Here's your answer: :p
 
This doesn't look good for either the FBI or Apple.

FBI bluffed when they said they found out how to unlock the phone.

Now that the public will know the truth, there will be pressure on Apple to put a backdoor in iOS.
 
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
 
  • Like
Reactions: Oldmanmac
Cuban Missles said:
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
Click to expand...
Probably wanting to make sure that the phones they use are secure, since the media has being targeted by government(not just the US) spying.
 
thisisnotmyname said:
It's interesting how quickly Vice is gaining prominence. My introduction to them was the series of "travel" documentaries they did (definitely worth a watch if you haven't seen them). They do seem to have a distinct viewpoint and it shows in their coverage but I generally like their work. Much more interesting to me than what a lot of the traditional media is doing.

And good for these groups in pushing for access to the information, it's been sketchy how the FBI has been avoiding federal rules of disclosures in this case.

edit: this reminds me that we haven't heard anything with the release of the iPhone 7 about improvements to the secure enclave and firmware flashing. I wonder whether any steps were taken to reduce or eliminate their ability to apply updates without the consent of the device owner.
Click to expand...
Vice has, at many times, been great. Not always, but yes: Vice does tons of great.
 
Cuban Missles said:
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
Click to expand...

It will be interesting to see how it plays out. The way Freedom of Information Act (FOIA) requests work is everything is presumed to be subject to disclosure unless the info falls under specific exemptions in the act. It sounds like the FBI is relying on the exemption quoted below. I guess it will be the court's job to decide if the exemption applies in this case.

Quote from FOIA FAQ here:
7(E). Would disclose techniques and procedures for law enforcement investigations or prosecutions.
Click to expand...
 
Last edited:
  • Like
Reactions: Keane16, Gasu E. and tgara
Cuban Missles said:
I was never a fan of the FBI forcing Apple to break their OS. I am not sure that FBI has any responsibility to divulging how they finally broke into the phone. And why would the new organization want to know the hacking approach? Are they planning a hack of their own?
Click to expand...
Are you kidding? This would be gold to them. Imagine them sneaking off with someone's phone at a bar or something, applying the hack, getting private information that they can then report on.
 
There is irony here. News organization executives with their talking heads are complaining about people's privacy being violated. However, those news organization executives often violate people's privacy in the search for content to stuff next to advertising on a daily basis.
 
  • Like
Reactions: OLDCODGER
MacRumors said:
FBI director James Comey said that he expects litigation over the encryption of mobile devices to continue, as encryption is "essential tradecraft" of terrorist organizations like ISIS.
Click to expand...

Essential tradecraft of terrorists? Or last defense of innocent citizens against jack-booted government storm troopers?
 
cmwade77 said:
Are you kidding? This would be gold to them. Imagine them sneaking off with someone's phone at a bar or something, applying the hack, getting private information that they can then report on.
Click to expand...
If it's anything like the hack described by the researcher mentioned in the article, that would be something to see...
[doublepost=1474060393][/doublepost]
scoobydoo99 said:
Essential tradecraft of terrorists? Or last defense of innocent citizens against jack-booted government storm troopers?
Click to expand...
Well, probably both, honestly.
 
DrewDaHilp1 said:
Probably wanting to make sure that the phones they use are secure, since the media has being targeted by government(not just the US) spying.
Click to expand...

Not to mention that this week the DOJ said that it is ok for g-men to impersonate journalists. (Who will ever whistleblow if there is a risk the journo who claims to be off the record is actually assembling a dossier- this is technique that belongs to the Stasi.)
[doublepost=1474061185][/doublepost]
joueboy said:
Plot twist, Samsung sponsored the news organization to pursue the lawsuit.
Click to expand...
Double plot twist, Samsung finds out and copies an obsolete phone design...
 
Everyone should take notice: They managed to attempt six passcodes every 90 seconds, which means 10,000 passcodes could be checked in 40 hours or two days. A six digit passcode has one million passcodes which would take 4,000 hours or about six months. It's also 500 working weeks in multiple shifts and accordingly expensive. An 8 digit code would take 50 years to crack.
 
gnasher729 said:
Everyone should take notice: They managed to attempt six passcodes every 90 seconds, which means 10,000 passcodes could be checked in 40 hours or two days. A six digit passcode has one million passcodes which would take 4,000 hours or about six months. It's also 500 working weeks in multiple shifts and accordingly expensive. An 8 digit code would take 50 years to crack.
Click to expand...
What if they didn't know how many digits were in a password?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back