Australian company helped FBI unlock San Bernardino gunman’s iPhone


So how exactly does the FBI unlocks iPhone 5C used by San Bernardino 2016 shooter? According to The Washington Post, he turned to a little-known Australian security company named Azimuth, who had developed a tool to bypass Apple’s strict security measures. The iPhone in question was at the heart of a massive legal fight between Apple and the FBI.

Authorities were previously able to sneak their way into iPhones by quickly trying multiple passcodes. But the improved security measures in iOS 9, which offered encryption and the ability to wipe phone data during hacking attempts, required a new strategy. The FBI believed that there might be important information relating to the terrorist attack, and subsequently attempted to coerce Apple into helping unlock the phone. But Apple refused – CEO Tim Cook has said creating a backdoor could be “scary” and “dangerous” when it comes to security and legal precedents.

This epic battle ended abruptly in April 2016, when the FBI announced that it had purchased a “tool” to enter the San Bernardino gunman’s iPhone. Sources say The Washington Post that Azimuth founder Mark Dowd discovered a flaw in Mozilla’s open source code, which was used by Apple to manage accessories connecting to iPhone Lightning ports. Azimuth researcher David Wang used this exploit to gain access to iOS 9 devices and then gathered other exploits to gain access to their main processor. From there, he was able to try multiple combinations of PIN codes without risking data deletion.

Wang then founded Corellium, a security company that developed virtual iPhones for researchers to test. Apple, probably aware of Wang’s background, has previously attempted to hire him for his own security work. Now Apple is in the midst of legal battles with Corellium. In December, a judge dismissed the company’s claims that Corellium infringed its copyright. And in an upcoming summer trial, Apple will attempt to argue that Corellium’s tools illegally breach its security.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *