After December 2015, Apple and the FBI started a large-scale battle over encryption in early 2016. Mass shooting in San Bernardino. A couple shot and killed more than ten people. They were subsequently killed in a battle with the police. They left behind the iPhone 5C running iOS 9, which was the latest operating system for iPhone and iPad at the time. The government wants to gain access to the phone to see if it can determine any connection between the two shooters and the Islamic State, but they cannot break the encryption. The FBI tried to get the court to force Apple to create a backdoor in iOS that would enable them to retrieve any data behind the screen password. Apple strongly opposes the order, And explained that it did not enter the iOS backdoor, and creating a backdoor would pose a huge security risk to all iPhone users.
In the following months, the FBI admitted that it had found a solution to crack the iPhone 5C encryption and abandoned the case. Apple won the debate over encryption at the time, but since then, governments around the world have been working hard to promote backdoor legislation.The FBI later confirmed that the payment was made $900,000 exploit Allow it to enter the iPhone, but did not disclose how the exploit works. After unlocking, the FBI did not find any useful information on the iPhone 5C belonging to the shooter.Experts in the field Think the Israeli company Cellebrite proposed a hack, But it has never been confirmed. It seems that we will never learn the truth, but a new report may finally reveal the true story of how the FBI broke iPhone encryption.
survey From Washington post He said that Azimuth, a white hat security research company, is responsible for developing a series of iOS vulnerabilities that can be used to bypass the iPhone’s lock screen.
The report reminds us that iOS 9 has deployed a security feature that will prevent attempts to brute force passwords. The process involves using a program that tries every possible combination to guess the iPhone’s four-digit PIN. This can be done in about 25 minutes before iOS 9.
The FBI only tried 10 attempts to crack the iPhone 5C, and then the software wiped the contents of the device. That’s where the azimuth angle comes into play:
People familiar with the matter said that two azimuth hackers joined forces to break into the San Bernardino iPhone. They, like the others cited in this article, discussed sensitive issues anonymously. Founder Mark Dowd (Mark Dowd) is 41 years old this year and is an Australian coder responsible for the marathon. A colleague said that he “can look at the computer and then break into the computer.” It is David Wang, who first used the keyboard when he was 8 years old. He quit Yale University and won the prestigious Pwnie Award (Hacker Oscar) at the age of 27 for “jailbreaking” or removing restrictions on software. iPhone.
Dow Jones discovered a bug in Mozilla’s open source code even before the San Bernardino incident. Apple relies on Mozilla software to plug accessories into the iPhone’s Lightning port.
Wang used Mozilla to mistakenly create a loophole that allowed access to the phone. Then another error was used for “greater operability.” The final use allows them to fully control the phone’s processor. Then, a brute force software was used to try all possible password combinations, thereby bypassing the security feature, which would wipe the storage of the device after 10 failed attempts. The vulnerability was named Condor.
The researchers tested the tool on twelve iPhone 5C devices, including phones purchased on eBay. Then, they showed the Condor to the FBI, and agency experts tested the Condor on other equipment to ensure that it worked properly. Every test is successful, this is how Condor made a net $900,000 to Azimuth.
The report pointed out that FBI officials were relieved, but disappointed that they were unable to advance the encryption backdoor struggle. In addition, Apple may be dissatisfied with security experts building tools that can be used to break into its devices.but postal Explain that Azimuth’s success helped Apple because the company never had to face a court order to establish a backdoor on that particular iPhone 5C, which would set a dangerous precedent.
Mozilla never knew that security holes in its software were used to advance iPhone 5C hacking. About a month after the FBI unlocked the iPhone 5C, the company patched the problem, rendering the flaw useless. Without this error, the entire exploit chain will not work properly.
Apple didn’t know who was responsible for the hacking, but it took a shortcut when it sued another security research company, which allowed security researchers to create virtual iPhones on desktop computers. Wang co-founded the company Corellium in 2017. The full report is worth reading, Because it provides more background information about the San Bernardino incident and the Apple v. Corellium lawsuit unrelated to the 2016 iPhone 5C hacking incident.