Monday, September 19, 2016

Hacking a secured iPhone

In the aftermath of the San Bernadino shootings last year the FBI was unable to hack past the security of an iPhone and demanded that Apple break their own security.  A security firm stepped forward and used a hardware attack to circumvent entry.  How did they do it?  Here is a high level description of what security researchers did -- likely similar to what the security firm did:

The problem is that after too many failed attempts to enter a passcode the phone will permanently shut down.  The challenge is to remove the attempt limit so all possible passcodes can be tried -- the passcode on that phone was only 4 numbers (new phones require 6 which is considerably more guesses).  The trick was to find the memory chip that stored the count and replace it with a new chip with a zeroed count before the limit was reached (much harder to do than it sounds).  It is a laborious process, but it can be done.

No comments:

Post a Comment