Image 01 Image 03

Media Sues FBI to Reveal How Agents Hacked San Bernardino Shooter’s Phone

Media Sues FBI to Reveal How Agents Hacked San Bernardino Shooter’s Phone

FBI hacked into the phone via a “third party,” but refuses to divulge any details.

The Associated Press, Gannett Co., and Vice Media LLC have filed a suit against the FBI under the Freedom of Information Act (FOIA) to gather details how agents hacked into the phone of one of the San Bernardino shooters.

The Justice Department fought with Apple for over a month, trying to convince the company to allow the government into Syed Farook’s iPhone after he and his wife Tashfeen Malik, who pledged allegiance to the Islamic State, killed 14 people in San Bernardino, CA, in December 2015. The FBI took Farrok’s phone as evidence, but couldn’t open it due to a passcode. Apple refused to help, saying it would risk privacy of other customers.

Then somehow, call it a miracle, the FBI managed to crack into the iPhone all by themselves!

Now the three organizations want to know how the FBI hacked the phone, who did it, and how much it cost. Since the FBI refused to supply information requested in their previous FOIA request, the organizations have now filed another suit:

“Understanding the amount that the FBI deemed appropriate to spend on the tool, as well as the identity and reputation of the vendor it did business with, is essential for the public to provide effective oversight of government functions and help guard against potential improprieties,” said the suit, filed in U.S. District Court for the District of Columbia under the U.S. Freedom of Information Act.

The battle between the government and Apple began a huge “debate about the extent of the government’s power to pry into digital communications.” One judge told “Apple to write new software for the FBI that would allow agents to bypass a security feature that would lock the phone after 10 incorrect attempts to guess its passcode.”

Apple refused to help and even told officials that our Founding Fathers “would be appalled” of their request. CEO Tim Cook said the demand from the judge is “an unprecedented step which threatens the security of our customers.”

But whoa! Somehow the FBI managed to crack the code all by themselves. As Kemberlee pointed out, maybe the agents “didn’t need to start a privacy flame war with one of the countries largest electronic purveyors after all.”

Turns out a “third party” went to the FBI to unlock the phone for the agents. Of course the government did not reveal any information on this party or what they found on the phone.

FBI Director James Comey has tried to alleviate fears by stating that whatever they did to the phone only “works on a narrow slice of phones.” He said it would “probably” only work on the iPhone 5C with iOS 9, which is what Farook had.

Uh huh. Yeah.

DONATE

Donations tax deductible
to the full extent allowed by law.

Comments

I can see it now…New York Times … May 1944… headlines.. “What is Operation Overload and How will it Change The Atlantic Wall? Press sues for details…”

General what is the thing the enemy could do that inflicts the most damage?

prob desoldered the nand and cloned it then brute forced a copy of the clone.
too many tries copy untouched clone again start from where left off

    And that technique has now been demonstrated as a proof-of-concept. It could work. Desoldering the flash chip from the rest of the phone and connecting it to cloned (close enough) hardware bypasses the memory-wiping security features, which allows easy brute-forcing of the passcode.

    Easy-peasy with a little know-how, and possible even without high-grade, sophisticated equipment.

      iirc the only “issue” would have been impossible to parallelize the process which would have saved a lot of time.
      but I may be remembering wrong.

The Justice Department fought with Apple for over a month, trying to convince the company to allow the government into Syed Farook’s iPhone after he and his wife Tashfeen Malik….

And Apple would have done this, had the DOJ just asked for that. Apple has a history and precedent of unlocking suspects’ devices on an individual basis — they’ve done it before — but…

Apple refused to help, saying it would risk privacy of other customers.

Because the DOJ was not asking Apple to unlock just Syed Farook’s iPhone. DOJ was asking for a software tool that would override the security features built into newer iOS devices. The demanded specs on the “tool” would, among other things, remove the memory-wipe feature triggered by too many wrong passcodes, allow investigators to attempt to unlock devices over-the-air (read: remotely), and would necessarily have Apple’s stamp of approval so that ANY iOS device would treat it as valid. Apple refused to build this “backdoor” tool.

Apple would have unlocked and provided a cloned copy of the memory of the one phone had DOJ asked for that. Apple mightn’t have needed to even go that far; as the owner of the device, San Bernardino County could have called Apple for assistance in unlocking the iPhone, reset the passcode, and then handed both to the FBI.

Instead, DOJ asked for backdoor access to all iOS devices, which by definition would compromise other customers’ security and privacy.

Sorry for the rant, but it bugs me when folks post on this issue and don’t have the story straight. It’s right up there with doing follow-ups on “Operation Fast & Furious” and continuing to call it a “botched gun sting” (hint: it wasn’t).

I am suprised the American Criminal Lobby Union is not part of this suit, as their constituency could benefit.

Remember, too, that there was nothing of interest discovered on the phone.

I question whether they did get the phone unlocked as they claimed, or if they merely found a face-saving way to bring an end to a ferocious storm that they hadn’t anticipated they would unleash. Because hubris.