Wednesday 20 April 2016

We may never know how the FBI unlocked the shooter’s iPhone

We know now that the FBI was able to gain access to an iPhone 5C belonging to the San Bernardino shooter thanks to an outside security firm. What we don’t know is how it was done or even who did it. We may never know, thanks to the nature of the agreement between the FBI and the unnamed firm.

The government has what is known as the Vulnerabilities Equities Process, which is used to evaluate whether security flaws known by the government should be disclosed so they can be fixed. In this case, the exploit used to bypass the PIN lock on the shooter’s iPhone 5C is considered proprietary information by the company. Meaning, it’s not a publicly available exploit. It was either discovered by the firm, or more likely purchased from whoever uncovered it in the first place.

Having exclusive knowledge of an exploit allows a company to build a tool for bypassing security features, a hot commodity in law enforcement. These undisclosed exploits can sell for thousands, or even millions of dollars. For its part, the FBI probably couldn’t disclose the specifics of the hack even if it was permitted — it doesn’t know anything about the process.

Apple has said it would be interested in fixing the exploit, but it’s unlikely it affects newer iOS devices with hardware security features. The FBI isn’t likely to do Apple any favors even if it did have specifics. After getting a court order compelling Apple to assist with unlocking the phone, the company decided to fight it out in the courts. Virtually all tech firms rallied behind Apple, and the FBI eventually dropped the case and sought outside help. And the end result?Nothing significant has been found on the iPhone.

Digital and cellular forensics is much more than you may think. It requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations. The forensic experts at DLA will follow the electronic trail to find the evidence that you need.

No comments:

Post a Comment