CyberManipal.

Tech news from MIST

FBI reveals how they got access to San Bernardino’s iPhone

Vulnerabilities
@AyushVatsa

Ayush Vatsa

April 13, 2021

In 2015, following the shooting of San Bernardino, his iPhone was found and the FBI believed it may have some crucial details of their interest. When they couldn’t break into the phone, they turned to Apple for help which Apple refused. Apple said the FBI wanted a backdoor tool which will give access to every iPhone on the planet, which Apple said was seriously against their privacy policy. FBI went to court claiming that it is necessary to get access of that phone and the agency has no plans to open other iPhones, but later investigation revealed there were thousands of iPhones waiting to be opened by the backdoor asked by the FBI. Apple won the case without having to unlock the iPhone, but soon the FBI said they gained access to the phone which led to a petition by Apple as they wanted to know what method they used. This time the court ruled in favor of FBI stating that they don’t need to share how they got access. It was revealed in April 2021 that the FBI hired Australia based company Azimuth Security to gain access to the iPhone. The hacking was mainly done by two engineers at Azimuth Security who exploited a vulnerability in an upstream software module written by Mozilla. That code was reportedly used by Apple in iPhones to enable the use of accessories with the Lightning port. After gaining access, they chained two more exploits to gain the full access over the processor which allowed them to disable the “erase data” feature and brute force the password. The exploit chain, from Lightning port to processor control, was named Condor. Mozilla reportedly fixed the bug in an update just after 2-4 months of this incident, leaving this method unusable.

Abridged fromThe Verge

Click here to see the original post

Share this article