FOX News and The Associated Press


http://i.imgur.com/9CnPq1L.jpg

A federal judge canceled a hearing Tuesday in the legal battle to force Apple to break into an encrypted iPhone used by one of the San Bernadino attackers, after federal officials said in a court filing they may have found another way to access the device.

In a filing late Monday, federal prosecutors said "an outside party" has come forward and shown the FBI a possible method for unlocking the phone used by one of the shooters in the Dec. 2 terror attack.

In a statement, U.S. Justice Department spokeswoman Melanie Newman said the government is "cautiously optimistic" that the possible method will work.

Newman added that the outside party demonstrated to the FBI this past weekend a possible method for unlocking the phone.

"We must first test this method to ensure that it doesn’t destroy the data on the phone, but we remain cautiously optimistic," she said. "That is why we asked the court to give us some time to explore this option."

If the method works, the government said in the filing "it should eliminate the need for the assistance from Apple."

Thom Mrozek, a spokesman for the U.S. Attorney's Office, said Magistrate Judge Sheri Pym on Monday granted the government's request to delay the hearing, which had been set for Tuesday.

Federal officials will update the court with a status report by April 5 as to whether it will proceed with the suit, a law enforcement official told Fox News.

The law enforcement official would not elaborate on who the third party is, or what the new method might entail.

Apple attorneys told reporters Monday night that the disclosure by the FBI is another interesting twist in what's been an interesting journey.

The company said that it doesn't know anything about the possible workaround that FBI says that it has found through a third party, adding that they do not want to assume that FBI "has anything" because it did not share specifics on this method with the company.

Despite this latest development, Apple's attorneys said that its position has not changed on the issue and that it stands ready to respond to the government if the case comes back, adding that the company feels strongly that it has the responsibility to protect customer data and privacy.

Apple's attorneys repeated that they do not know what the government may now be able to do given these latest developments, but added that if the government is indeed able to unlock Farook's iPhone, the case would then be moot given that Justice Department's basis for bringing this forward was that only Apple had the ability to assist DOJ in unlocking the iPhone.

Apple's attorneys added though that it would be premature to call this a legal victory for Apple given that they do not know what will come of this.

For more than a month, the government and Apple have waged a very public debate over whether breaking into one phone would jeopardize the security of all encrypted devices.

Prosecutors have argued that the phone used by Farook probably contains evidence of the Dec. 2 attack in which the county food inspector and his wife, Tashfeen Malik, slaughtered 14 at a holiday luncheon attended by many of his work colleagues. The two were killed in a police shootout hours later.

The FBI has said the couple was inspired by the Islamic State group. Investigators still are trying to piece together what happened and find out if there were collaborators.

The couple destroyed other phones they left behind and the FBI has been unable to circumvent the passcode needed to unlock the iPhone, which is owned by San Bernardino County and was given to Farook for his job.

Last month, Pym ordered Apple to create software that would disable security features on the phone, including one that erases all the information if a passcode is incorrectly entered more than 10 times. That would allow the FBI to electronically run possible combinations to open the phone without losing data.

Apple said the government was seeking "dangerous power" that exceeds the authority of the All Writs Act of 1789 it cited and violates the company's constitutional rights, harms the Apple brand and threatens the trust of its customers to protect their privacy. The 18th-century law has been used on other cases to require third parties to help law enforcement in investigations.

The company said the order is unreasonably burdensome. Once created, it would be asked to repeatedly design such software for use by authorities at home and abroad, and the technology could fall into the hands of hackers.

The government has countered that Apple could create the software for one phone, retain it during the process to protect itself, then destroy it. Apple has said that creating software is a form of speech and being forced to do so violates its First Amendment rights.

Both sides have mounted aggressive public relations campaigns to present their side and rhetoric at times has been charged.

Apple CEO Tim Cook ripped the government's "backdoor" approach, a term applied to hackers that has also been used to criticize the way the government eavesdrops on encrypted communications.

FBI Director James Comey rejected talk of seeking a "master key" and said his agency just wanted Apple to remove its "vicious guard dog" so it can pick the lock.

Law enforcement organizations have weighed in on the side of the Justice Department and called on Apple to help in the investigation. President Barack Obama has said he values privacy but criticized "fetishizing our phones above every other value" and said there had to be some way to get information from the devices.

Other technology heavyweights, such as Google, Facebook, Microsoft and Yahoo, along with civil liberties groups and privacy advocates, have supported one of the world's largest technology companies.

Victims and relatives of the San Bernardino attack have come down on both sides, with some urging Apple to help and others saying privacy concerns are paramount.

While the case gained immense attention, it wasn't the first time the government and Apple have clashed over access to iPhone data.

At the time of Pym's order, a magistrate judge in New York was weighing whether to force Apple to help the government gain access to data on the phone of a methamphetamine dealer. The phone in question, however, used an older operating system than the phone in the San Bernardino case. Apple already has a method to extract data from such phones and had done so at least 70 times for law enforcement.

The San Bernardino case raised the stakes in the fight because Apple says it was being asked to create a method to access the phone's data that does not exist.

Three weeks ago, the judge sided with Apple, saying prosecutors were stretching an old law "to produce impermissibly absurd results."

The government is appealing that order.

This whole story is ridiculous. I bet in less than an hour I could google how to hack an iphone and actually do it. :shakehead:

The data on the phone is encrypted, you only have 10 chances to get the 4 digit code right and if you don't, then the encryption key is erased from the phone and there is no way to decrypt the data after that.

The data on the phone is encrypted, you only have 10 chances to get the 4 digit code right and if you don't, then the encryption key is erased from the phone and there is no way to decrypt the data after that.

Crack it open and pull the memory and do a memory dump onto a desk top. :hand:

The data is useless without the encryption key :facepalm:

But if you do a memory dump you can bypass the unlock code and just work on the encryption with out worrying about being locked out

"an outside party has come forward "

http://wp.patheos.com.s3.amazonaws.com/blogs/christianpiatt/files/2012/01/nerd-1-300x222.jpg

According to Technology Review, it's not just the use of AES encryption that makes the iPhone such a formidable device to crack, but also because Apple's phones erase the most readily-accessible key every time it's powered off, and has a PIN-system that will wipe the phone after 10 incorrect attempts.


At the heart of Apple's security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future-even a quantum computer-would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.

Apple did not respond to requests for comment on this story. But the AES key in each iPad or iPhone "is unique to each device and is not recorded by Apple or any of its suppliers," the company said in a security-related white paper. "Burning these keys into the silicon prevents them from being tampered with or bypassed, and guarantees that they can be access only by the AES engine."

Thus, as Technology Review goes on to explain, investigators are left with few other options besides trying every possible AES key permutation, which given its 256-bits of security, is not something us mere mortals can conquer. Yes there is a copy of the key deep in the memory, but it requires the PIN. If the auto-wipe is turned on, retrieving the encrypted phone data really becomes mission impossible, Even if there's just a eight-digit pin in effect, retrieving the data would take 15 years.

http://gizmodo.com/5934234/ios-encryption-is-so-good-not-even-the-nsa-can-hack-it

:-k OK so it may take me longer than an hour. 8-[

:facepalm:

:dance:

McAfee explained how to crack it already.

McAfee explained how to crack it already.


Crack it open and pull the memory and do a memory dump onto a desk top. :hand:

he basically said to do ^ that

he basically said to do ^ that

:dance:

he basically said to do ^ that

And without the encryption key, it's a jumbled and useless mess of unintelligible data

And without the encryption key, it's a jumbled and useless mess of unintelligible data

Which can be deciphered by cryptanalysts... and we have plenty of those.

Which can be deciphered by cryptanalysts... and we have plenty of those.


...Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future-even a quantum computer-would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.

:-s

Do you buy everything everybody sells you? I own acres of prime beach front real estate on Mars, I'll sell it to you for pennies on the dollar. There is no such thing as unbreakable code, Lance. All it takes is time and patience.

:-k

Funny. If there was some kind of code that was unbreakable, then the encryption industry wouldn't need to exist anymore. Yet they still do...

It has nothing to do with you or me. It doesn't matter if you or I know how to do it, for people with that particular skill set, it can be done. If it couldn't, then a whole mess of cryptanalysts are wasting their own and everybody else's time. And that's the real issue: time. The problem of decrypting isn't whether or not it can be done, it's how fast it can be done. There's a time value as to whether the information gained from the decryption will still be useful after the time it took to decrypt the code. If you're dealing with a small window of time, say hours, days, or even weeks, where the information gained from a decryption will still be useful to whoever's trying to obtain it, then decrypting the code in six or more months isn't gonna do you a whole helluva lot of good, now is it?

There will never be an unbreakable code, there will never be an unhackable system. These things exist only as long as it takes somebody with enough knowledge, time, and motivation to actually crack these things. That's why the digital security industry still exists. If there was truly unhackable systems and unbreakable code, then a whole mess of people's skill sets would become obsolete and they'd be looking for new careers.

And without the encryption key, it's a jumbled and useless mess of unintelligible data

You're misunderstanding how easy it is to crack a phones encryption.

You're not trying to crack the AES passkey, you don't have to do that, and it's way too much work.

What you're doing is copying the phones memory and instruction set from the phone hardware, and putting it on your desktop. With this you run a disassembler on the instruction set alone. This turns the instruction set into readable code. Again, you're not looking for the AES passkey, you're looking for the phones passkey. That 4 to 6 digit combination you have to set to lock your phone. It's stored in plain text. Not encrypted.

With that, you put the phone back together, and just unlock it with the correct "phone" passkey, which then automatically decrypts the AES encryption.

Now, with all that being said, apple knew this was possible, and corrected it with iOS7. Remember the thread with all the people bitching about bricked phones because of hardware changes? That was apples solution to this. On iOS7, you can no longer take the phone apart, and put it back together and unlock it.

But iOS7 came out AFTER the terrorist shooting. So the phone the FBI has is still very much crackable, and can be done in about an hour.

Yet it seems it can't be done in an hour as they've yet it do it :lol:

Yet it seems it can't be done in an hour as they've yet it do it :lol:

Maybe something to do with daylight savings time :think:

Maybe they just have superglue on their finger get rid of that and they'd be in

http://i.imgur.com/hGoDWdw.png

Meet the security company that is helping Federal Bureau of Investigation (FBI) in unlocking San Bernardino shooters’ iPhone:

The Israeli mobile forensics firm Cellebrite.

Yes, Cellebrite – the provider of mobile forensic software from Israel – is helping the FBI in its attempt to unlock iPhone 5C that belonged to San Bernardino shooter, Syed Rizwan Farook, the Israeli YNetNews reported on Wednesday.

The company's website claims that its service allows investigators to unlock Apple devices running iOS 8.x "in a forensically sound manner and without any hardware intervention or risk of device wipe."

If Cellebrite succeeds in unlocking Farook’s iPhone, the FBI will no longer need Apple to create a backdoored version of its iOS operating system that could let it access data on Farook's locked iPhone 5C.

Apple is engaged in a legal encryption battle with the US Department of Justice (DoJ) over a court order that forces the company to write new software, which could disable passcode protection on Farook's iPhone 5C.

However, Apple is evident on its part, saying that the FBI wants the company to create effectively the "software equivalent of cancer" that would likely open up all iPhones to malicious hackers.

FBI Committed $15,278 "action obligation" with Cellebrite

The revelation comes just two days after the DoJ suspended the proceedings at least until next month. The FBI told a federal judge Monday that it need some time to test a possible method for unlocking the shooter's iPhone for which they have hired an "outside party".

According to public records, the same day the Feds committed to a $15,278 "action obligation" – the lowest amount the government has agreed to pay – with Cellebrite.

Many details of the contract are not yet available, and neither the FBI nor Cellebrite has officially commented on their contract publicly.

Founded in 1999, Cellebrite provides digital forensics tools and software for mobile phones. One of its main products is the Universal Forensic Extraction Device (UFED) that claims to help investigators extract all data and passwords from mobile phones.

For the company's hand on iOS devices, you can watch the 2015 YouTube video (above), demonstrating one of Cellebrite's products that unlocked the device in several hours.

Now the question is:

If the FBI found its iPhone backdoor that has the potential to affect hundreds of millions of Apple users…


Watch Video: Here’s What Cellebrite Can Do

<iframe width="728" height="440" src="https://www.youtube.com/embed/AUgmnYChT48" frameborder="0" allowfullscreen></iframe>