An Israeli company helped the FBI in unlocking the iPhone used by one of the San Bernardino, California shooters, according to reports.
Israel's
Cellebrite, is a provider of mobile forensic software that says it does
business with thousands of law enforcement and intelligence agencies,
militaries and governments in more than 90 countries.
An official source told NBC News that the company had helped. Neither the FBI nor Cellebrite has confirmed the reports.
The
FBI hacked into the iPhone used by gunman Syed Farook, who died with
his wife in a gun battle with police after they killed 14 people in
December in San Bernardino.
The iPhone, issued to Farook by his employer, the county health department, was found in a vehicle the day after the shooting.
An Israeli company may have helped the
FBI in unlocking the iPhone used by one of the San Bernardino,
California shooters. Syed Farook and his wife (both pictured) died in a
gun battle with police after killing 14 people and injuring 22 in
California, in December
The FBI is reviewing information from the iPhone, and it is unclear whether anything useful can be found.
A
great deal of speculation centers on Cellebrite — an Israel-based
forensics firm that says it does business with thousands of law
enforcement and intelligence agencies, militaries and governments in
more than 90 countries — though it remains one of several possible
candidates.
A company spokesman declined to comment last week.
Cellebrite,
founded in 1999, is a subsidiary of Japan's Sun Cor and has had
contracts with the FBI dating back to at least 2013.
The
firm makes devices that allow law enforcement to extract and decode
data such as contacts, pictures and text messages from more than 15,000
kinds of smartphones and other mobile devices.
It
also makes commercial products that companies can use to help their
customers transfer data from old phones to new ones. Apple even uses
Cellebrite devices in some of its stores.
Suncorp's shares have more than doubled in the six weeks since Apple published its letter refusing to help the FBI, reports Fortune.
The
FBI's announcement is a public setback for Apple, as consumers suddenly
discover they can't keep their most personal information safe and Apple
remains in the dark about how to restore the security of its flagship
product.
Apple
software engineers — and outside experts — are puzzled about how the
FBI broke the digital locks on the phone without Apple's help. It also
complicated Apple's job repairing flaws that jeopardize its software.
A court filing stated the government
had 'successfully accessed the data stored on Farook's iPhone' without
Apple's help but did not elaborate on how or what information it managed
to recover
The
Justice Department's announcement that it was dropping a legal fight to
compel Apple to help it access the phone also took away any obvious
legal avenues Apple might have used to learn how the FBI did it.
Magistrate Judge Sheri Pym vacated her February 16 order, which compelled Apple to help the FBI hack their phone, on Tuesday.
The Justice Department declined through a spokeswoman to comment Tuesday.
A
few clues have emerged. A senior law enforcement official told The
Associated Press that the FBI managed to defeat an Apple security
feature that threatened to delete the phone's contents if the FBI failed
to enter the correct passcode combination after 10 tries.
That
allowed the government to repeatedly and continuously test passcodes in
what's known as a brute-force attack until the right code is entered
and the phone is unlocked.
It
wasn't clear how the FBI dealt with a related Apple security feature
that introduces increasing time delays between guesses. The official
spoke on condition of anonymity because this person was not authorized
to discuss the technique publicly.
FBI Director James Comey has said with those features removed, the FBI could break into the phone in 26 minutes.
Apple
said in a statement Monday that the legal case to force its cooperation
'should never have been brought,' and it promised to increase the
security of its products.
CEO Tim Cook has said the Cupertino-based company is constantly trying to improve security for its users.
The
FBI's announcement — even without revealing precise details — that it
had hacked the iPhone was at odds with the government's firm
recommendations for nearly two decades that security researchers always
work cooperatively and confidentially with software manufacturers before
revealing that a product might be susceptible to hackers.
The
aim is to ensure that American consumers stay as safe online as
possible and prevent premature disclosures that might damage a U.S.
company or the economy.
In a stunning reversal last week, federal
prosecutors asked a judge to halt a much-anticipated hearing on their
efforts to force Apple to unlock the phone, saying an 'outside party'
had stepped forward to help
As far
back as 2002, the Homeland Security Department ran a working group that
included leading industry technology industry executives to advise the
president on how to keep confidential discoveries by independent
researchers that a company's software could be hacked until it was
already fixed.
Even
now, the Commerce Department has been trying to fine-tune those rules.
The next meeting of a conference on the subject is April 8 in Chicago
and it's unclear how the FBI's behavior in the current case might
influence the government's fragile relationship with technology
companies or researchers.
The
industry's rules are not legally binding, but the government's top
intelligence agency said in 2014 that such vulnerabilities should be
reported to companies.
'When
federal agencies discover a new vulnerability in commercial and open
source software — a so-called 'zero day' vulnerability because the
developers of the vulnerable software have had zero days to fix it — it
is in the national interest to responsibly disclose the vulnerability
rather than to hold it for an investigative or intelligence purpose,'
the Office of the Director of National Intelligence said in a statement
in April 2014.
The
statement recommended generally divulging such flaws to manufacturers
'unless there is a clear national security or law enforcement need.'
No comments:
Post a Comment