- Tram Ho
To investigate the shooting that killed 14 people in San Bernardino in 2015, the FBI wanted to unlock a terrorist’s iPhone, but Apple refused and dragged on a legal battle around this request. The lawsuit ended only after a mysterious company helped the FBI unlock this iPhone without Apple’s help. At the time, suspicions were drawn on a prominent Israeli company, Cellebrite, which frequently helped unlock encryption devices.
But recently reports from the Washington Post and Motherboard said, it turns out that a little-known Australian company is behind this achievement. It is Azimuth Security, with its Sydney office, which claims on its website that it is dedicated to providing the “best in the industry” technical services to its customers. And they have proved their promise.
The terrorist’s iPhone 5C and the incident were a headache for the FBI for a while
With iOS 9 on the suspect’s iPhone, the device will automatically wipe data after several wrong guesses, but according to the Washington Post, Azimuth technicians have found a way to avoid it. This security layer to guess the device password as many times as you want without erasing data.
One of Azimuth’s employees, David Wang, found a way to exploit a vulnerability in Mozilla’s software module used by Apple to license Lightning-connected accessories on iPhone. Through this vulnerability, combined with another exploited one, Azimuth employees gained control of the CPU in the iPhone so that they could overwrite the software to allow multiple password tests without needing. deleted data.
This chain of attack and exploit software was named “Condor” by these hackers. To ensure the reliability of this method, Azimuth employees also had to order dozens of iPhone 5C – similar to the type the terrorist uses – for testing before proceeding on the terrorist’s phone.
Helping the FBI unlock the terrorist’s iPhone earned Azimuth a $ 900,000 bonus.
However, unlocking this iPhone doesn’t do much for the investigation. The FBI had hoped that the iPhone would contain information about the gunmen’s relationship with foreign terrorists, but it turned out that nothing was found.
Interestingly, Apple later sought to recruit David Wang, one of the main contributors to the aforementioned iPhone unlocking effort. Wang refused, however, and in 2017 he co-founded Corellium, a company that develops “virtual iPhones” that enable security researchers to test their software on iOS without having to. buying a new device – going head-to-head with Apple again.
In 2019, Apple sued Corellium for piracy. It was in this lawsuit that Apple disclosed information about Wang and Azimuth helping the FBI with jailbreaking the said iPhone. Last December, a judge sided with Corellium with the ruling that their products do not infringe Apple’s copyrights because they only help find security flaws, not affecting iPhone sales.
However, Apple has not let Corellium go by accusing its tools of illegally bypassing the Apple ‘s security practices. This lawsuit will be tried this summer.
See The Verge, Washington Post
Source : Genk