The FBI explained to congress that the hack it performed on the San Bernardino shooter’s iPhone couldn’t have been done if it was not for Apple’s help.
However the claims have been refuted by a researcher from Cambridge University, Sergei Skorobogatov. He said all they needed were simple parts that they could obtain from any electronics shop.
Trail Bits, an electronics security firm stated that hacking the iPhone is possible by replacing its firmware with a chip that allows you to try multiple password entries at once without getting blocked.
This would allow you to try as many passwords as necessary until you get the right one. This would take you a day if the password has 4 digits, or a week if it has 6 digits.
Despite what the government said about the NAND mirroring for iPhone 5c, the method has been shown to work.
But that does not mean this is something any lay person can pull off. Brute-forcing a password with special tools that try all the possible codes is quite easy. However, the iPhone blocks anything beyond the fourth attempt. If you try up to ten times, the phone gets wiped.
The FBI has said that the method proposed by Trail Bits is not practical. However Skorobogatov has shown that is can work. The only difficult part of the procedure is removing the NAND.
You will need a thin blade knife, and to make the epoxy that holds the chip loose, the temperature has to be around 300 degrees Celsius. You would also have to be careful to not destroy the chip permanently.
Skorobogatov proceeded to create a copy of the NAND in its virgin state and put it on a test board. Upon attempting to unlock it 6 times, the NAND is restored to its original state using the copy stored on the test board.
In this way, six password can be tried in 90 seconds. This translates to 40 hours for you to attempt all the possible password which are 1667 in total.
The news has to some extent confirmed what was claimed by critics of the FBI, that the bureau, in its attempt to legally coerce Apple into hacking their encryption, was only trying to set a legal precedence that would allow them to make other corporations do the same in similar cases in the future.
The FBI only dropped its pursuit after much outcry from the public and different organizations.
