A security researcher has called into question the Obama administration’s argument that a proposed method for accessing the iPhone of San Bernardino shooter Syed Farook wouldn’t work.
A federal judge last week postponed a hearing in the court battle between Apple and the government over access to the phone after the Justice Department announced that a third party had presented it with a possible way to unlock the device. If the method succeeds, the government won’t need Apple to write custom code disabling security features on the device, including its auto-erase mechanism, to let the FBI flood it with password guesses.
The newly discovered technique remains a secret, but security experts have speculated that it involves a process called “NAND mirroring.” This involves copying the phone’s flash memory chip so that investigators can replicate it every time they guess the password wrong 10 times and the phone erases itself.
FBI Director James Comey said at a press conference last week that NAND mirroring “doesn’t work,” but iPhone forensics expert Jonathan Zdziarski has published a proof-of-concept blog post and a video showing it in action.
https://www.youtube.com/watch?v=3xHm5lktvog
The FBI did not respond to an email asking about Comey’s remarks. Mark Raimondi, a Justice Department spokesman, declined to comment.
Update 12:05pm CT, March 28: Updated to reflect DOJ response.
H/T TechDirt | Photo via Ruiwen Chua / Flickr (CC by 2.0) | Remix by Max Fleishman