Earlier this year, the FBI and Apple were in a heated battle over the security of an iPhone. The FBI had recovered an iPhone 5C from one of the San Bernardino shooters who killed 14 people on December 2, 2015, and had ties to terrorist groups. However, the FBI couldn't see what was on it due to the built-in security.
When the FBI asked Apple to weaken security on the iPhone, Apple refused and a legal battle ensued. The FBI ended up dropping the case after using a "tool" from a third party that unlocked the data from the iPhone. Now, a researcher has found an easier way to bypass iPhone passcode security.
Dr. Sergei Skorobogatov, a University of Cambridge computer scientist, says he's discovered a way to bypass the pin codes of an iPhone 5C. He was able to clone the phone's memory chips, which allows for an unlimited number of attempts at cracking a passcode.
Dr. Skorobogatov removed the main memory storage system of an iPhone 5C called the Nand chip. Then he cloned the chip after learning how the phone communicates with the memory system. He then put the Nand chip on an external board so it would be easier to remove or plug-in copied versions of the chip.
If there are too many attempts at guessing the passcode with the original Nand chip, the phone will lock. Skorobogatov was able to keep guessing different codes by using a cloned chip with the pin attempt counter set at zero. Skorobogatov says it takes about 40 hours of work to crack a four-digit passcode, while a six-digit code could take hundreds of hours.
Dr. Skorobogatov has not tried this technique on more recent models of the iPhone. He said he needs more information on how Apple stores data on the newer phones. Different storage techniques could make it more difficult to copy and analyze.