Cybersecurity

Current Events Breakdown: To unlock a terrorist’s iPhone, the FBI turned to an obscure company in Australia; a technique called an “Exploit Chain” was used.

So there’s quite a juicy, drama-filled story in the Washington Post that could be a Hollywood plot line about Apple, the FBI, a terrorist’s iPhone, and HACKERS!!!

Azimuth Security, a publicity-shy company that says it sells its cyber wares only to democratic governments, secretly crafted the solution the FBI used to gain access to the device, according to several people familiar with the matter. The iPhone was used by one of two shooters whose December 2015 attack left more than a dozen people dead.

So, yeah Azimuth is a hacking firm for the better good you can say.

Azimuth is a poster child for “white hat” hacking, experts say, which is good-guy cybersecurity research that aims to disclose flaws and disavows authoritarian governments.

The story is such a great read! But the way this hacking firm went about cracking the iPhone in question will surely raise curiosity and interest among many. Present company included. So let’s see what happened.

There are a lot of issues that surround this case with lots of implications.

For their part, the FBI seems to believe that Apple should help in any way:

Months of effort to find a way to unlock the phone were unsuccessful. But Justice Department and FBI leaders, including Director James B. Comey, believed Apple could help and should be legally compelled to try. And Justice Department officials felt this case — in which a dead terrorist’s phone might have clues to prevent another attack — provided the most compelling grounds to date to win a favorable court precedent.

In February 2016, the Justice Department obtained a court order directing Apple to write software to bypass the security feature. Apple said it would fight the order. Its argument: the government was seeking to force the company to break its own security, which could pose a threat to customer privacy.

“The U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create,” Apple CEO Tim Cook wrote in a statement at the time. “The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”

Clearly there’s a lot here to unpack and think about from both sides.

However, this is where Azimuth comes into play…and where things get really interesting.

According to the article, a technique called an “exploit chain” was used.

All sophisticated software contains “bugs” or flaws that cause computer programs to act in unexpected ways. Not all bugs are significant, and on their own they don’t pose a securityrisk. But hackers can seek to take advantage of certain bugs by writing programs called exploits. Sometimes they combine a series into an “exploit chain” that can knock down the defenses of a device like the iPhone one-by-one.

Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called “the Mozart of exploit design,” had found one in open-source code from Mozilla that Apple used to permit accessories to be plugged into an iPhone’s lightning port, according to the person. He found it even before Farook and his wife opened fire at the Inland Regional Center, and thought it might be useful at some point to develop into a hacking tool. But Azimuth was busy at the time with other projects.

Mozilla spokeswoman Ellen Canale said the company has no knowledge of any bug that was connected to the exploit.

Two months after the attack, Comey testified to Congress that investigators were still unable to unlock the terrorist’s iPhone. Seeing the media reports, Dowd realized he might have a way to help. Around that time, the FBI contacted him in Sydney. He turned to 30-year-old Wang, who specialized in exploits on iOS, the people said.

Using the flaw Dowd found, Wang, based in Portland, Ore., created an exploit that enabled initial access to the phone — a foot in the door. Then he hitched it to another exploit that permitted greater maneuverability, according to the people. And then he linked that to a final exploit that another Azimuth researcher had already created for iPhones, giving him full control over the phone’s core processor — the brains of the device. From there, he wrote software that rapidly tried all combinations of the passcode, bypassing other features, such as the one that erased data after 10 incorrect tries.

Wang and Dowd tested the solution on about a dozen iPhone 5Cs, including some bought on eBay, the people said. It worked. Wang dubbed the exploit chain “Condor.”

The article goes on about the fight between Apple, the FBI and the hackers, and is a well worth the read!

To unlock a terrorist’s iPhone, the FBI turned to an obscure company in Australia [Washington Post]

Leave a Reply

Your email address will not be published. Required fields are marked *