Skip to main content

Security expert implores FBI to share iPhone 5c hacking tool with Apple

Foremost iOS digital forensics expert, Jonathan Zdziarski, has written and posted an open letter to FBI Director James Comey, explaining why he thinks it is a mistake to keep secret the tool used to hack the San Bernardino terrorist's iPhone.

On March 21, the day Apple unveiled the iPhone SE and Tim Cook stood on stage talking about how he "didn't expect to be in this position," the FBI acknowledged that it had found a way into Syed Farook's iPhone 5c. Zdziarski notes that keeping the tool a secret from Apple — even though Comey said it wasn't capable of cracking into newer versions of the iPhone — is a mistake. He writes:

I am glad that you were able to find a private company to provide material assistance, rather than the alternative – Apple being compelled to redesign their operating system. I do understand, however, that this issue is likely to be raised again with Apple.[Keeping] an exploit secret is not possible, no matter how good an agency or corporation may be at keeping secrets – because an exploit is merely a dotted line on a blueprint. The same is true of the software the FBI was trying to compel Apple to create. The FBI argued that Apple could contain such a technology, using a digital leash, however it is the mere existence of a vulnerable design (and subsequent software mechanisms to disable security), and not the leash, that pose the greatest technological risk.

He says that Apple knew its phones were vulnerable to tools such as the one used to get into the iPhone 5c, which is why, with the iPhone 5s, it introduced a Secure Enclave:

To use a less technical analogy, consider a home alarm system. There is no question that many savvy thieves know how to disable one of these, and all of them know to attack the alarm box: the central security mechanism. A key protects this box; much like Apple's code signing protects code execution. As you can imagine, picking Apple's code signing has historically been as easy as picking the lock on this alarm box, and the FBI's new exploit is likely just one more proof of that. What the tool doesn't have, however, and why the tool doesn't work on newer devices, is a conduit into the alarm box on newer devices (the Secure Enclave) to disable the security inside of it. Apple's alarm box is buried under six feet of concrete, to prevent the common thief from being able to simply shut the alarm off.

He concludes that it is important to share this information with Apple itself:

Given that it's only a matter of time before a criminal finds the blueprint to this vulnerability, I urge you to consider briefing Apple of the tool and techniques used to access Syed Farook's device.

Daniel Bader is a Senior Editor at iMore, offering his Canadian analysis on Apple and its awesome products. In addition to writing and producing, Daniel regularly appears on Canadian networks CBC and CTV as a technology analyst.

8 Comments
  • They are going to keep a usable hack into Apple, even though they shouldn't. But as with everything it won't stay a secret for very long. They will have disclose it in court, or on some documents. Or someone with let it slip out of the FBI control through media, social media, or by disclosing on legate or none legate website. Sent from the iMore App
  • Don't forget, if Cellebrite actually sold the method to the FBI, they could also be compelled to reveal the technique to the courts or even the highest bidder. They're only a small Israeli company after all.
  • Based on what rule of evidence will they be compelled to disclose the method they used?
  • Apple didn't play ball with them, so they probably aren't going to play ball with Apple. It's human nature. They also don't likely care if a criminal gets hold of the exploit so long as they can keep using it as needed. The government's concerns are not Apple's, just as Apple's are not theirs (or ours, necessarily). I'm not seeing much of a compelling reason for the FBI to share here, though it sounds like they are indeed considering it.
  • Wrong. The FBI has a legal and moral duty to protect public. Keeping a known security flaw that could affect millions of phones and their owners is not legal, especially since the FBI knows there is nothing even on that iPhone. To me it's more like public health issue that the CDC keeps secret from doctors and the public.
  • "Wrong. The FBI has a legal and moral duty to protect public." Sounds like what the FBI was saying about Apple.
  • Last week the FBI were offering to hack into an iPhone 6 in Arkansas. Now that there is pressure on them to reveal their method and the fact that they were galavanting around offering to hack into iPhones when it was only supposed to be about one phone, they are now changing their stance and saying that it doesn't work on newer phones and only works on phones up to the 5S. Yet last week they were offering to hack into an iPhone 6. Do they think we are stupid. Sent from the iMore App
  • Encourage all companies to improve device security. The government, who cannot secure its own house, now constantly trying to undermine security to subject us all to hackers. Open this door and it is open to all hackers as well as foreign governments.