Wednesday, March 23, 2016

Israel’s Cellebrite reportedly the security company helping FBI unlock San Bernardino iPhone



Israeili YNetNews reports that the so-far unnamed “third party” which has offered to help the FBI try to break into the San Bernardino iPhone is Cellebrite, a mobile forensics company based in Israel.

The FBI has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist’s locked iPhone, according to experts in the field familiar with the case. Cellebrite has not responded to the report. But if it is indeed the “third party” in question, and it is able to break into the terrorist’s iPhone, it would bring the high-stakes legal showdown between the government and Apple to an abrupt end. Cellebrite, considered one of the leading companies in the world in the field of digital forensics, has been working with the world’s biggest intelligence, defense and law enforcement authorities for many years. The company provides the FBI with decryption technology as part of a contract signed with the bureau in 2013.

Cellebrite declined to comment officially, and no information was given as to the method the company plans to use. One unlikely source claims to know …

“I promise you that [Apple CEO] Tim Cook and Apple are not going to be happy with the solution that the FBI has come up with,” McAfee, the controversial technology executive, told CNBC’s Power Lunch. “Because it is almost as bad as a universal master key.”

Not that there’s any reason to believe the man who previously suggested he was going to use “social engineering” when the phone’s owner has been unable to access it and the employee who used it is dead. Indeed, there are plenty of reasons not to.

There’s the small matter of the fact that the FBI hasn’t come up with anything – it has been approached by an outside company. McAfee also suggests that the technique is a relatively easy one. If that were the case, it would have been something that could have been tried without delaying the hearing. Finally, he has given no clue at all what the method is. If he knew it, you’d expect him to at least describe it at at outline level.

Edward Snowden has described two possible methods that could be used, both complex and high-risk. The first is to use chip decapping to physically reveal the passcode. A lower-risk method would be to desolder the flash memory and reset the counter between attempts by copying the original data back to it.

In the Congressional hearing, Cybersecurity professor Susan Landau strongly hinted that the NSA may also have the capacity to break into the phone using techniques unknown to the FBI.

The court hearing originally intended to hear arguments from both sides has been put on hold for now.

1 comment:

  1. The company said Wednesday that it now believes the attacker in that breach, Sydney Security Company

    ReplyDelete