Monday, February 22, 2016

"How the FBI Could Use Acid and Lasers to Access Data Stored on Seized iPhone"

Following up on....geez, I don't really know any more.
Let's go with Following up on First large-scale study links stock market volatility to mental disorders.

From ars technica:
A key justification for last week's court order compelling Apple to provide software the FBI can use to crack an iPhone belonging to one of the San Bernardino shooters is that there's no other way for government investigators to extract potentially crucial evidence from the device.

Technically speaking, there are ways for people to physically pry the data out of the seized iPhone, but the cost and expertise required and the failure rate are so great that the techniques aren't practical.
In an article published Sunday, ABC News lays out two of the best-known techniques. The first one is known as decapping. It involves removing the phone’s memory chip and dissecting some of its innards so investigators can read data stored in its circuitry.

With the help of Andrew Zonenberg, a researcher with security firm IOActive, here's how ABC News described the process:
In the simplest terms, Zonenberg said the idea is to take the chip from the iPhone, use a strong acid to remove the chip’s encapsulation, and then physically, very carefully drill down into the chip itself using a focused ion beam. Assuming that the hacker has already poured months and tens of thousands of dollars into research and development to know ahead of time exactly where to look on the chip for the target data -- in this case the iPhone's unique ID (UID) -- the hacker would, micron by micron, attempt to expose the portion of the chip containing exactly that data.
The hacker would then place infinitesimally small "probes" at the target spot on the chip and read out, literally bit by bit, the UID data. The same process would then be used to extract data for the algorithm that the phone normally uses to "tangle" the UID and the user's passkey to create the key that actually unlocks the phone.
From there the hacker would load the UID, the algorithm and some of the iPhone's encrypted data onto a supercomputer and let it "brute force" attack the missing user passkey by simply trying all possible combinations until one decrypts the iPhone data. Since the guessing is being done outside the iPhone's operating system, there's no 10-try limit or self-destruct mechanism that would otherwise wipe the phone.
But that’s if everything goes exactly right. If at any point there's even a slight accident in the de-capping or attack process, the chip could be destroyed and all access to the phone's memory lost forever....MORE