SEE THE FIVE LIKELY WAYS WHICH THE FBI USED TO HACK THE IPHONE?

SPKB reported recently on the breakthrough hack of the the iPhone 5C which belonged to the late San Bernadino terrorist Sayed Farouk  after a protracted legal showdown with Apple corporation.

Although this feat of the FBI has been shrouded in secrecy and covertness, we bring to you these 5 suggested Hack methods by which the FBI may have performed the magic according to 9 different Computer forensic experts who gave audience to IEEE correspondents.




Photo: Chip Somodevilla/Getty Images


1.  THE EASY WAY 

 It is the most straightforward and common of other ways. It involves exploiting a loophole in the iOS 9 software.

Experts including Robert Cunningham, chair of the IEEE Cybersecurity Initiative, and Dudu Mimran, chief technology officer for the Telekom Innovation Laboratories at Ben-Gurion University in Israel, believe this is the most likely approach used by the FBI.

In hacking, a security hole also known as a zero-day could be used to take advantage of the entire software and sneak in attacks to dislodge the entire security apparatus of the system. A bug can then be introduced through text messages or the USB port through a laptop.

As to what kind of zero-day was exploited, the experts are not clear but are highly positive that such a hole could have existed. It is worthy of note that last year, a cyber security firm Zerodium paid a $1 million bounty to a team that exposed a hole in iOS 9. Mimram concluded this assertion by noting that  “There is no software that is considered bulletproof.”

2. TRICK THE OS

Hackers may have circumvented the iPhone’s passcode protection by hijacking operations between the A6 Chip and the non-volatile memory. Let me elucidate briefly on the iPhone 5C's internal architecture.
Inside the iPhone 5C is an A6 chip that features both processors and RAM, which work together to achieve faster speeds than those that were available in previous models. In order to keep track of passcode attempts, this “system on a chip” also communicates with non-volatile memory stored elsewhere, such as in flash memory.

If the line of communication that physically carries the password attempt and recovery instructions is tampered with, A knowledgeable hacker could use this line to re-route Apple’s software, which typically receives marching orders from both the phone’s flash and RAM, to an external device says Ran Canetti, a computer scientist at Tel Aviv University and head of the school’s Check Point Institute of Information Security.

Since that model of iPhone allows only few password tries and an optional feature that wipes off data off the iPhone if a foul play is suggested, “They can basically reset the place where it says, ‘Now you've tried nine times (assuming the maximum number of tries is 10),’” Canetti says. “When the phone asks, ‘How many times have you tried?’ they say—‘No, we’ve only tried one time.’”

After reconfiguring the Phone's brain, the traditional "brute force" attack can now be used to suggest passcode combinations. Fortunately enough the phone used a 4 numerical digit combination which has only about 10,000 possible combinations. Available softwares can factor this combination in a few minutes

3. RESET (and RESET and RESET) THE MEMORY

One of the most popular theories among crypto-experts, including Gary McGraw, chief technology officer at the software security consulting firm Cigital, is that the FBI hacked the iPhone through a tactic called NAND mirroring. NAND is a form of flash technology used in memory chips for high-capacity and long-term storage.

Within an iPhone, NAND is thought to play a role in erasing a digital key required to unlock an iPhone’s memory after logging 10 failed password attempts. But if someone knows how to circumvent or reset the tally after each attempt, they could help themselves to unlimited tries.

One way to manually do that might be to remove the memory chip that NAND protects and make a digital copy of it. Once the copy is made, a hacker could test out combinations and simply reload the memory back onto the original chip before the 10-attempt limit is reached. iPhone forensics expert Jonathan Zdziarski has said this strategy is a lot like hitting “save” on a video game. If you die (or, in this case, lose your data) you simply go back and pick up where you left off.

4. TEAR EVERYTHING APART

This method sounds funny but in reality, a hacker may go beyond software attacks and come all out to the physical hacking of a device to bypass tamper proof features.

An iPhone’s memory chips are shrouded in layers of both physical and digital protections to block hackers. To uncover its secrets, hackers must sometimes mount a physical attack.
This tedious procedure involves the following :
  • heating up the device in order to detach a memory chip.
  • using acid to remove the surface layers of the chip in an act known as “decapping.” 
  • That could be followed up with some precision work with a tiny laser drill for reaching sections of the chip the hacker wants to more closely examine. 
The main aim would be just to get the Unique ID (a unique key) of the phone according to Professor Ari Juels who is a professor in the Cornell Tech Security Group.
Apple however said in a white paper published last fall that in order to obtain this key, a hacker would have to mount a “highly sophisticated and expensive physical attack.” This is certainly an option the FBI may have considered, but runs the risk of obliterating the memory forever if a technician makes even the slightest miscalculation.

 Dan Wallach, a computer security expert at Rice University, sounds a note of warning as regards this process “It's a destructive process that has a percentage chance of destroying the device.”
I do not think the FBI would love to take a chance at this. 

5. SNEAK IN THROUGH THE SIDE

Side Channel Attack is the use of specialized tools to monitor the properties of a device such These clues include its power consumption, acoustic properties, electromagnetic radiation, or the time it takes for a specific component to complete a task and hence stage a hack on the device.

For example, a hacker could hook up a resistor to the iPhone’s internal circuits and read the amount of energy that flows by with each passcode attempt. Ben-Gurion University’s Mimran likens it to putting your ear up to a safe, listening for a satisfying click as you turn the dial (hackers are really crazy).

Side attack has its flaws because as the hackers become more sophisticated, the chip makers become wiser at their own craft; they now install features that cause a chip to generate electromagnetic noise or maintain a steady power draw no matter what function they’re performing in order to confuse attackers.

Technology is beautiful.. 

Comments

Post a Comment

Please drop your comments. keep it as civil as possible

Popular posts from this blog

UNIVERSITY OF BENIN (UNIBEN) 2016/2017 MASTERS ADMISSION FORM IS OUT

Image
University of Benin (UNIBEN) has announced the invitation for applications for 2016/2017 post graduate programmes. The application started on 8th April 2016 and will terminate on 30th May 2016. See details below.. Applications are invited from suitably qualified candidates for admission into the following Postgraduate programmes leading to the award of Postgraduate Diploma, Masters degree and Ph.D in the various Faculties/Schools/Institutes of the University of Benin. Closing Date - 30th May 2016 Note that: Application fee is N 11.500 while Processing fee is N 550  Instructions Please Download and go through the advert at the bottom of this page to ensure proper guidance in the choice of Programme of Study. Click on 'Register for application' at the top left of the displayed page to proceed. Provide all necessary information. Note that * means compulsory fields. Click on 'Get login credentials' . An immediate mail will be send to the provided ...
Read more

NEW KID ON THE BLOCK, GERALD ADELE DROPS THE HIT "DEFYING GRAVITY" LIKE ITS HOT.

Image
 I'm not really into promotions and entertainment but who would see a mesmerizing act like this and not want to identify with his success?  I listened to this song by this young prospective Nigerian star straight out of Port Harcourt and i decided to be a part of the movement. This song is hot, its captivating, artistically gratifying, morally decent, its motivating, its worth your MB. ABOUT REGALD ADELE Gerald Adele is a sensational Nigerian singer, songwriter, and musician who hails from Port Harcourt in Rivers State. He is currently studying Economics in the University of Port Harcourt. Gerald Adele's musical gifts became apparent at an early age. Largely self-taught, he has evolved into a voice to be reckoned with in the industry. His highly anticipated single DEFYING GRAVITY ft. Phoenix and produced by Corekt Sound is a song with a message that one can actually break bounds, defy laws, exceed limits and succeed doing the extraordinary. Gues...
Read more