±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35657
New Yesterday: 1 Visitors: 184

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Apple Unlocking iPhones vs US Government

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3 ... 9, 10, 11, 12  Next 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 07, 16 12:17

- RolfGutmann
trewmte is right: EXAMINATION PROCEDURES IN EMERGENCY CASES

There are based on the assumtion of device backdoored and unknown content 4 possibilities to think about:

1. device not breakable - no unknown content
2 device not breakable - unknown content
3. device breakable - no unknown content
4. device breakable - unknown content

In cases 1 and 2 further damage cannot be prevented one think, but only 2 is right.
In cases 3 and 4 further damage can be prevented only by 4 as 3 is useless.


I learned from two security examiners yesterday of this backdoor (?) or design flaw (?) or something else (?) in the operation of locked iPhone where Siri is involved.

1) Lock iPhone. Ask Siri what time is. Tap clock. Tap +. Type ZZ. Select All, Share. Tap messages. Press Home button. Nobody tell the FBI Smile Works on some phones only...

2) It works unless Siri is not accessible via locked screen. Smile

The above is a discussion between examiners and not found in web-link editorials.

Not 100%, but could be useful to know for EXAMINATION PROCEDURES IN EMERGENCY CASES.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

kacos
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 07, 16 16:59

- trewmte


I learned from two security examiners yesterday of this backdoor (?) or design flaw (?) or something else (?) in the operation of locked iPhone where Siri is involved.

1) Lock iPhone. Ask Siri what time is. Tap clock. Tap +. Type ZZ. Select All, Share. Tap messages. Press Home button. Nobody tell the FBI Smile Works on some phones only...

2) It works unless Siri is not accessible via locked screen. Smile

The above is a discussion between examiners and not found in web-link editorials.

Not 100%, but could be useful to know for EXAMINATION PROCEDURES IN EMERGENCY CASES.

It is a vulnerability:
seclists.org/fulldiscl...016/Mar/15  
 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 07, 16 20:53

- kacos
It is a vulnerability: seclists.org/fulldiscl...016/Mar/15


Thanks kacos
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

RolfGutmann
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 08, 16 17:39

securitweek.com released: Multiple Passcode Bypass Vulnerabilities Discovered in iOS 9.2.1 see here

iOS PassCode Bypass vulns

transcript here

vulnerability lab's website item  
 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 08, 16 22:17

- RolfGutmann
securitweek.com released: Multiple Passcode Bypass Vulnerabilities Discovered in iOS 9.2.1 see here

iOS PassCode Bypass vulns

transcript here

vulnerability lab's website item


Excellent, thank Rolf.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 09, 16 13:58

A further contribution this time using inkjet printer to access iPhone using target's fingerprint.

gizmodo.com/how-to-eas...1763261331
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

jaclaz
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Mar 09, 16 21:32

Effaceable storage?
www.aclu.org/blog/free...fraudulent


One of the FBI’s Major Claims in the iPhone Case is Fraudulent
...
The largest chip on the back (outlined in red above) is the NAND flash, where all the data is stored, including both the encrypted filesystem and the Effaceable Storage.

The FBI can simply remove this chip from the circuit board (“desolder” it), connect it to a device capable of reading and writing NAND flash, and copy all of its data. It can then replace the chip, and start testing passcodes. If it turns out that the auto-erase feature is on, and the Effaceable Storage gets erased, they can remove the chip, copy the original information back in, and replace it. If they plan to do this many times, they can attach a “test socket” to the circuit board that makes it easy and fast to do this kind of chip swapping.

If the FBI doesn't have the equipment or expertise to do this, they can hire any one of dozens of data recovery firms that specialize in information extraction from digital devices.
...


jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 

Page 10 of 12
Page Previous  1, 2, 3 ... 9, 10, 11, 12  Next