430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US Judge requests Apple to unlock San Bernardino shooter’s iPhone

A US magistrate ordered Apple to help unlock San Bernardino shooter’s iPhone, be aware it is demanding a tool to bypass the security mechanism. We discussed very often of the difficulties of the law enforcement in conducting investigations when suspects used devices that make use of encryption, the case that we are going to analyze is emblematic. Apple […]

US Judge requests Apple to unlock San Bernardino shooter’s iPhone

A US magistrate ordered Apple to help unlock San Bernardino shooter’s iPhone, be aware it is demanding a tool to bypass the security mechanism.

We discussed very often of the difficulties of the law enforcement in conducting investigations when suspects used devices that make use of encryption, the case that we are going to analyze is emblematic.

Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to Syed Farook, one of the San Bernardino shooters in California.

The smartphone belonged to Syed Farook, who with his wife Tashfeen Malik  killed 14 coworkers on December 2, 2015. Police intervened but failed to capture them alive because they died in a shootout with agents.

The agents seized the Syed’s smartphone, an iPhone 5C, but they were not able to access it because it is protected by a password. The authorities requested support to Apple with a court order issued by the US magistrate Sheri Pym.

After 10 wrong guesses, the iOS locks up requiring a sync with iTunes to restore, or automatically wipes the handset’s data, depending on the user settings.

The magistrate Sheri Pym is requesting Apple to find a way to supply software that prevents the phone from automatically wipe data when too many attempts fail. In this way, the police is free to run a brute-force attack to guess the PIN and overwhelm the security feature.

Apple have to unlock San Bernardino shooter's iPhone

Be aware, the magistrate hasn’t requested apple to crack its encryption, instead, it demands a tool to bypass the security mechanism.

As reported by The Register:

“It’s technically possible for Apple to hack a device’s PIN, wipe, and other functions. Question is can they be legally forced to hack,” stweeted Forensic scientist Jonathan Ździarski.

“Theory: either NSA/CIA dragnet and cryptanalysis capabilities are severely limited, or this is a test case to see how the courts respond.”

Judge Pym is requesting a software update working only on the Farook’s iPhone and running only on government or Apple property.

At this point Apple has two options, demonstrate that it cannot technically comply with the order or provide the requested software.

There is no such time, Apple has five days!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – San Bernardino tragedy, iPhone encryption)