Click to Skip Ad
Closing in...

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The FBI didn’t need an iPhone backdoor — $100 of electronics does the same thing

Published Sep 20th, 2016 4:22PM EDT
iPhone Encryption Password Hack

The Apple vs. FBI fight over breaking the encryption of the San Bernardino iPhone was one of the most important news topics of the beginning of the year. Ultimately Apple won, as it didn’t have to create a backdoored version of iOS that would let the FBI spy on that iPhone 5c that belonged to one of the San Bernardino shooters. The FBI won too, as it bought an iPhone hack for more than $1.3 million that let it bypass the password that protects the lockscreen of iPhones.

DON’T MISS: Android user switches to iPhone 7 from pure Android and has some surprising opinions

During the debate, the FBI shot down one iPhone hack solution that would not involve Apple. Researchers proposed that the FBI would simply dismantle the iPhone, remove the NAND memory that contains the encrypted data, clone that memory, and then brute force their way into it.

That way, the FBI would be able to try out all the possible password combinations without triggering any of the safety mechanisms Apple built into iOS, to prevent such spying techniques. The FBI dismissed the method and chose to pursue other avenues.

The iPhone is encrypted only as long as it’s protected by a password. Once you discover it, you can access all the data on it.

The disadvantages of this proposed iPhone hack are that the NAND memory might be destroyed while it’s unsoldered from the iPhone’s main board. Secondly, entering all possible password combinations would take hours (for 4-character PINs) or months (for 6-character PINs)

But the method does work, and a Russian professor demoed it in a YouTube video. For less than $100 in equipment, professor Cambridge computer security expert Sergei Skorobogatov proved that the method above works. He wrote a paper on the matter that explains how such an attack would work on iPhones and iPads no older than iPhone 6 Plus.

Hackers looking to break into an encrypted iPhone would certainly be able to do it if the iPhone is old enough. And intelligence agencies that have sophisticated resources at their disposal could do it even more efficiently.

Check out Skorobogatov’s video below, and read more about the attack at this link.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.