The FBI has “successfully accessed the data” stored on the San Bernardino shooter’s iPhone without the help of Apple. The revelation came in a three-sentence status report withdrawing their court-ordered demands for Apple’s assistance in recovering the data. While this is good news for the court case, it poses the new question of how the FBI managed to hack the iPhone.
The most likely explanation is the FBI’s contracting of an Israeli forensic software company called Cellebrite, which the company has confirmed. When the FBI deferred a hearing in the case against Apple last week it mentioned an “outside party” had demonstrated a possible method that did not require the assistance of Apple’s engineers.
This potentially means it took the firm just one week to access the encrypted data: a feat Apple itself stated would take six to ten engineers two to four weeks to achieve. While we do not know exactly how long Cellebrite has been working with the FBI, its website lists a pre-existing tool for cracking the encryption found on the iPhone 5C. There is no word yet as to the relevance of any data uncovered.
While in some ways the withdrawal of the court order against Apple can be seen as a win for encryption generally, the fact that the iPhone has still been hacked – and apparently in a very short amount of time – might be of equal concern.