Details Surface About Firm That Hacked iPhone for the FBI in 2016
It was in 2016 that a shooting in San Bernardino, California, sparked legal action in which the FBI attempted to use the courts to force Apple to enable a vulnerability that would allow the agency to access all iPhones, including the shooter’s. The FBI eventually dropped the case after they located a company that could break into the phone for them.
Details about the firm were shrouded in mystery... until recently. As a result of a copyright violation suit against a related company, it became public that a small Australian firm known as Azimuth Security was responsible for helping the FBI.
Speaking on condition of anonymity to the Washington Post, an insider detailed how Mark Down, founder of Azimuth and former IBM X-Force researcher known as “the Mozart of exploit design,” identified a flaw in code used to manage accessories plugged into an iPhone’s lightning port. David Wang, a Yale drop-out who won a Pwnie Award (an Oscar for security researchers who break into devices) by age 27, created software to exploit the flaw that allowed the researchers to gain complete control of the phone.
For this service, the FBI forked over somewhere between $99,000,000 and $1,300,000. That’s a lot of money to confirm what security analysts told the FBI from the beginning of their ill-fated lawsuit, which is that there was unlikely to be any useful evidence on the shooter’s work phone.
Since the phone was accessed, Azimuth appears to have reduced its public profile and taken down its website. This is not unexpected given its recent media attention combined with the fact it is owned by L3 Harris, a U.S. government contractor.
When law enforcement needs to access a device (and is willing to pay to do so), there are companies willing and able to do the breaking-in. Yet the FBI continues to clamor for a way around end-user encryption, the collection of systems which allow for all economic security on the Internet. More than anything, this shows the FBI is willing to break the Internet to be able to pry into your phone just a little easier.
Source: techdirt.com
As a digital subscriber to Criminal Legal News, you can access full text and downloads for this and other premium content.
Already a subscriber? Login