It has been widely speculated that the method used by the FBI to access the San Bernardino iPhone might not work with phones that have the Secure Enclave, and this has now been effectively confirmed. FBI director James Comey told CNN that the method doesn’t work with the latest iPhones.
This fact also lends support to the main theory about how the hack was performed …
The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5S.
Edward Snowden said that the auto-erase function can be bypassed by copying the contents of flash memory, making some passcode attempts and then copying the original content back to the iPhone to reset the counter. But on phones with an A7 chip and later, the Secure Enclave also appears to register login attempts, meaning that even over-writing the flash memory would not override the auto-erase.
It’s not clear at this stage whether the FBI appreciates how big a clue it just gave to the method used. The agency last week said that it may not reveal to Apple the method used, and it repeated the same line to CNN, stating that it had still not reached a decision.
But unless the FBI is bluffing, it does mean that there’s no loophole for Apple to close in future iPhones.
“We tell Apple, then they’re going to fix it, then we’re back where we started from,” he said. “We may end up there, we just haven’t decided yet.”
The Senate Intelligence Committee is still considering legislation that would compel tech companies to cooperate with law enforcement agencies to defeat encryption, but it was revealed today that this proposed bill does not have the support of the White House.
Image: digitalforensicscience.com