Cambridge Univ. researcher shows how FBI could have accessed iPhone’s data in the San Bernardino case

When, earlier this year, the FBI asked Apple to assist in unlocking the iPhone belonging to one of the San Bernardino attackers, the Bureau claimed that it had no other way of accessing the data stored on the phone. In a recently published paper, a researcher at the Cambridge University details a method – known as NAND mirroring – that bypasses the iPhone 5c PIN code security measures (which are aimed to lead to the erasure of all data after several failed attempts of entering the correct PIN). As Wired explains, the technique was discussed during the Apple-FBI controversy, but the FBI claimed that it did not work. The research shows the opposite, concluding that the ‘claims that iPhone 5c NAND mirroring was infeasible were ill-advised’. The author also notes that ‘any attacker with sufficient technical skills could repeat the experiments’, which had only been carried in relation to the iPhone 5c devices.