After a fight with Apple, the FBI was able to access the data of the iPhone 5c a terrorist who organized an attack in San Bernardino, California, in December. The FBI did not report the method used to break the protection without the help of Apple, but director James Comey has confirmed to CNN on Thursday (7) that the technique does not work on the iPhone 5s and latest models.
What the iPhone 5s, 6, 6s and SE have in common? They won a hardware protection called Secure Enclave, present from the Apple A7 processor, which records fingerprints and other security data. In practice, the FBI director has reinforced the view of security experts, including Edward Snowden, on what was the method used: NAND mirroring.
As already explained, the concept is simple. To prevent brute force attacks, iOS locks the iPhone after repeated attempts the wrong password. Depending on how the device was configured, all data is destroyed clomid after 10 fingerings incorrect code. So the FBI could not kick the terrorist password, as a possible test of investigation was in danger of being destroyed.
With mirroring the flash memory (NAND), things become easier: do a brute force attack and if the iOS lock the iPhone or delete the data, just restore the original image and all files will be recovered. The problem is that with the Secure Enclave of new models, incorrect password attempts appear to also be registered via hardware, so you can not just rewrite the flash memory to retrieve the files, since the iPhone still blocked.
The FBI said it does not publicly disclose the method used to break into the iPhone 5c Farook, and had not yet decided whether to tell Apple, as a correction of the breach could hamper future investigations. But it seems that this is no longer necessary.