James Comey, Director of the Federal Bureau of iPhones—that is, Investigation—confirmed in an interview with CNN yesterday that a tool that the agency had purchased from a third-party to unlock San Bernardino shooter Syed Farook’s iPhone 5c cannot be used to bypass security protections on newer models, from the iPhone 5s onward.

This implies the tool relies on the fact that the iPhone 5c and earlier models lack hardware features like the Secure Enclave embedded in Apple’s mobile processors (from the iPhone 5s’s A7 chip and onward) which keeps encrypted sensitive information and stuff like the number of passcode attempts isolated from the rest of the system.

Works only on a “narrow slice of phones”

A mysterious third-party tool that the FBI purchased worked only on a “narrow slice of phones” that does not include the newest models or the iPhone 5s, reports CNN.

This should come as a relief to Apple CEO Tim Cook, who is very interested in learning about the exploit the FBI used to break into the device. The FBI’s comment implies that iOS 9, which runs on that particular iPhone 5c, may not be plagued with a major exploitable security hole.

Still, the government might not be ready to tell Apple how it pulled off the hack.

“We tell Apple, then they’re going to fix it, then we’re back where we started from,” he said. ”We may end up there, we just haven’t decided yet.”

“The people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they are very good at protecting it, and their motivations align with ours,” he continued.

The agency is, however, currently cluing anti-encryption U.S. senators in on how it accessed data on the device. According to a senior FBI official, it’s “simply too early” for the FBI to know whether the information recovered from the phone will help move the investigation forward.

Additionally, the FBI may be legally required to disclose its methods should the FBI turn to courts to force Apple to unlock other iPhones that the agency has in its possession.

A mysterious third-party

Litigation between the United States government and Apple over the San Bernardino shooter’s iPhone 5c has unexpectedly ended after the government said it had purchased a tool to hack into that phone from a private party.

That private party was identified as Cellebrite Mobile Synchronization, founded in 1999.

A subsidiary of Japan’s Sun Corporation, this Israeli firm specializes in data extraction, transfer and analysis devices for cellular phones and mobile devices. The FBI was already a Cellebrite client before this project, according to Bloomberg.

Cellebrite parent Sun Corp.’s shares rose 40% since March 21 when the government confirmed a third party had demonstrated a way to get into the shooter’s iPhone.

Source: CNN

  • jgethro


    • Rodney Coleman

      Right… Too bad iPhone 5c came at the same time with 5s

      • Ethan

        iPhone 5c had same internals as iPhone 5 had, don’t forget that.

    • Jackson Grong

      They probably got the tool from Apple and label it top secret so Tim Cook would go to jail talking abaut it.

      • jgethro

        You sir we think alike

    • Mark S

      Get your head out of the sand.

  • It’s a matter of time if Apple releases an update to prevent this. If this tool gets in the wrong hands, then it’s FBI’s fault.

  • igorsky

    Actually the FBI just did Apple a favor as the hordes now run into stores to purchase the latest, fully encrypted phones.

    • TechnoBuff

      This is the funniest comment of the day…..
      Most phone uses do not bother about encryption or phone security.
      User security is not one of the features that sell phones.

      • brian.

        Maybe not for John Q public in an actual pragmatic sense. But Apple does not want the reputation of their security to be obfuscated. The public perception plays a factor here.

        They don’t want to be known as the company that sells phones the FBI can hack into. Even if Android MAY be less secure given most circumstances, there’s no headline news telling the public anything about those phones.

      • Nate McKelvie

        I actually disagree. I work in a mobile phone accessory and gadget store. The common user is so afraid of the cloud and their information getting stolen, or even online banking because they think it’s going to be hacked. They might not understand security, but hearing “the fbi can crack a 5c, but can’t crack the 5s, 6, 6s, etc etc” will make them think “if the fbi can’t get the info, then my info is much safer” although this whole thing is BS because there is no system that can’t be cracked with enough time and energy. If the FBI wants in, they will find a way, as they proved with this situation. It just happened to be a 5c they needed in, but if it had been a 6, they’d have got in that eventually too.

    • brian.

      Perhaps. This is a double-edge sword for Apple. Now, if Apple knows the exploit, obviously they’re going to fix it, but if the FBI is indeed telling the truth, anyone with an iOS 9 device is fine.

      The ugly situation happens when people understand this issue, and being very public as Apple is about the whole situation, the magnifying glass is on them to release updates to patch these things ASAP, they can no long wait as they have in past.

      This is probably why they released a server-side fix for the screen-lock exploit discovered a few days ago.

  • airmanchairman

    Win-win for Apple; they reasserted their User Privacy mantra, a stick they have used to continually beat on their software rivals; they reassured their users regarding the hardness of their handset security; and as a bonus, they sent their users a clear suggestion as to why they should be incentivised to update to the very latest hardware AND software versions ASAP…

  • Weetsy

    I have a feeling it was that one jailbreak from late 2015 that got 1 million dollars from zerodium. The one that could jailbreak over the air.

  • Nitin

    Many tools are already availaible in market can unlock lockscren password even newer models