An Australian company helped the FBI unlock San Bernardino shooter's iPhone

Azimuth used a Mozilla security flaw to get into the phone.

Sponsored Links

Devindra Hardawar
April 14, 2021 10:16 AM
Apple Inc. CEO Tim Cook (L) and China Mobile's Chairman Xi Guohua are silhouetted in front of an advertisement board of the iPhone 5s and C at an event celebrating the launch of Apple's iPhone on China Mobile's network at a China Mobile shop in Beijing January 17, 2014. Apple Inc is finally launching its iPhone on China Mobile Ltd's vast network on Friday, opening the door to the world's largest carrier's 763 million subscribers and giving its China sales a short-term jolt. 
REUTERS/Kim Kyung-Hoon (CHINA - Tags: BUSINESS TELECOMS)
Kim Kyung Hoon / reuters

So how, exactly, did the FBI unlock the iPhone 5C used by the 2016 San Bernardino shooter? According to The Washington Post, it turned to a little-known Australian security firm named Azimuth, which had developed a tool to bypass Apple's tough security measures. The iPhone in question was at the heart of a massive legal fight between Apple and the FBI.  

Authorities were previously able to brute force their way into iPhones by quickly trying multiple passcodes. But the enhanced security measures in iOS 9, which offered encryption and the ability to wipe the phone's data during hacking attempts, required a new strategy. The FBI believed there could be important information relating to the terrorist attack, and subsequently it tried to compel Apple to help unlock the phone. But Apple refused — CEO Tim Cook said that creating a backdoor could be "chilling" and "dangerous" when it comes to security and legal precedent.

That epic battle ended abruptly in April 2016, when the FBI announced that it bought a "tool" to get into the San Bernardino shooter's iPhone. Sources tell The Washington Post that Azimuth founder Mark Dowd discovered a flaw in Mozilla's open source code, which was used by Apple to handle accessories connecting to iPhone Lightning ports. Azimuth researcher David Wang used that exploit to get into iOS 9 devices, and then stringed together other exploits to get access to their core processor. From there, he was able to try multiple PIN combinations without risking any data deletion.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

Wang later founded Corellium, a security company that's developed virtual iPhones for researchers to test. Apple, likely aware of Wang's background, previously tried to hire him for its own security work. Now, Apple is in the midst of legal battles with Corellium. In December, a judge rejected the company's claims that Corellium violated its copyright. And in an upcoming summer trial, Apple will try to argue that Corellium's tools illegally breach its security.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Popular on Engadget