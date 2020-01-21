Kick-off of 2020, security and privacy is a hot topic between the last confrontation between Apple and the FBI over the Pensacola incident and Apple has abandoned its plan to provide end-to-end encryption to backups iCloud. With a detailed report on what a rugged iPhone cracking operation looks like from the inside, Fast Company shares some fascinating details and photos from New York’s $ 10 million cyber lab.

Fast Company calls the New York High Technology Analysis Unit’s laboratory a “zero point in the encryption battle” between the US government and technology companies like Apple. And that goes far beyond certain third-party devices made by companies like Cellebrite or Grayshift.

The lab was built by Manhattan cybercrime unit and district attorney Cyrus Vance Jr. and it includes an RF isolation room to give them the best chance of breaking iPhones and iPads before suspected criminals can delete them remotely.

The entrance to the RF isolation chamber near the middle of the Lefkowitz building in lower Manhattan looks like an artifact from the Apollo program, protected by two airtight metal doors specially designed to block electromagnetic waves. Inside the room, against a wall, are dozens of iPhone and iPad Apple in various states of disrepair. Some have cracked glass fronts or broken cases. Others appear to have been caught in a smoldering campfire. Of course, the devices are not there to be repaired. This is evidence confiscated when the alleged crimes were committed.

Manhattan prosecutor Cyrus Vance Jr. and the city’s cybercrime unit built this electronic prison for a very specific purpose: to try, using brute force algorithms, to extract data from phones before their owners don’t try to erase the content remotely.

The report highlights “nearly 3,000 phones” waiting to be broken in the laboratory during the visit to Fast Company. High Technology Analysis Unit director Steven Moran said he created a special and personalized process with open source software to manage the amount of devices they receive and know which third-party vendors to work with to hack iPhones.

On the day of my visit to the cyber laboratory, there were almost 3,000 phones, most of which were linked to active criminal investigations, which Moran had not yet been able to access. The team built a proprietary workflow management program, using open source software, to sort through the incredible volume of incoming devices and escalate the most important cases. “So if a third party said” hey, we have a solution that will work on iOS 12.1.2 and it costs X dollars “, I can see in five seconds that it will affect 16 different phones,” Moran said.

After the San Bernardino case, Manhattan prosecutor Cyrus Vance Jr. said they had decided to build the high-tech laboratory.

“We had to figure out what we were going to do with this new situation over which we had no control,” says Vance. So, at a cost of some $ 10 million, Vance decided to build its own high-tech forensic laboratory – the first of its kind in a local prosecution.

With this budget, the director of the High Technology Analysis Unit, Steven Moran, obtained very powerful hardware, custom software and a team of security experts.

The lab’s supercomputer is capable of creating up to 26 million password puzzles per second, and there is a “robot that can remove a memory chip without using heat”.

Moran stocked the cyberlab with mind-boggling equipment and a crack team of tech experts, many of whom are former military personnel. Proprietary software provides prosecutors with real-time information on each smartphone in their possession, which can be removed from the radio-shielded room using Ramsey cases – miniaturized versions of the isolation room that allow technicians handle the devices safely. In other corners of the lab, there is a supercomputer that can generate 26 million random passwords per second, a robot that can remove a memory chip without using heat, and specialized tools that can repair even seriously damaged devices. damaged.

Another interesting statistic: 4 out of 5 smartphones that the DA office in Manhattan obtains are now locked, whereas five years ago only 52% were locked.

Five years ago, only 52% of smartphones obtained by the district attorney’s office were locked. Today that figure is 82%. Vance says the cybercrime lab is capable of successfully breaking about half of the phones in its possession, but every time Apple or Google updates their software, they have to adapt.

Manhattan DA is also aware that the laboratory it was able to create is not an option for most cities and stresses its belief that it is not the answer.

Vance is careful to say that he is not “complaining” about the problem. He knows he is better off than 99% of other jurisdictions in the country. Thanks in part to the billions of dollars the city has raised to prosecute financial crimes on Wall Street, Vance is able to continue operating its $ 10 million laboratory. “But that is not the answer,” he said, “and it is not the answer for the country because we are an office that is only able to pay for expensive services.”

…

In the end, Vance just wants prosecutors to have all the tools available to do their job. “You entrust us with this responsibility to protect the public,” he says. “At the same time, they” – Apple and Google – “took away one of our best sources of information. Simply because they say it. It’s not that a third party has decided, it’s the right thing to do for Apple and Google. They just did it. “

But of course, Apple is likely to change its position or focus on iPhone security and privacy, so the cat and mouse game will continue.

The full article from Fast Company on Manhattan’s tech tech iPhone cracking lab is definitely worth reading.

Images via Fast Company

