This article was published on April 15, 2021

We finally know how the FBI unlocked the San Bernardino shooter’s iPhone

Too bad it cost $900,000 and led to nothing


We finally know how the FBI unlocked the San Bernardino shooter’s iPhone

Some five years after it went down, the Washington Post’s Ellen Nakashima and Reed Albergotti have shed light on how the US Federal Bureau of Investigation (FBI) managed to unlock an iPhone belonging to the terrorist involved in the San Bernardino shooting of 2015 that saw 14 people killed. The agency’s method for cracking the code has been a secret until now.

The FBI initially sought Apple’s help to gain access to the locked iPhone, in the hopes of uncovering information to aid in its investigation. While Apple offered some assistance, it stopped short of creating a backdoor that would break iOS encryption and unlock the phone, as that could set a dangerous precedent for how law enforcement could deal with such systems, and undermine the company’s security measures for its products.

[Read: The biggest tech trends of 2021, according to 3 founders]

Luckily for the FBI, a small Australian firm called Azimuth Security stepped up with a solution. The challenge was that the agency only had a certain number of chances to guess the phone’s passcode; after the limit of failed passcode attempts was reached, the device would automatically erase its data.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Azimuth essentially found a vulnerability in a piece of software written by Mozilla, to gain access to the system. It subsequently chained two more exploits together to take over the phone’s processor, and run their own programs on it.

The FBI only had a certain number of chances to guess the phone's passcode, after which the device would erase its own data.
Credit: Lorenzo Rui on Unsplash
The FBI only had a certain number of chances to guess the phone’s passcode, after which the device would erase its own data.

At this point, Azimuth’s employees devised a piece of software to test every possible passcode combination without causing the phone to erase its own data — and eventually unlocked the device.

As wild as that story is, it ultimately didn’t reveal anything useful to the FBI for its investigation. And the whole affair cost the agency $900,000 in fees to Azimuth.

The news from 2016 about the FBI cracking the iPhone kept me up at night back then, because the agency wouldn’t divulge how it managed this feat without Apple’s help.

The Post’s piece is worth a read for more details on Azimuth’s ingenious solution, as well as how Apple dodged a major bullet and didn’t have to weaken security for its customers. It also tells the story of how the security researchers created a way to test unlocking methods on ‘virtual iPhones.’ Find the story here.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with