In a complete turn-about, the FBI is now saying that it does not need help from Apple at all in accessing the iPhone of the San Bernardino shooter Syed Rizwan Farook. 'NAND mirroring' has been demonstrated by a third party says an iOS Forensic expert.
This outside contractor which has established connection to the FBI has demonstrated to investigators how the iPhone's security measures could be circumvented. It could be done by copying the device's flash storage contents said the forensic expert.
According to Jonathan Zdziarski, the forensic expert, "NAND mirroring" is a technique that requires the removal of NAND storage from a gadget, and then copying it using a chip reader. Lastly, the storage is re-attached to the original chip using a harness.
This gives investigators a fallback considering that the concerned iPhone has data self-delete feature after the retry limit of the iOS 9's passcode is exhausted.
"The other ideas, I've kind of ruled out. None of them seemed to fit," said Zdziarski in an interview.
But the process is fraught with difficulties. Matthew Green, an assistant professor at John Hopkins Information Security Institute and also a cryptographer said that this technique can indeed circumvent encryption, but it is still a dangerous process.
The one who will do it must de-solder a NAND chip to remove it. This method runs the risk of damaging and losing access completely.
Luckily, the concerned iPhone belongs to the latest models that Apple has manufactured in which this NAND strategy can be applied. Any device with Touch ID, and therefore a Secure Enclave, would be theoretically immune.
With this knowledge, Zdziarski suggested that whoever is assisting the FBI in cracking the iPhone's encryption code can possibly succeed. The two-week trial window requested by the Justice Department shows that the government is probably using a forensic group to try an off-the-shelf solution.