Digital forensics expert shows how software can break into iPhones

If you’re keeping any secrets, don’t hand your smartphone to Bill McGregor.

Inside an office cluttered with computer components, McGregor works for a small and discreet business called eInvestigations that specializes in digital forensics.

Drop a computer off here and they’ll dig into the hard drive to discover data seemingly lost to the ages. 

Among the tools of this investigative trade is a small kit of wires and cables and connectors from an Israeli tech firm called Cellebrite.

McGregor and his partner, Gary Huestis, are pretty much convinced the FBI is using this technology to read a terrorist’s iPhone. 

“As you can see, there’s intricate pieces to this kit,” he said, opening up a satchel the size of a small computer bag. 

After the shootings in San Bernardino, the FBI found an iPhone belonging to one of the killers.

The Justice Department asked Apple to develop new software that would disable the auto-erase function that wipes the phone clean after ten passcode fails, but Apple refused. 

“We did not expect to be in this position at odds with our own government,” said Tim Cook, Apple’s CEO, during the company’s high-profile court fight with the Justice Department. 

“The way the iPhone works is you have ten tries to try to get into a phone,” McGregor said. “Each time, it makes you wait longer and longer - an hour, 24 hours - and finally, it disables it. The one main thing the FBI was trying to get around was that ten tries.”

But with the help of an undisclosed third party, the FBI apparently managed to disable that auto-erase function.

After that, McGregor explained, it could be a simple matter of launching what’s commonly called a “brute force attack” - trying every possible combination of passcode numbers until the phone opens. 

"Once they got around that, getting the data from one of these?” he said. “Simple, very quick.”

How simple? McGregor showed me – on my own iPhone.

Using one of the cables and connectors in his kit, he hooked my phone up to a USB port in his desktop computer.

The software provided with the kit gives instructions so simple it looked like anyone with a modicum of computer literacy could follow them. 

Here’s where our demonstration varied from the challenge faced by the FBI.

Instead of bypassing the auto-erase function – however the feds did it – and going through the time-consuming process of trying thousands of numerical combinations, we typed in my passcode. 

Within seconds, the display on McGregor’s desktop indicated it was downloading material. 

“Now it’s actually pulling data from your phone,” he said. 

Minutes later, the computer program had extracted everything stored on my smartphone. Old photographs I thought I’d deleted long ago from a different iPhone popped up. 

So did passwords used to access websites where I’ve shopped and wireless networks where I’ve dined. 

Text messages and emails I sent so long ago I’d forgotten ever writing them reappeared, some of the material highlighted in red. 

“Everything in red was stuff that is no longer on your phone but we were able to pull back,” he said. 

Of course, McGregor’s an expert at this, but I had to wonder whether just anybody could access the sensitive information he easily extracted from my phone. 

“Some phones are more secure than other phones,” he said. “And then some people make their phones less secure.” 

An iPhone with a six-digit passcode with frequently updated software is very secure, McGregor believes.

But if someone figures out your Apple ID and password, that’s trouble.

With that information, a crook doesn’t need to steal your iPhone because everything that’s stored on your phone is also stored in the cloud, readily accessible to any thief anywhere in the world. 

As for the kit built by the Israeli tech firm, McGregor’s not especially worried that an average hacker might buy one to bust into stolen iPhones. 

“Theoretically yes, but it’s out of the average Joe’s budget,” he said. 

Nonetheless, it’s disturbing to consider what havoc a determined hacker could wreak if he could figure out how the FBI managed to access the information stored on that terrorist’s smartphone.

(© 2016 KHOU)