The processor itself has a special unique key burned into the silicon die of the chip during manufacture. This immutable code, known as the hardware root of trust, is laid down during chip fabrication, and is implicitly trusted." Let's put that in our own words. From the Apple security document: "When an iOS device is turned on, its application processor immediately executes code from read-only memory known as Boot ROM. However, to avoid the data dealbreakers, the phone must have: With the goal of getting the phone to work again, you'd be amazed how many phones can be recovered through experienced diagnosis, and competent motherboard microsurgery to correct hardware problems. Reading ones and zeros from the NAND only results in a big pile of ones and zeros. If the phone can't be fixed to boot into the iOS, then the data is not recoverable. This is the method that ALL data recovery companies use to attempt to get your data. We have to make the phone work again *enough* to boot into the iOS and accept your passcode. The nutshell is that the ONLY path to meaningful data for iPhones is making them dance the dance. There are keys generated just to unlock other keys, fail-safes, protections, and isolation of secure processes that will make your head spin. Stemming from these immutable electrical keys and built-in AES engines are an array of software checks, double-checks, and verifications. The Unique ID marries YOUR CPU to YOUR NAND so that neither can simply be swapped. These silicon fingerprints can't be read directly by software or firmware. It starts with unique keys tattooed within the hardware chips themselves. If you wonder, how does the data get decrypted and presented natively as you effortlessly flick from saved picture to saved picture on your phone? You Have to Get the iPhone to Boot and Decrypt the Data Naturally. We can read it, but your mom's special guacamole recipe that you saved is gibberish without the native decryption process. For this reason, there is no "just" get the data from the NAND flash memory. It is widely accepted within the cryptography community that the AES encryption is secure. The time it would take for modern supercomputers working at top speed to break the encryption would exceed several human lifetimes. This is the exact same cryptographic magic that is deemed robust enough by the NSA to encode US top secret government transmissions. Your data is stored on the NAND in an encrypted form using the Advanced Encryption Standard (AES). In order to keep our data secure, Apple engineers have developed pretty amazing security architecture on your iPhone that you can read about in glorious details in the public Apple security document here. Not having encryption of the stored data isn't that far from not having a passcode at all. What would data security look like if it really were as simple as just reading those details directly off the NAND in plain text? What would it take to simply grab your phone, unscrew the logic board, pop off your NAND chip and read it? It would take about 15 minutes and total equipment costs that come in under the price of a nice vacation. Our photos, calendar, bank information and browser history are all written to the NAND flash memory. They contain all of the important details of our lives. Our phones have become our miniature handheld brains. Your data is stored on the NAND as gibberish-it's encrypted. It isn't a huge deal to desolder the NAND chip and there are many inexpensive NAND readers out there that you can plug the chip into and read it. The NAND acts like the hard drive of the phone and contains all of the user data. We all know that there must be some sort of memory chip on the iPhone, and indeed there is! The flash memory storage chip, or NAND chip, is about the size of your thumbnail. If only it were that easy! The sad answer to "Can we just read the data from the memory chip?" Is Yes, but.it's gibberish. Many of our incoming requests ask us to fix their phone if we can, but if not possible then *JUST* get the data. What does it take to recover iPhone data?Ĭan you just read the data from the memory chip?
0 Comments
Leave a Reply. |