Apple Is Suing the Company Cofounded by the Hacker Who Helped FBI Unlock the San Bernardino Shooter’s iPhone

BY Mahit Huilgol

Published 14 Apr 2021

Apple logo

In 2016 Justice Department obtained a court order compelling Apple to help the FBI bypass iPhone security. FBI asked for access to the San Bernardino shooter’s iPhone after multiple attempts to unlock the device failed. Apple stood its ground and refused to create a backdoor. Thankfully, the standoff between Apple and the FBI came to an end without the need for Apple to create a backdoor.

Cellebrite is a firm well known for cracking devices. Previously it was rumored that Cellebrite helped the FBI unlock the shooter’s iPhone. However, the latest report reveals that Azimuth, an Australian firm that helped crack the iPhone.  The secret was closely guarded, and even Apple couldn’t find the name for five years. Azimuth claims to work with democratic governments and is known for its “white hat” hacking efforts.

Two Azimuth hackers teamed up to break into the San Bernardino iPhone, according to the people familiar with the matter, who like others quoted in this article, spoke on the condition of anonymity to discuss sensitive matters. Founder Mark Dowd, 41, is an Australian coder who runs marathons and who, one colleague said, “can pretty much look at a computer and break into it.” One of his researchers was David Wang, who first set hands on a keyboard at age 8, dropped out of Yale, and by 27 had won a prestigious Pwnie Award — an Oscar for hackers — for “jailbreaking” or removing the software restrictions of an iPhone.

Azimuth is renowned in cybersecurity circles for finding vulnerabilities. The company arms itself with exploits that can be used when the need arises. For instance, the company used a previously known exploit to unlock iPhone belonging to the Inland Regional Center shooter. Azimuth is said to be working with multiple government and law enforcement agencies.

The FBI wanted Apple’s help for breaking into the iPhone and access information to investigate a terrorist attack. Apple refused to budge and argued the government is forcing the company to bypass its security, which could compromise customer privacy. It is common for operating systems to contain bugs or flaws that pose security risks. Hackers can create an exploit chain by writing a series of exploits and using it one at a time to crack the device.

Corellium Connection

Apple has had a bitter relationship with security firms, and Corellium is no different. Last year Apple filed a lawsuit against Corellium alleging that the company has infringed its copyright. Apple’s lawsuit requested access to all the software flaws in iOS currently known to the company or its employees. In other words, Apple wanted to extract more information about Azimuth via Corellium lawsuit.

In 2019, Apple sued Corellium for copyright violation. As part of the lawsuit, Apple pressed Corellium and Wang to divulge information about hacking techniques that may have aided governments and agencies like the FBI.

Apple subpoenaed Azimuth, Corellium’s first customer, according to court documents. Apple wanted client lists from Azimuth, which is now owned by L3 Harris, a major U.S. government contractor, that might show malign entities. L3 and Azimuth said they were “highly-sensitive and a matter of national security,” according to court documents.

The list included Wang, a security researcher who helped the FBI unlock San Bernardino shooter’s iPhone. During a deposition Apple questioned Wang “about the morality of selling exploits to the goverments.”

During a deposition, Apple questioned Wang about the morality of selling exploits to governments, according to court records. A lawyer pressed him during the deposition on whether he was aware of any bugs that were not reported to Apple but were later found by malicious hackers.

Summing it up, Apple is allegedly trying to extract classified information about Azimuth with other lawsuits. Apple has lost a copyright lawsuit against Corellium; it has already filed a different claim that accuses Corellium of illegally bypassing Apple’s security.

Our Take

Interestingly the entire episode of Azimuth unlocking San Bernardino shooter’s iPhone has a brighter side to it. The Australian firm is the reason why the FBI backed down. In other words, the Justice Department could have arm-twisted Apple to create a back door into the iPhone. That being said, it still concerns that government agencies or anyone with enough resources can break into an iPhone, thus undermining its security.

[via Washington Post]