Diary

A Simple Solution

I have worked in technology for just over seventeen years.  Sometimes for free, overwhelmingly paid.

I’ve worked on every version of Microsoft’s Windows and DOS platforms, every version of Apple’s System and OS X platforms, and a wide range of ports of the UNIX/Linux platforms.  I’ve worked with every iteration of Apple’s iPhone and iPad lines, and quite a few of their Powerbook/iMac/MacBook systems.

I tinker and play with these things all the time.  I fix and break and fix again all of this because I love the idea that I can take one thing and make it do a thousand other things.  Got an old PC?  I’ll make it into an industrial-sized file/printer server or media server.  Got an old iPhone?  I’ll turn it into a kid-friendly iPod or a nanny-cam.  Got an old Nintendo Wii?  I’ll make it sing and dance with every old game system under the sun (pre-Dreamcast).

I’m very good at what I do, to borrow a phrase, and what I do is very nice.

I had to help a friend a year or so back with getting pictures off of her son’s iPhone 5.  He had died unexpectedly and left her without the PIN.  She’d gone through his Mac and was unable to verify that he’d synced all of his pictures to the cloud, and wanted to make sure she didn’t accidentally delete anything.  Rather than risk erasing everything, she asked me to see what I could do.

I sat down and plugged the phone into her desktop PC (an older Windows XP system).  I opened up iTunes and plugged the device in, carefully avoiding syncing the device to the PC (which would erase everything on the phone) and navigating to the Device Information page in iTunes.  Here, the serial number, storage information, iOS version and all other necessary details were available.  I tried the PIN twice, and unplugged the phone, meaning to step away and ask her if she had any other clues, because after three tries the phone is designed to lock for five minutes (except for emergency calls) and I wanted to avoid that if at all possible (I hate delays).  Something told me to plug it back in for a moment to try another method (I think I was going to try and use an older version of CopyTrans or SharePod to copy the data off the device), and when I did so, I noticed that the phone’s 5 minute countdown had disappeared.  I was able to try the PIN again, and hit the lockout again.  I figured this might be a glitch but in case it wasn’t, I wanted to try again.

It worked.  I did this over and over again, and while I wasn’t able to figure out the kid’s PIN, I did show my friend how to repeat this process.  This allowed her to take her time guessing the PIN, although I believe she wasn’t able to guess it and wound up selling the phone eventually.

This is what the FBI needs to do.  Get a PC, install iTunes, plug this phone (an iPhone 5C unless I’m mistaken) into the PC, ensure iTunes will not try to sync the phone, go to the device page, unplug and plug it back in, and it should clear the PIN counter, allowing them to try as many PIN options (unfortunately, this is a manual process and cannot be done in a brute-force manner) as possible.

I’m posting this information in the hopes that the FBI is able to extract whatever information they can from this device and prevent future attacks.  I don’t think I could sleep knowing I didn’t do my part to help law enforcement in a situation like this.