Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Firm that unlocked San Bernardino shooter's iPhone for FBI is revealed

Tim Cook had wanted Apple's dispute with the FBI to go to trial

Last updated

Even Apple could not find out which firm the FBI used to unlock one of the San Bernardino shooters' iPhones — but a new report claims to know the secret company that did the work.

Despite much speculation in 2016 that the FBI hired Cellebrite to unlock the shooter's iPhone 5C, it's only now that the real company has been named. It's an Australian defense contractor called Azimuth Security, now part of L3Harris Technologies.

According to The Washington Post, Azimuth is a "publicity-shy" firm, but it has been known to be involved in producing hacking tools for the US, Canadian, and UK governments. Apple has been suing Azimuth over its selling of virtual iPhones to government agencies attempting to unlock the devices.

Nonetheless, Apple did not determine that it was Azimuth that had aided the FBI. The San Bernardino iPhone it ultimately unlocked became the center of a high-profile dispute between Apple and the FBI.

Prior to the San Bernardino incident, the FBI had been consistently pressing for technology firms to let law enforcement bypass end-to-end encryption. The 2015 shooting, in which 14 people were killed and 22 others seriously injured, was also seen as a way to get public opinion on the FBI's side.

Apple was ordered by a US magistrate judge to comply with the FBI's requests to extract data from one shooter's iPhone. Apple argued that it had already done "everything that's both within our power and within the law to help this case," and refused to create a security backdoor for the authorities.

"As individuals and as a company, we have no tolerance or sympathy for terrorists," Tim Cook told Apple employees in a memo. "When they commit unspeakable acts like the tragic attacks in San Bernardino, we work to help the authorities pursue justice for the victims. And that's exactly what we did."

"Starting with iOS 8, we began encrypting data in a way that not even the iPhone itself can read without the user's passcode, so if it is lost or stolen, our personal data, conversations, financial and health information are far more secure," he continued. "We all know that turning back the clock on that progress would be a terrible idea."

Cook later said that he had wanted the dispute to go to court, but the argument ended with the successfully unlocking.

Credit: Corellium In suing Corellium, Apple was unknowingly close to learning the name of the firm that helped the FBI. Credit: Corellium

Now it's revealed that two Azimuth hackers approached the FBI with a series of iOS vulnerabilities, or exploits, that in combination allowed them to unlock the iPhone. Reportedly, Azimuth was paid $900,000 for the unlocking, though it led to no actionable intelligence being recovered from the phone.

According to The Washington Post, Apple's subsequent and separate 2019 suing of Corellium could have uncovered that the firm had been behind the unlocking. Corellium co-founder David Wang and Apple's requests for disclosure ought to have revealed the information, but the Department of Justice intervened on national security grounds.

The suit against Corellium concerned the company's creation of virtual iPhones which can then be used in hacking research. Apple's suit was dismissed, although it can yet appeal.

According to The Washington Post, Corellium argues that Apple's legal efforts are an attempt to put the firm out of business. Reportedly, Apple had tried to buy Corellium, and separately it had tried to hire David Wang before he co-founded the company.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.



9 Comments

lkrupp 10521 comments · 19 Years

Notice how we don’t hear much anymore about the government wanting back doors into consumer’s devices? They don’t need to. Case closed.

CloudTalkin 916 comments · 5 Years

Murvel said:
So is it Azimuth or Correllium?

Azimuth.  From the post:

"Now it's revealed that two Azimuth hackers approached the FBI with a series of iOS vulnerabilities, or exploits, that in combination allowed them to unlock the iPhone. Reportedly, Azimuth was paid $900,000 for the unlocking, though it led to no actionable intelligence being recovered from the phone."

Your question is understandable though.  Outside of a cursory mention of Correllium in conjunction with iPhone virtualization, this entire section rehashes an unrelated lawsuit and only serves to confuse:

According to The Washington Post, Apple's subsequent and separate 2019 suing of Corellium could have uncovered that the firm had been behind the unlocking. Corellium co-founder David Wang and Apple's requests for disclosure ought to have revealed the information, but the Department of Justice intervened on national security grounds.
The suit against Corellium concerned the company's creation of virtual iPhones which can then be used in hacking research. Apple's suit was dismissed, although it can yet appeal.
According to The Washington PostCorellium argues that Apple's legal efforts are an attempt to put the firm out of business. Reportedly, Apple had tried to buy Corellium, and separately it had tried to hire David Wang before he co-founded the company.


StrangeDays 12980 comments · 8 Years

lkrupp said:
Notice how we don’t hear much anymore about the government wanting back doors into consumer’s devices? They don’t need to. Case closed.

Is just last month recent enough for ya? FBI Director Christopher Wray asked the Senate Judiciary Committee yet again. 

But it’s also true that more police departments are using hacker tools more often.

https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones

CloudTalkin 916 comments · 5 Years

lkrupp said:
Notice how we don’t hear much anymore about the government wanting back doors into consumer’s devices? They don’t need to. Case closed.

I have always maintained, on this site and others, the government never really needed backdoors.  What they were actually after was unfettered access, not access in general.  They've pretty much always been able to get in, but there was cost -sometimes considerable- involved.  A backdoor would eliminate the calculus of expense vs actionable intel.  It would also be the end of privacy as we know it.