Apple

Researcher Cracks The Apple Watch Code — Here’s What It Means For Forensics

The Apple Watch has been jail-broken, and the researcher who broke the code believes the technique could offer a critical back door for forensics experts who need access to the data within the system.

There have been multiple federal cases in which the government has endeavored to search an Apple Watch. In an Ohio drug trafficking investigation, police were unable to execute a warrant to search an Apple Watch Series 2. They did, however, manage to get the data from the suspect’s iPhone.

Since the investigation is ongoing, the exact means of access has not been publicly detailed, cops may have forced the suspect’s fingerprint onto the TouchID sensor or obtained the data by other means.

But the implications are clear: Wearables contain info that cops want — basically, all the same stuff that’s on a person’s phone — and they don’t have the same level of hardware security. So, it’s only a matter of time before these wearables could start to play a major role in forensics investigations.

The researcher who jail-broke the Apple Watch, Max Bazaliy of the security firm Lookout, leveraged three vulnerabilities in the Watch, all of which have been patched in the latest version (released in January).

Bazaliy said he started by analyzing the WatchOS kernel, which required him to crash the device repeatedly using one of these vulnerabilities over the course of two weeks. Each crash leaked four bytes of the kernel — Bazaliy had to collect 700 bytes in order to take the next step.

He then installed an app to launch the jailbreak, enabling connections with other devices like laptops to look through the data inside. This step has another application: For the tech-savvy renegade, it could allow a user to customize a device with non-approved apps.

While Bazaliy’s method won’t be of much use for long — since Apple has addressed the vulnerabilities — it does demonstrate that a determined person can get around Apple’s protections, and the Watch may be the weakest link. It can even be used to open linked Mac computers for further investigation.

——————————–

Featured PYMNTS Study: 

With eyes on lowering costs to improving cash flow, 85 percent of U.S. firms plan to make real-time payments integral to their operations within three years. However, some firms still feel technical barriers stand in the way. In the January 2020 Making Real-Time Payments A Reality Study, PYMNTS surveyed more than 500 financial executives to examine what it will take to channel RTP interest into real-world adoption. Here’s what we learned.

Click to comment

TRENDING RIGHT NOW