The FBI seems to have become an expert on cracking iPhones. Or, at the very least, it has found a decent exploit (and who knows how many more it might have in its back pocket) that it can use until Apple figures it out and patches the problem.

And the FBI isn't just keeping this information to itself. Well, technically, it is, but it's also now offering to help out local law enforcement agencies with any iPhones they might need cracked for cases they're working on. The FBI confirmed to Buzzfeed that it sent out a memo this Friday detailing its interest in helping out.

In the memo, the FBI notes that a number of other parties contacted the FBI during its recent squabble with Apple over the encryption mechanisms protecting the San Bernardino shooters' iPhone. These parties offered a variety of suggestions to the FBI as to how they might be able to bypass Apple's encryption or otherwise brute-force their way into said shooters' iPhone without triggering the device's "10 bad attempts and it's wiped" security mechanism. One such method, which the FBI doesn't detail in the memo, was presented in mid-March and ultimately proved to be the one that allowed the FBI to get into the device (and drop its lawsuit against Apple).

"We know that the absence of lawful, critical investigative tools due to the 'Going Dark' problem is a substantial state and local law enforcement challenge that you face daily. As has been our longstanding policy, the FBI will of course consider any tool that might be helpful to our partners. Please know that we will continue to do everything we can to help you consistent with our legal and policy constraints. You have our commitment that we will maintain an open dialogue with you. We are in this together," reads the FBI's memo.

It's been speculated that the FBI—or, at least, whoever the FBI is working with, which has been rumored to be the Israeli cybersecurity company Cellebrite—is possibly using a NAND mirroring method to get around Apple's iPhone protections. The FBI is unlikely to ever disclose the specific vulnerability to Apple, as an law enforcement official requesting anonymity recently told a batch of reporters that, "We cannot comment on the possibility of future disclosures to Apple."

Said attack would require a person, or company, to physically remove the iPhone's NAND chip, make an image of its contents, reattach the original chip, attempt a few brute-force password attempts (likely five, for maximum efficiency), copy the image back onto the chip, and repeat the process.

Apple hasn't specifically addressed how it might patch this exploit, if it can, in future iterations of the iPhone.

"We will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated," reads a statement from the company.

Further Reading

Mobile Phone Reviews