Comey told a group of students and educators at Kenyon College in Ohio that his department had “purchased a tool” from a third party to unlock the iPhone in question, according to CNN Money. Though he stopped short of revealing the exact process, he did note that it would not work on more modern handsets.
“This doesn’t work on 6S, doesn’t work on a 5S, and so we have a tool that works on a narrow slice of phones,” Comey said.
Comey was reluctant to say if the bureau would tell Apple which method it had used on the device, saying, “We tell Apple, then they’re going to fix it, then we’re back where we started from. We may end up there, we just haven’t decided yet.”
Many observers believe the FBI used a method involving a so-called “IP Box.” The tool, available for less than $300, connects to an iPhone via its power circuitry, and then enter’s PINs over a USB connection. When a wrong PIN guess is detected the gadget cuts the power to the iPhone’s logic board before the incorrect guess is detected, thus by-passing the 10 attempt passcode limit.
This security hole is believed to be fixed on later devices, beginning with the iPhone 5S, the passcode entries are managed via a hardware Secure Enclave, rendering the attack described above useless.