According to a report by Habertürk (via TechCrunch), Turkish authorities have asked for Russia’s help to unlock the iPhone 4S of the Russian ambassador’s killer, who was an off-duty police officer and was shot by Turkish special forces minutes after the crime. Apparently the device has a 4-digit passcode, which means it should be quite easy to unlock for the authorities, with solutions that don’t even require Apple’s help.
Although the iPhone 4S runs iOS 5 to iOS 9, many iPhone 4S owners didn’t update to recent iOS versions. So if the device is running iOS 7 or earlier, getting the content of the device will be much easier. The content of the device isn’t encrypted as Apple started encrypting all data with iOS 8, which means the authorities can access this data quite easily.
If the device runs iOS 8, it should not be too hard to crack either since the iPhone 4S didn’t have a Secure Enclave or Touch ID sensor.
The Secure Enclave is a coprocessor that utilizes a secure boot process to make sure that it’s uncompromized. It has a secret unique ID not accessible by the rest of the phone, Apple or anyone — it’s like a private key. The phone generates ephemeral keys (think public keys) to talk with the Secure Enclave. They only work with the unique ID to encrypt and decrypt the data on the coprocessor. With the iPhone 5s and later, Apple has been using the Secure Enclave to encrypt your passcode and sensitive information.
So for an iPhone without a Secure Enclave, one can bruteforce the passcode with a hardware device that costs a few hundred bucks, and that too by easily bypassing the setting that wipes the data after 10 unsuccessful attempts.
