Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Cellebrite says it can pull data from any iOS device ever made

Mike Wuerthele |

Cellebrite's Universal Forensic Extraction Device (UFED), used to acquire data from smartphones

Last updated

Israeli mobile device forensics company Cellebrite proclaimed on Friday that it can break into any iOS device, including those running iOS 12.3.

With an updated page heralding it's services, Cellebrite now says that it can "perform a full file system extraction on any iOS device" in addition to being able to perform what appears to be substantively the same on high-end android devices. And, that ability is available to law enforcement agencies that can pay for it, without sending the devices to Cellebrite for extraction.

The company claims that it can determine passcodes and perform unlocks for app Apple devices, giving purchasers the ability to perform a full file system extraction. On Android, the company says that all flagship Samsung devices can be similarly penetrated, with the addition of the ability to extract unallocated data to even glean information about deleted items.

Cellebrite is thought to be the firm that the FBI turned to crack the iPhone 5c of San Bernardino killer Syed Rizwan Farook. The FBI and Department pursued Apple to code a backdoor for iOS to penetrate the device, but were met with active opposition by CEO Tim Cook. Cook, and others, argued that the company would have to fundamentally compromise the security of iOS — precisely because backdoors could be leaked or shared by government agencies, or else discovered independently.

"There's a public safety imperative here," Cellebrite Chief Marketing Officer Jeremy Nazarian said in an interview in 2018. "It's not like this is over the wire listening technology... it requires physical access. It's not like anyone is listening to your iPhone or my iPhone. There's nothing inherent in the technology that means it's open to misuse."

Despite Nazarian's comments, Apple's concerns had some merit. Cellebrite penetration tools were discovered for sale on the open market in February 2019, belying the assumption that any kind of back door could be kept safe.

Even prior to the San Bernardino debate, Cellebrite sprung up in response to law enforcement demands. Various U.S. officials have complained that Apple's insistence on end-to-end messaging encryption and full-disk encryption for devices is causing its products to "go dark" to law enforcement and spy agencies.

The battle between tech and the government has gone global, with the "Five Eyes" intelligence network — including Australia, Canada, New Zealand, the U.K. and the U.S. — claiming that "privacy is not an absolute." Legislation mandating bypasses of encryption, despite complaints, are winding through governmental agencies.

68 Comments

aplnub 2385 comments · 20 Years
About

Anyone know how Apple goes about figuring out the exploit in a case like this?

tzterri 113 comments · 12 Years
About

I'm guessing this is with simple 6 digit passcodes. I have a complex passcode that is 16 digits long.

lkrupp 10521 comments · 19 Years
About

Lots of bragging. Let’s see them back it up. 

acheron2018 33 comments · 6 Years
About

aplnub said:
Anyone know how Apple goes about figuring out the exploit in a case like this?

As I understand it they attack the secure element through the USB port.  One assumes Apple has not found the exploit.  It is possible, likely even, that it is in hardware such that by sending signals across the USB wires that violate the USB protocol the hackers are able to induce a hardware malfunction that can then be further exploited to gain access.  

This assumption is backed up by the change in iOS 12.3 that physically powers off the USB port after the phone has been locked for a time (30 minutes?)

When dealing with hardware “off” is not always quite as absolute as one might wish, but I believe this puts an enormous crimp in their attack vectors. 

The most interesting part of this story is that we get to see first hand the cat and mouse game that is just another day at the office for state sponsored  cyber warfare.  

Mike Wuerthele 6906 comments · 8 Years
About

acheron2018 said:
aplnub said:
Anyone know how Apple goes about figuring out the exploit in a case like this?
As I understand it they attack the secure element through the USB port.  One assumes Apple has not found the exploit.  It is possible, likely even, that it is in hardware such that by sending signals across the USB wires that violate the USB protocol the hackers are able to induce a hardware malfunction that can then be further exploited to gain access.  

This assumption is backed up by the change in iOS 12.3 that physically powers off the USB port after the phone has been locked for a time (30 minutes?)

When dealing with hardware “off” is not always quite as absolute as one might wish, but I believe this puts an enormous crimp in their attack vectors. 

The most interesting part of this story is that we get to see first hand the cat and mouse game that is just another day at the office for state sponsored  cyber warfare.  

Given that the company is now claiming that they can penetrate iOS 12.3, there may be a new avenue of attack.

Read More on our Forums ->
 

Sponsored Content

article thumbnail

How to stop spam calls and reclaim some sanity on your iPhone

Top Stories

article thumbnail

How Apple's smart home revolution begins in 2025

article thumbnail

AirPods Max four years later: a missed spatial computing opportunity

article thumbnail

Apple says EU interoperability laws pose severe privacy risks

article thumbnail

Don't believe what you see on TikTok - AirDrop doesn't allow thieves to steal your credit card info

article thumbnail

Holiday 2024 MacBook Buyer's Guide — Which Mac laptop you should buy?

article thumbnail

Holiday coupon: save up to $300 on every 14" & 16" MacBook Pro M4