All iOS devices can be unlocked says maker of leading cracking device

All iOS devices can be unlocked says maker of leading cracking device
Depending on your age, you might remember the old days when you walked into a Verizon store, bought a subsidized phone for $99 or $199, and the rep used a Cellebrite machine to transfer over your contacts to the new handset. The machines, used for data extraction, would occasionally tip us off to upcoming new phones. The Israeli company got plenty of press back in 2016 when Apple refused to comply with a federal court order to unlock the iPhone 5c belonging to San Bernardino shooter Syed Farook. This would have forced Apple to create a special version of iOS for the government, and the company was fearful that a leak would make every iPhone owner vulnerable to having his handset hacked. Eventually, the FBI paid Cellebrite to open the phone, and found no useful information.

Machines like the ones produced by Cellebrite and GrayShift plug into an iPhone's Lightning port to bypass limits on passcode attempts. Apple thought that it had put the kibosh on these "cracking" devices by adding USB Restricted Mode to iOS 12. This prevents the port from communicating with other devices if an iPhone has not been unlocked within the last hour. But Cellebrite and Apple each take turns trying to get the upper hand over the other, and now it is Cellebrite that is on top. The Cellebrite website now states (via AppleInsider) that it can "perform a full file system extraction on any iOS device, or a physical extraction or full file system (File-Based Encryption) extraction on any many high-end Android devices."


On its web site, Cellebrite promotes its devices as a tool for law enforcement. "Gain access to 3rd party app data, chat conversations, downloaded emails and email attachments, deleted content and more, increase your chances of finding the incriminating evidence and bringing your case to a resolution," it says. But these devices are available for individuals to purchase. Earlier this year, we showed you how easy it is to obtain a Cellebrite machine. Several previously used devices showed up on eBay back in February, priced as low as $100.

Cellebrite says that it can crack open iPhones running iOS 7 to iOS 12.3


For those who consider the use of a Cellebrite machine to be invasive like using wiretaps, Cellebrite Chief Marketing Officer Jeremy Nazarian said last year that there is a difference. The executive pointed out that using the Cellebrite machine requires physical access to one's smartphone. "It's not like anyone is listening to your iPhone or my iPhone," Nazarian said. "There's nothing inherent in the technology that means it's open to misuse."

The Cellebrite website says that it can crack open Apple devices running iOS 7 to iOS 12.3. It also works on "high-running" Android models like the Samsung Galaxy S6, Galaxy S7, Galaxy S8, and Galaxy S9. It also will crack open certain Android handsets made by Huawei, LG, and Xioami. And if there is a really tough phone to crack, the company has certified forensic experts that can gain access to "sensitive mobile evidence from several locked, encrypted or damaged iOS and Android devices using advanced in-lab only techniques."

Cellebrite might be the most widely known name in the industry, but it does have a rival in Grayshift. The latter's GrayKey cracking machine defeated Apple's USB Restricted Mode last summer even before iOS 12 had been released. But Grayshift appears to be more secretive of its device and methods. The company requires that users seek company approval before being allowed to enter its website and says, "GrayKey is not for everyone. We kindly request that you tell us a bit about yourself and your organization."

FEATURED VIDEO

35 Comments

1. Tipus

Posts: 913; Member since: Sep 30, 2016

So much for "most secure" :))

6. DolmioMan

Posts: 348; Member since: Jan 08, 2018

“It will also crack android devices”

18. wickedwilly

Posts: 777; Member since: Sep 19, 2018

"Most" was the word used, not "all". Google or Android OEMS do not claim the level of security Apple does.

25. sgodsell

Posts: 7621; Member since: Mar 16, 2013

"The Cellebrite website says that it can crack open Apple devices running iOS 7 to iOS 12.3." Apple and their zealots like to dream and pretend, that "what's on an iPhone, stays on an iPhone.". Yeah, right!

36. Tsepz_GP

Posts: 1226; Member since: Apr 12, 2012

This says 12.3 not 12.3.1, which is the latest. So just update your iPhone and you are fine.

39. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

Except you don't know that to be true. Truth is it could still work when iOS 13 comes out.

41. Tsepz_GP

Posts: 1226; Member since: Apr 12, 2012

Neither do you, but generally when they release these things they stipulate the exact iOS version they can hack. Until you can show me where they stipulate 12.3.1, this is limited to 12.3 which was released in early May, 12.3.1 was released in late May.

15. Dr.Phil

Posts: 2525; Member since: Feb 14, 2011

There are two things to note here: 1. This is just what the company themselves claim. Any company that wants to sell a product will claim that they have the tool to do the job. 2. It requires physical access. It also does not say exactly how long it would take to decrypt the data. I mean are we talking about hours or days or months depending on the strength of the passcode used to encrypt?

47. blingblingthing

Posts: 986; Member since: Oct 23, 2012

They have a history of going this. This is their field. Why would they be lying?

2. maherk

Posts: 7065; Member since: Feb 10, 2012

It'll be interesting to see how Peaceboy, kiko, and midan will try to spin this one.

14. Vancetastic

Posts: 1887; Member since: May 17, 2017

I’m hoping for some classic stuff from Leo, myself.

33. TheOracle1

Posts: 2340; Member since: May 04, 2015

Leo hasn't let us down. Lol

57. Vancetastic

Posts: 1887; Member since: May 17, 2017

He is quite reliable!

17. VariableCheapskate

Posts: 203; Member since: May 29, 2019

Oh I hope they do, Apple's too good at posturing for people like them, whilst everyone else under the sun is "see it to believe it".

3. 7thlvl

Posts: 60; Member since: Dec 09, 2018

Don't do bad things and you won't fear the law.

4. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

So if I'm reading this correctly, the content of any iPhone with up to iOS 12.3 can be completely retrieved and many but not all Android phones. That must be quite painful for Apple.

8. Mike88

Posts: 438; Member since: Mar 05, 2019

It's just a fake claim to scare away criminals, plus iPhones are still most secure coz no one has access to your phone, it can't be hacked over using internet,, the problem is if it gets stolen and reach a syndicate head who has this cracking machine and intention to steal your data before the anti theft feature gets him caught.... It's so unlikely.. Well yeah your information is at risk if your phone is stolen so you've to protect it from getting into wrong hands

9. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

Actually last year they still managed to steal data from iPhones without physical access, I imagine the same still applies today. But the thing is I could easily buy a device like this, it doesn't require you to be the head of any organization, be it good or bad in nature.

12. Mike88

Posts: 438; Member since: Mar 05, 2019

IPhone might not be hack proof but it's the most secure option and can be trusted more than other info stealing companies like Google and Microsoft,, Android isn't unsafe just because it's vulnerable to threats, it's unsafe coz Google itself is the theif who is stealing your info for their secret political mission. It'll be stupidity to intentionally use a much unsafe device just because the safer one isn't completely hack proof

13. Tipus

Posts: 913; Member since: Sep 30, 2016

If you think Apple doesn't do what Google does, i got some bad news for you :))

19. wickedwilly

Posts: 777; Member since: Sep 19, 2018

How can you guarantee me that an iPhone is the most secure option? How can you Guarantee Apple is not using my information? You cannot, you just believe what a company that has been less than forthcoming (being nice here) in the past. You cannot, Google is far more open to its practices and I can take steps to minimize any risks using Android phones.

21. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

Yeah, yeah, yeah, the same old Google is evil routine. Guys like you have been singing it for nearly 10 years now. Must kill you guys that during that entire decade no Android user has been significantly duped, exploited or otherwise experienced any wrongdoing at the hands of Google. Can't really say the same about Apple users though, how often was iCloud hacked again and personal data and photos compromised?

46. Mike88

Posts: 438; Member since: Mar 05, 2019

icloud hack was actually found out to be a Google account hack, the hackers hacked their Gmail accounts and got access to icloud. It never happened again coz Apple provided two way login after it so even Gmail hack wasn't enough. I'm not here to stop you from self harm... We all know how unsafe and android phone is compared to iPhones so I'm not gonna convince you to buy a phone you can't afford even

38. Tsepz_GP

Posts: 1226; Member since: Apr 12, 2012

On 12.3 but not 12.3.1, so it’s actually a small number of Apple devices that are either not supported or have not updated. This is just a lesson to keep your iOS device updated. :)

40. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

Except you couldn't be sure of that fact in the slightest. It could still work on 12.3.1, hell it could still work on the next 15 updates that will come out. You think Apple can just magically fix every exploit, even if they don't know it exists.

42. Tsepz_GP

Posts: 1226; Member since: Apr 12, 2012

They did not stipulate 12.3.1, they said 12.3 which is its own iOS version.

5. ahmadkun

Posts: 697; Member since: May 02, 2016

What happens in iPhone stay n iPhone?

7. cmdacos

Posts: 4392; Member since: Nov 01, 2016

Security is a marketing term only. It's meaningless.

10. Back_from_beyond

Posts: 1486; Member since: Sep 04, 2015

I couldn't agree more, but the illusion Apple creates does help sales.

11. Ichimoku

Posts: 188; Member since: Nov 18, 2018

remember Edward Snowden? yeah, that Snowden.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless