All iOS devices can be unlocked says maker of leading cracking device
Depending on your age, you might remember the old days when you walked into a Verizon store, bought a subsidized phone for $99 or $199, and the rep used a Cellebrite machine to transfer over your contacts to the new handset. The machines, used for data extraction, would occasionally tip us off to upcoming new phones. The Israeli company got plenty of press back in 2016 when Apple refused to comply with a federal court order to unlock the iPhone 5c belonging to San Bernardino shooter Syed Farook. This would have forced Apple to create a special version of iOS for the government, and the company was fearful that a leak would make every iPhone owner vulnerable to having his handset hacked. Eventually, the FBI paid Cellebrite to open the phone, and found no useful information.
Machines like the ones produced by Cellebrite and GrayShift plug into an iPhone's Lightning port to bypass limits on passcode attempts. Apple thought that it had put the kibosh on these "cracking" devices by adding USB Restricted Mode to iOS 12. This prevents the port from communicating with other devices if an iPhone has not been unlocked within the last hour. But Cellebrite and Apple each take turns trying to get the upper hand over the other, and now it is Cellebrite that is on top. The Cellebrite website now states (via AppleInsider) that it can "perform a full file system extraction on any iOS device, or a physical extraction or full file system (File-Based Encryption) extraction on any many high-end Android devices."
A Cellebrite Touch machine available today on eBay
On its web site, Cellebrite promotes its devices as a tool for law enforcement. "Gain access to 3rd party app data, chat conversations, downloaded emails and email attachments, deleted content and more, increase your chances of finding the incriminating evidence and bringing your case to a resolution," it says. But these devices are available for individuals to purchase. Earlier this year, we showed you how easy it is to obtain a Cellebrite machine. Several previously used devices showed up on eBay back in February, priced as low as $100.
Cellebrite says that it can crack open iPhones running iOS 7 to iOS 12.3
For those who consider the use of a Cellebrite machine to be invasive like using wiretaps, Cellebrite Chief Marketing Officer Jeremy Nazarian said last year that there is a difference. The executive pointed out that using the Cellebrite machine requires physical access to one's smartphone. "It's not like anyone is listening to your iPhone or my iPhone," Nazarian said. "There's nothing inherent in the technology that means it's open to misuse."
The Cellebrite website says that it can crack open Apple devices running iOS 7 to iOS 12.3. It also works on "high-running" Android models like the Samsung Galaxy S6, Galaxy S7, Galaxy S8, and Galaxy S9. It also will crack open certain Android handsets made by Huawei, LG, and Xioami. And if there is a really tough phone to crack, the company has certified forensic experts that can gain access to "sensitive mobile evidence from several locked, encrypted or damaged iOS and Android devices using advanced in-lab only techniques."
Cellebrite might be the most widely known name in the industry, but it does have a rival in Grayshift. The latter's GrayKey cracking machine defeated Apple's USB Restricted Mode last summer even before iOS 12 had been released. But Grayshift appears to be more secretive of its device and methods. The company requires that users seek company approval before being allowed to enter its website and says, "GrayKey is not for everyone. We kindly request that you tell us a bit about yourself and your organization."
Things that are NOT allowed: