Cellebrite can unlock any iPhone (for some values of “any”)

Enlarge (credit: Jaap Arriens/NurPhoto via Getty Images)

Cellebrite—the Israel-based forensics company that has been a key source for law enforcement in efforts to crack the security of mobile devices to recover evidence—has reportedly found a way to unlock Apple devices using all versions of the iOS operating system up to version 11.2.6, the most recent update pushed out to customers by Apple. The capability is part of Cellebrite’s Advanced Unlocking and Extraction Services, a lab-based service the company provides to law enforcement agencies—not a software product.

But security experts are dubious of any claim that Cellebrite can defeat the encryption used by iOS to protect the contents of Apple devices. Rather, they suggest Cellebrite’s “Advanced Unlocking Services” may have found a way to bypass the limits on PIN or password entry enforced by interfering with the code that counts the number of failed attempts—allowing the company’s lab to launch a brute-force attack to try to discover the passcode without fear of the device erasing its cryptographic key and rendering the phone unreadable. With a sufficiently secure password, it would be nearly impossible for the technique to recover the contents of the device.

Forbes’ Thomas Fox-Brewster reports that a Cellebrite spokesperson confirmed the claim, first found in leaked Cellebrite marketing material, stating that “Cellebrite can retrieve (without needing to root or jailbreak the device) the full file system to recover downloaded emails, third-party application data, geolocation data, and system logs. Agencies can either provide the device already unlocked, furnish the known passcode, or use Cellebrite’s Advanced Unlocking Services to unlock the device.”

Read 5 remaining paragraphs | Comments

Biz & IT – Ars Technica