Cellebrite Says it Now Supports 'Lawful Unlocking' of iPhone 6 and Older Models

Discussion in 'iOS Blog Discussion' started by MacRumors, Feb 24, 2017.

  1. MacRumors macrumors bot


    Apr 12, 2001

    Cellebrite director of forensic research Shahar Tal recently tweeted out that the company's Advanced Investigative Service can now unlock and extract the full file system for the iPhone 6 and iPhone 6 Plus (via CyberScoop). To date, CAIS "supports lawful unlocking and evidence extraction" from the following iPhone generations: 4s, 5, 5c, 5s, 6, and 6 Plus. No mention has been made whether or not the developer has attempted to unlock newer-generation iPhones, including the iPhone 6s, 6s Plus, 7, or 7 Plus.

    The company reportedly charges $1,500 to unlock an individual phone and $250,000 for a yearly subscription to the data extracting service. In addition to the basic system and user data it can get, the hack also targets various apps within the iPhone, including personal data stored in Uber, Facebook, Chrome, and some dating apps.

    At the same time this week, Cellebrite announced the next generation of its "Content Transfer" tool, which will allow retailers and operators to fully duplicate a customer's existing iPhone onto a brand new iPhone at an average content transfer speed of 1GB per minute. The developer said this should reduce wait times in stores while also pleasing anxious customers worried about losing data when upgrading to a new iPhone generation.

    Cellebrite said the most important settings get transferred in the process, including wallpaper, alarm settings, weather, photos, videos, contacts, and apps. Not included are account passwords, Wi-Fi settings, health data, and website history. The company plans to hold a demonstration of the Full Transfer service for iPhones at Mobile World Congress in Barcelona, which runs next week from February 27 - March 2.
    Although the developer has been most recognizably in the public eye for its relation to the Apple-FBI drama and its smartphone-cracking expertise, Cellebrite also offers a collection of services for retailers and businesses. Cellebrite Touch2 and Cellebrite Desktop power in-store smartphones and desktop computers, respectively, with software that the company claims offers flexibility by operating through a store's existing IT infrastructure to "deliver a fast, consistent service."

    Earlier in February, Cellebrite found itself at the hands of a hacker when someone stole and publicly released a cache of Cellebrite's most sensitive data, including tools it uses to get into older iPhones. The hacker shared the data on Pastebin, intending to highlight the importance of the inevitability that any brute force tools aimed at bypassing encryption software "will make it out" into the public -- a prime fear of Apple CEO Tim Cook when the FBI originally demanded the company create a backdoor into the San Bernardino shooter's iPhone 5c last year.

    Article Link: Cellebrite Says it Now Supports 'Lawful Unlocking' of iPhone 6 and Older Models
  2. TopToffee macrumors 6502a

    Jul 9, 2008
    Excellent - so now they've announced this, we can expect these tools to be posted online for anyone to get hold of... shortly, I would imagine.
  3. B.K. macrumors regular

    Sep 5, 2014
    Is this a brute force unlock? Or are they able to bypass the secure enclave?
    It was understandable on pre 5 phones, but this sounds like very bad news.
  4. JetLaw macrumors member


    Jan 21, 2009
    I'd really like to know the specifics of this alleged capability. There is a huge difference between the ability to easily brute force a four digit PIN as opposed to a high entropy alphanumeric password.
  5. MI MacGuy macrumors regular

    Aug 22, 2014
    And people wondered by APFS and all of its encryption features were so important...
  6. Saipher macrumors demi-god


    Oct 25, 2014
    I'm hoping this will all change with the implementation of APFS, at least on newer devices.
  7. 8012R3 macrumors member

    Aug 18, 2014
  8. now i see it macrumors 68030

    Jan 2, 2002
    iPhone = not secure. The ruse is over.
    Oh, but wait! The next iPhone 7S can not be hacked. Time to upgrade everyone!
  9. brendu macrumors 68020

    Apr 23, 2009
    The iPhone is probably the most secure phone available. That doesn't make it impenetrable. If someone is truly concerned about their digital privacy then they won't do anything using a smartphone that they don't want others to see. Obviously we all have a right to privacy but if you don't want the NSA or FBI to see what's on your phone, the only guaranteed way for that to happen is to not have anything on the phone.
  10. JungeQuex macrumors regular

    Sep 16, 2014
    This is law enforcement's best friend right here.
  11. one more macrumors 6502a

    one more

    Aug 6, 2015
    Does not it use the same chip as 6S? If so, it is safe.
  12. brendu macrumors 68020

    Apr 23, 2009
    For now...
  13. now i see it macrumors 68030

    Jan 2, 2002
    Perhaps the days of keypad entry passwords are coming to an end and the keys of the future to unlock an iPhone will require several biometrics... finger print + 3D facial scanning + iris scanning.
  14. naeS1Sean macrumors 6502a


    Oct 14, 2011
    Scranton, PA
    To hell with privacy if you use the internet.
  15. B.K. macrumors regular

    Sep 5, 2014
    Is there really a difference in the ability? I would think it would just take longer, but the ability is just the same.
  16. nexu macrumors member

    Feb 24, 2017
    How is A9 more secure than for example A7? I'm curious
  17. Sasparilla, Feb 24, 2017
    Last edited: Feb 24, 2017

    Sasparilla macrumors 65816

    Jul 6, 2012
    The problem with what you're saying here, is at least in the U.S., courts (for the most part) aren't seeing an issue with the govt utilizing your biometrics against your will (cause they could take your fingerprints before).

    At this point, if you care about the privacy of what you have on your daily driver smartphone - you'd want to take a burner phone instead with as little on it as possible if going out/in the U.S. (and just expect customs to make a copy of everything on it). As a last resort, factory reset with wiping all data prior to landing (not sure if cellebrite might still be able to still get stuff out of the storage still).

    As this guy found out (U.S. born, Indian heritage, works for NASA at the JPL) you never know when they're going to make a permanent record of everything on the smartphone you use coming into the U.S. or when the political conditions might change (in the future) to make it useful to the govt (they took it away for 30 mins after he gave them the access code):

  18. Carlanga macrumors 604


    Nov 5, 2009
    iPhone 6+ came out in 2014, more than two years ago. You can still have a 6S or a 7 since this doesn't work with them. Do you want security to last forever or something? Stuff gets hacked, get over it.
  19. Dan From Canada macrumors member

    Jul 19, 2016
    If it can be made, it can be broken.

    With that in mind, be very, very careful what you have stored on your phone.

    It's a given that if it can be seen by someone other than you it probably will.
  20. PR1985 macrumors 6502a

    Jun 16, 2016
    Unlock the full file system... Okay, so iOS 10.3 with APFS can´t come soon enough.
  21. Sasparilla macrumors 65816

    Jul 6, 2012
    I didn't think there was a big increase in security between the 6, 6s or the 7.

    If this is the case, the door is open for government access at this point (although that's probably a good assumption to operate on at all times with a smartphone).

    Anyone know of any big changes in the security architecture between the 6, 6s or 7?
  22. sebastienbarre macrumors newbie


    Feb 24, 2017
    It doesn't matter either way. I was on jury duty a couple of weeks ago for a criminal case in Upstate NY. Upsetting case, but nobody died, mind you. And yet, I was baffled that the criminal police department in the *hamlet* of Latham, NY had a license of Cellebrite's UFED. It made short work of the defendant's Android phone. The device was turned on in a Faraday cage, to avoid a remote wipe. If unlocking can't be performed at this point, they just remove the chip (they did), and UFED bypasses all encryption. Your privacy is gone, it recovers a *lot* of data, not only TXT messages, but TXT that you deleted recently, as well as data from a whole bunch of apps like Snapchat. It will show which apps you had installed and when you acquired said apps -- in this case, *several* apps meant to "clean" the Android had been recently purchased, a damning hint that they were trying to erase their tracks after deleting TXT messages. The only reason the victim's iPhone wasn't extracted just as easily is because the police didn't have the latest version of UFED, which is being advertised in this phone. From my understanding, only iPhone 7 are out of reach right now, but it's a matter of time....
  23. PR1985 macrumors 6502a

    Jun 16, 2016
    You said it, Android.;)
  24. OldSchoolMacGuy Suspended


    Jul 10, 2008
    They and others (myself included) have been selling these tools to law enforcement for nearly 10 years. Go and see how many you find available online.
    --- Post Merged, Feb 24, 2017 ---
    These tools are used by government law enforcement. If they have your device, chances are almost certain that they have every right to examine it and in most cases have a court order to do so.

    So yes, lawful in almost every case.

Share This Page