The IT Nerd

Israel-based software developer Cellebrite is back and they’ve put out a claim that they can now crack any iDevice running any version of iOS which includes iOS 12.3 which has been out for about a month. They delivered this message by Tweet:

Cellebrite is proud to introduce #UFED Premium! An exclusive solution for law enforcement to unlock and extract data from all iOS and high-end Android devices. To learn more, click here: https://t.co/WHsaDxzoXz pic.twitter.com/BSixEkyAuL

— Cellebrite (@Cellebrite) June 14, 2019

This is further supported by a visit to the  UFED web page where the company describes the tool’s ability to glean forensic data from any iOS device dating back to iOS 7, as well as from Android devices made by Samsung, Huawei, LG, and Xiaomi.

If all of this is accurate, Cellebrite’s tool will enable authorities to potentially crack the vast majority of smartphones currently available on the market. As Wired notes, no other law enforcement contractor has made such broad claims about a single product, at least not publicly. Which means that this will likely get Apple’s attention and they’ll be taking steps to come up with countermeasures. It also means that Cellebrite’s main competition which is GrayShift will have to come out with something of their own to match Cellebrite’s features as both are competing for the dollars of law enforcement.

Cellebrite, as in the guys suspected of helping the FBI unlock a terrorist’s iPhone apparently knows of ways to unlock every iPhone that’s on the market, right up to the iPhone X, Forbes reported on Monday, citing sources:

Cellebrite, a Petah Tikva, Israel-based vendor that’s become the U.S. government’s company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 . That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

The Israeli firm, a subsidiary of Japan’s Sun Corporation, hasn’t made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren’t authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company’s literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of “Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11.” Separately, a source in the police forensics community told Forbes he’d been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple’s newest devices worked in much the same way.

Here’s the thing. There’s no source checking in this report. There is no indication that this is fact or fiction. Thus unless there is demonstrable proof that Cellebrite can actually do what they claim, I remain skeptical. And so should you.

A while ago I reported that Israel-based mobile phone forensics company Cellebrite was hacked by unknown actors. At the time, it was said that only customer data was stolen. It now appears that this is no longer the case. In the last couple of days, a data dump has appeared online containing tools for extracting data from older iPhones, Android phones, and BlackBerry phones. Motherboard has the details:

Cellebrite is an Israeli firm which specializes in extracting data from mobile phones for law enforcement agencies. The company’s flagship product, the Universal Forensic Extraction Device (UFED), typically comes as a small, laptop-sized device, and can pull SMS messages, emails, and more from thousands of different mobile phone models. The investigator needs to have physical access to the phone to analyze it.

A Motherboard investigation found that US state police and highway patrol agencies have collectively spent millions of dollars on Cellebrite technology.

The hacker claimed to have taken the newly released data from a remote Cellebrite server, and said they had extracted them from UFED images. They told Motherboard that the files were encrypted, likely in an attempt to protect Cellebrite’s intellectual property, but that they managed to bypass the protections.

“The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within,” the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin.

It’s not clear when any of this code was used in the UFED. Many of the directory names start with “ufed” followed by a different type of phone, such as BlackBerry or Samsung.

In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene—a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

Well, that’s going to make Apple, not to mention Google and BlackBerry really happy as those tools will allow them to make countermeasures against this sort of thing. Researchers are likely happy as they get to troll this info for anything interesting. You can copy and past that statement for hackers as well as they will want to use the info to make exploits. But it’s safe to say that Cellebrite is likely not happy as they’re clearly using techniques that are already in the public domain, which takes away their “street cred.”

Oh, to quote the late Steve Jobs, there’s one more thing:

“@FBI Be careful in what you wish for,” the hacker’s message reads, before signing off with a piece of ASCII art, which says “Backdoorz.”

If you recall, Apple made the point when fighting the FBI’s attempts to get them to unlock the San Bernardino Shooter’s iPhone last year was that anything that it did had the risk of becoming public which would put iPhone users everywhere at risk. It now seems that this has come true. One wonders what the blow back will be from this.