Cellebrite Says it Now Supports ‘Lawful Unlocking’ of iPhone 6 and Older Models

Cellebrite director of forensic research Shahar Tal recently tweeted out that the company's Advanced Investigative Service can now unlock and extract the full file system for the iPhone 6 and iPhone 6 Plus (via CyberScoop). To date, CAIS "supports lawful unlocking and evidence extraction" from the following iPhone generations: 4s, 5, 5c, 5s, 6, and 6 Plus. No mention has been made whether or not the developer has attempted to unlock newer-generation iPhones, including the iPhone 6s, 6s Plus, 7, or 7 Plus.


The company reportedly charges $1,500 to unlock an individual phone and $250,000 for a yearly subscription to the data extracting service. In addition to the basic system and user data it can get, the hack also targets various apps within the iPhone, including personal data stored in Uber, Facebook, Chrome, and some dating apps.

At the same time this week, Cellebrite announced the next generation of its "Content Transfer" tool, which will allow retailers and operators to fully duplicate a customer's existing iPhone onto a brand new iPhone at an average content transfer speed of 1GB per minute. The developer said this should reduce wait times in stores while also pleasing anxious customers worried about losing data when upgrading to a new iPhone generation.

Cellebrite said the most important settings get transferred in the process, including wallpaper, alarm settings, weather, photos, videos, contacts, and apps. Not included are account passwords, Wi-Fi settings, health data, and website history. The company plans to hold a demonstration of the Full Transfer service for iPhones at Mobile World Congress in Barcelona, which runs next week from February 27 – March 2.
“With content transfer speeds averaging 1 GB per minute, this new service is a complete game changer.” said Yehuda Holtzman, CEO of Cellebrite Mobile Lifecycle. “With Full Transfer, the average iPhone customer with 10GB of personal data can walk out of the store with a mirror-image of their old iPhone in just 10 minutes, offering customer experience that’s far superior to anything else available today.”
Although the developer has been most recognizably in the public eye for its relation to the Apple-FBI drama and its smartphone-cracking expertise, Cellebrite also offers a collection of services for retailers and businesses. Cellebrite Touch2 and Cellebrite Desktop power in-store smartphones and desktop computers, respectively, with software that the company claims offers flexibility by operating through a store's existing IT infrastructure to "deliver a fast, consistent service."


Earlier in February, Cellebrite found itself at the hands of a hacker when someone stole and publicly released a cache of Cellebrite's most sensitive data, including tools it uses to get into older iPhones. The hacker shared the data on Pastebin, intending to highlight the importance of the inevitability that any brute force tools aimed at bypassing encryption software "will make it out" into the public -- a prime fear of Apple CEO Tim Cook when the FBI originally demanded the company create a backdoor into the San Bernardino shooter's iPhone 5c last year.


Discuss this article in our forums

Hacker Leaks Cellebrite’s iOS Bypassing Tools, Tells FBI ‘Be Careful What You Wish For’

It's been nearly a year since a U.S. federal judge originally ordered Apple to help the FBI hack into an iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. As we learned in the months after the initial court order -- which Apple continually opposed -- the FBI enlisted the help of Israeli mobile software developer Cellebrite to open up the iPhone 5c in question.

Now a hacker has reportedly stolen and publicly released a cache of Cellebrite's most sensitive data, including its tools used to hack into older iPhones, as well as Android and BlackBerry smartphones (via Motherboard). Techniques that the firm uses to open "newer iPhones" were not included in the public posting, but it's also not clear exactly which models of iPhone are considered "older." Farook's iPhone 5c, which launched in 2013, is likely in that category.


Apple's main stance against the court order last year was its fear that creating such an operating system that bypassed the iPhone's basic security features -- essentially creating a "master key" for all iOS devices -- would set a "dangerous precedent" for the future of encryption and security. The bypass could also potentially make its way into the public and affect hundreds of millions of Apple customers, with Apple CEO Tim Cook claiming that the software the FBI wanted to use to force open Farook's iPhone was "the equivalent of cancer."

As pointed out by Motherboard, the newly leaked tools "demonstrate that those worries were justified." According to the hacker in question who shared Cellebrite's tools on Pastebin, the purpose behind the leak was to highlight the importance of the inevitability that any brute force tools aimed at bypassing encryption software "will make it out" into the public.
"The debate around backdoors is not going to go away, rather, its is almost certainly going to get more intense as we lurch toward a more authoritarian society," the hacker told Motherboard in an online chat.

"It's important to demonstrate that when you create these tools, they will make it out. History should make that clear," they continued.
Back in January the same hacker stole 900GB of sensitive Cellebrite data, but according to a Cellebrite spokesperson, only its customers' "basic contact information" had been put at risk. Delving into the cache of information, it was proven that the breach had uncovered much more detailed "customer information, databases, and a vast amount of technical data regarding Cellebrite's products."

In a README file posted alongside the more recent data dump on Pastebin, the hacker in question left a message directly addressing the FBI: "@FBI Be careful in what you wish for."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

Hacker Leaks Cellebrite’s iOS Bypassing Tools, Tells FBI ‘Be Careful What You Wish For’

It's been nearly a year since a U.S. federal judge originally ordered Apple to help the FBI hack into an iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. As we learned in the months after the initial court order -- which Apple continually opposed -- the FBI enlisted the help of Israeli mobile software developer Cellebrite to open up the iPhone 5c in question.

Now a hacker has reportedly stolen and publicly released a cache of Cellebrite's most sensitive data, including its tools used to hack into older iPhones, as well as Android and BlackBerry smartphones (via Motherboard). Techniques that the firm uses to open "newer iPhones" were not included in the public posting, but it's also not clear exactly which models of iPhone are considered "older." Farook's iPhone 5c, which launched in 2013, is likely in that category.


Apple's main stance against the court order last year was its fear that creating such an operating system that bypassed the iPhone's basic security features -- essentially creating a "master key" for all iOS devices -- would set a "dangerous precedent" for the future of encryption and security. The bypass could also potentially make its way into the public and affect hundreds of millions of Apple customers, with Apple CEO Tim Cook claiming that the software the FBI wanted to use to force open Farook's iPhone was "the equivalent of cancer."

As pointed out by Motherboard, the newly leaked tools "demonstrate that those worries were justified." According to the hacker in question who shared Cellebrite's tools on Pastebin, the purpose behind the leak was to highlight the importance of the inevitability that any brute force tools aimed at bypassing encryption software "will make it out" into the public.
"The debate around backdoors is not going to go away, rather, its is almost certainly going to get more intense as we lurch toward a more authoritarian society," the hacker told Motherboard in an online chat.

"It's important to demonstrate that when you create these tools, they will make it out. History should make that clear," they continued.
Back in January the same hacker stole 900GB of sensitive Cellebrite data, but according to a Cellebrite spokesperson, only its customers' "basic contact information" had been put at risk. Delving into the cache of information, it was proven that the breach had uncovered much more detailed "customer information, databases, and a vast amount of technical data regarding Cellebrite's products."

In a README file posted alongside the more recent data dump on Pastebin, the hacker in question left a message directly addressing the FBI: "@FBI Be careful in what you wish for."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

Leaked Documents Reveal What Kind of Data Cellebrite Can Extract From iPhones

Israeli mobile software developer Cellebrite gained media attention earlier this year when rumors suggested the FBI recruited the company to unlock San Bernardino shooter Syed Farook's iPhone. While the FBI did not enlist Cellebrite's help, the company does have technology licensed by governments that can extract iPhone data. ZDNet has obtained documents that reveal the scope of this technology.

cellebrite
The leaked files are "extraction reports," which are organized to allow investigators to easily see and analyze data from a phone. Extraction is conducted by plugging the phone into a Cellebrite UFED device. While the device is primarily for extracting information currently on the phone it can, in some cases, extract recently deleted items. The phone at the heart of ZDNet's extraction report was an non-passcode protected iPhone 5 running iOS 8.

The first couple pages of the report include case numbers and unique identifying information for the device, including phone number, IMEI numbers and Apple ID. In these first pages, the report also divulges which plugins the software used to extract information from the device. These plugins can help the software extract data from QuickTime and iPhone backups.

The report compiles geolocation data from every photo taken on the device and visualizes it on a map, allowing an investigator to easily see when and where a person was. Text messages are organized in chronological order, which makes it easier for investigators to track conversations. The wireless networks a device has connected to are also logged, including the MAC address of the router, encryption type and the time last connected to the network.

Call log information includes whether the call is incoming or outgoing, the time, date, the other number on the call, and the duration of the call. Contacts, installed apps and user accounts on the device are also collected. Configurations and databases from apps, which include settings and cache data, are included in collection. Notes and voice mails are also extracted.

Finally, Cellebrite's technology includes an analytics engine that can figure out how many actions have taken place per phone number. For instance, it can tell investigators how many calls and text messages have occurred with each contact.

Cellebrite notes that its UFED device cannot crack passcodes on iPhone 4s and later. iPhone 5s and later come with a secure enclave co-processor that makes it even more difficult to crack for information. In November, Cellebrite signed a deal with the Indian government to provide technology to bypass locked iPhones.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums