Cellebrite says they can unlock any iOS device
Company says the process requires physical access to device
If you’re an iPhone or iPad users, you may have reason to be concerned. A Israeli security company called Cellebrite has announced that they have found a way to extract data from all iOS devices ever made. According to Apple, there are roughly 1.4 billion devices in the market, meaning that if Cellebrite’s claims are true, there is an unintentional backdoor on all iOS devices that allows all security measures on the device to be circumvented.
The reason this claim merits concern is because Cellebrite is the same security company that unlocked the iPhone 5c belonging to the San Bernardino shooter. This was the same iPhone that Apple said they could not unlock due to the fact that too many attempts had been made to unlock the phone. The FBI tried to pressurise Apple into creating a version of iOS with backdoors in it, but Apple refused, citing that if a backdoor was ever built into iOS, there was no way to guarantee that it would not fall into the wrong hands.
It appears that Cellebrite may have discovered an unintentional backdoor of sorts. On the company’s page, it says that they can unlock any iOS device running on any iOS version between iOS 7 and iOS 12.3. The company claims that it can determine passcodes and perform unlocks for Apple devices, giving law enforcement the ability to extract all information stored in the file system. Turns out, law enforcement would not even have to send the device to Cellebrite for this, but the company does say that they take misuse very seriously, and have a multi-step process in place designed to authenticate the validity of the unlock request. Additionally, the process requires physical access to the device, and cannot be performed over the air.
This is something that should be alarming to Apple and Apple customers alike. Being able to extract the entire file system in addition to specific app data and even deleted content is a massive red flag. While Cellebrite has tried to assure that they do the utmost to prevent misuse, their devices have been found on eBay for as little as $100.
Apple has always played cat-and-mouse with the hacker community, with the jailbreakers who have continued to find ways to bypass the file-system restrictions baked into iOS and now, with law enforcement and security researchers who are constantly trying to bypass Apple’s security to extract personal data from the phone. Hopefully, in the upcoming version of iOS, Apple will be able to patch the vulnerability being exploited by Cellebrite.
Follow Us
Digit NewsDesk
Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile
