The Feds (and Others) Can Probably Unlock Any iPhone Ever Made
Here’s something you don’t hear every day.
Cellebrite, a cell phone hacking vendor based in Petah Tikvah, Israel, claims that they can unlock any iPhone ever made, including the iPhone X running iOS 11.2.6 .
Cellebrite, who offers their services to the highest bidder – mostly law enforcement and governments, both ones that have a better track record with privacy and those that have a horrible privacy record such as Russia – has made a business out of offering forensics services pretty much to anyone who’s check will clear. That is probably being a bit unfair, but they were hacked themselves last year and from the data that was released, the statement above does not appear to be too far off.
In any case, typically the newer phones are harder to hack. You may remember that the FBI paid someone over a million dollars to hack into the iPhone of the San Bernadino shooter after the FBI did not reach out to Apple in a timely manner and get directions on how to unlock it. In the case of iPhones, usually waiting is your enemy because after a phone is locked for too long, extra security features kick in making it harder to unlock.
Apple adds new security features with every release, so it is especially embarrassing to Apple that their newest flagship phone – one that costs over a thousand dollars at retail – running its newest operating system can, apparently, be popped open like a can of Coke or Pepsi.
This hacking process is typically a cat and mouse game – the hackers figure out how to break in and Apple fixes it after they find out and the process starts over.
In this case, in order to maintain their revenue stream for as long as possible, Cellebrite has added a twist to the unlock process.
Normally the unlock features are added to their software which police departments and repressive governments license for an annual fee. This time the agency has to send the phone to Cellebrite which will charge them a fee of around $1,500 per phone to unlock and they will return the phone unlocked.
Lets say that governments and others send them just 1,000 phones – the NY DA alone said that he had 400 phones that he would like unlocked, so that number is stupid low – then that would generate an extra million and a half dollars to their revenue for the year.
The other thing that it does is protect the bug that they found from being identified and fixed by Apple. There are likely businesses who are friendly to Apple and who have licensed Cellebrite’s software. If unlock feature was added to the software then Apple would connect a test phone with extra debug features to the Cellebrite software and likely figure out exactly what Cellebrite is exploiting so that they can plug the hole.
So this method – forcing the cops to write a check and send them the phone both provides a major revenue boost and preserves the bug for a longer time.
All that not withstanding, I am sure that Apple is scratching their collective heads trying to figure out what Cellebrite is doing.
And, just to be clear, this is not a theoretical issue. Homeland Security has already written a check to get at least one iPhone X unlocked.
If you are a terrorist or someone who would prefer that the feds or other repressive governments can’t see what is on your phone, do not count on Apple to be able to provide that to you, at least for now.
Information for this post came from Forbes.