Cellebrite director says firm now doing 'lawful' extraction of data through iPhone 6

Posted:
in iPhone edited February 2017
Cellebrite -- the firm thought to be responsible for helping the FBI extract data from the iPhone of San Bernardino shooter Syed Rizwan Farook -- is doing "lawful unlocking and evidence extraction" from Apple devices through the iPhone 6 and 6 Plus, according to the company's Forensics Research director.




"Cellebrite's CAIS now supports lawful unlocking and evidence extraction of iPhone 4S/5/5C/5S/6/6+ devices (via our in-house service only)," Shahar Tal said on Twitter. CAIS refers to the company's Advanced Investigative Services division, which offers data extraction for criminal investigations even when devices are encrypted or damaged.

The firm's website still only promises "the physical extraction of data" from the iPhone 4S, 5, and 5c. Farook's phone was a 5c.

It's not clear why Cellebrite is unable to handle the iPhone 6s or 7 -- at least officially -- but the limitation appears to be the processors involved, topping out at the A8 used in the iPhone 6 line. Similarly-equipped iPads are allegedly within reach.

The A7 and A8 should in theory make Apple devices difficult to hack physically, since they include a Secure Enclave that stores Touch ID data. Indeed people who tried updating an iPhone 6 to iOS 9 ran into error messages if they'd had unauthorized repairs affecting the Touch ID system.

On Monday, three major news organiztions -- the Associated Press, USA Today, and Vice -- insisted that the U.S. government disclose basic information about the tool used to unlock Farook's iPhone, including the source company and how much it cost. The Justice Department has offered very few details, claiming anything more might result in groups developing "countermeasures" against the FBI.

The Department initially sought to persuade Apple to build a backdoor into Farook's phone, but relented when it found third-party help. Apple argued that it couldn't be compelled to write new code, and that doing so in this case would permanently weaken iOS security.

Comments

  • Reply 1 of 10
    It would be funny if they put "lawful" in quote in their press release, perhaps followed by a [nudge nudge, wink wink].  Almost anything can be "lawful" if you do it in the right country.
  • Reply 2 of 10
    "The A8 should in theory make Apple devices difficult to hack physically, since it includes a Secure Enclave that stores Touch ID data." Just to note: Secure Enclave debuted in A7 for iPhone 5S.
    lostkiwi
  • Reply 3 of 10
    Apple should try to buy this company.
  • Reply 4 of 10
    Apple should try to buy this company.
    For what purpose? How would it add value?
  • Reply 5 of 10
    So much for needing to force Apple,
    to build in a back doors.      ….Never ever ever. Please!

    If anything, Apple needs to keep improving their security, and staying ahead of
    Los Federales.

    And No,  ….I Use 100% Nothing of Google, Facebook, etc.

    my online persona, is 100% tied to "an online persona email address". …that I never ever use.

  • Reply 6 of 10
    They probably need to physically take apart the phones to do something now, not for the faint of heart and very expensive.
    Wonder if it's dependent on hardware or if there is also a software dependency (ios version and firmware) to the hack.
    lostkiwi
  • Reply 7 of 10
    MplsPMplsP Posts: 1,115member
    Apple should try to buy this company.
    For what purpose? How would it add value?
    Well, they could just patent the methods used and then shut down the company so they could improve their security image, but then the government would have a greater argument for forcing them to write custom software.

    Foggyhill - I remember reading a story some time back about this and yes, it involved disassembling the phone, removing components and some other custom maneuvers that, as you said, were not for the faint of heart.
  • Reply 8 of 10
    MplsP said:
    Apple should try to buy this company.
    For what purpose? How would it add value?
    Well, they could just patent the methods used and then shut down the company so they could improve their security image, but then the government would have a greater argument for forcing them to write custom software.

    Foggyhill - I remember reading a story some time back about this and yes, it involved disassembling the phone, removing components and some other custom maneuvers that, as you said, were not for the faint of heart.
    You really think someone else won't come along that does a similar thing, better?
  • Reply 9 of 10
    MplsP said:
    Apple should try to buy this company.
    For what purpose? How would it add value?
    Well, they could just patent the methods used and then shut down the company so they could improve their security image, but then the government would have a greater argument for forcing them to write custom software.

    Foggyhill - I remember reading a story some time back about this and yes, it involved disassembling the phone, removing components and some other custom maneuvers that, as you said, were not for the faint of heart.
    They'd be better trying to hire the people, I would assume apple has security engineers on it's books who's sole purpose is to test the iPhone's security. Maybe these guys are better at it and having them on board would be beneficial for knowing the holes and backdoors to plug before products go public.
  • Reply 10 of 10
    foggyhillfoggyhill Posts: 4,767member
    When I'm talking taking it apart, I'm taking just disassembly here, it's more like open heart surgery on the chips themselves...
    That's as high a competency in hacking that you can get.
    Most "hackers" are mere script kiddies compared to that.

    Though I've got a feeling that some firmware holes could be in play too.
    Apple did hire top experts in firmware security in the last year...

    Getting the keys from  the enclave without destroying the phone (destroying the keys) is some hot shit!
    edited February 2017 stourque
Sign In or Register to comment.