Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Iphone Government Security

Israel-Based Vendor Cellebrite Can Unlock Every iPhone, including the Current-Gen iPhone X, That's On the Market: Forbes (forbes.com) 146

Cellebrite, an Israel-based company, knows of ways to unlock every iPhone that's on the market, right up to the iPhone X, Forbes reported on Monday, citing sources. From the report: Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 . That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

The Israeli firm, a subsidiary of Japan's Sun Corporation, hasn't made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren't authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company's literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of "Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11." Separately, a source in the police forensics community told Forbes he'd been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple's newest devices worked in much the same way.

This discussion has been archived. No new comments can be posted.

Israel-Based Vendor Cellebrite Can Unlock Every iPhone, including the Current-Gen iPhone X, That's On the Market: Forbes

Comments Filter:
  • by Anonymous Coward on Monday February 26, 2018 @02:15PM (#56189639)
    Our government works so hard to bypass security protocols for consumer technology. OK, so perhaps I'm naive. But a government what works for it's citizens should not be so focused on breaking into our computers without due process. (thank you Patriot Act).
    • by alvinrod ( 889928 ) on Monday February 26, 2018 @02:21PM (#56189703)
      A government that worked for its people would be helping companies like Apple, Google, etc. to harden their security systems instead of trying to pry into them. That may make it more difficult for law enforcement to arrest or convict a few people, but it does significantly more to protect citizens from scammers and other threats.

      I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.
      • by raymorris ( 2726007 ) on Monday February 26, 2018 @02:55PM (#56189949) Journal

        >. I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

        That sounds nice, but it really wouldn't matter. Note "the intelligence agencies" can't hack iPhones, it's a private company that can. The people a the intelligence agencies really aren't that smart. It's nothing AT ALL like the movies. It's people who got a certificate in cyber security but couldn't get a job in the private sector, which pays better (but expects you to know wtf you're doing). You think Google wastes a lot of time talking about PC bullshit? You should see government! Government doesn't hire the best people. They hire the "disadvantaged" people.

        Many, many private companies are in the business of "helping companies identify security weaknesses and shore them up". Heck you can get services from companies like Alert Logic for tens of dollars per month; does your company have static analysis and daily scans?

        • Note "the intelligence agencies" can't hack iPhones

          Only a fool would believe that.

        • I think it really depends upon which intelligence agency we're talking about. There's probably your rank and file bottom feeders that couldn't find their ass with a map and a flashlight, but that's true of any organization and I'm pretty sure that anyone working in the private sector can point to several pristine examples of such individuals. However, there are also some government types that create things like Stuxnet and do some other nasty bits of work that the public will never hear about, so there are
        • That's a nice anti-government rant you have there but unfortunately it has little basis in reality. All of the biggest hacks have been perpetrated by nation-states: Stuxnet and the Kaspersky infections come to mind. Regardless of that, given that many of the government programs that generate hacking tools are classified, how can you claim that you could even begin to know how competently they operate? Before you cite the Snowden leaks, keep in mind that they are almost five year old now and I'm sure the
          • Kaspersky suggested that NSA may have, at one time, used code which was also used by authors of Stuxnet. We also know they purchased much of the code they used. That's quite far from "the authors of Sticker were NSA employees". There is no evidence that the developers were NSA employees. Indeed the fact that similar code is also found in incidents for which NSA has no motive strongly suggests that NSA is but one of the clients/friends of the authors.

            > how can you claim that you could even begin to know

            • Fun fact:
              The government won't pay more because it's unfathomable that low level engineers should make more than the director of national intelligence.

              The top people in our government can't grok why a low level employee with rare skills might make more than a guy who takes a job that has a pipeline of 100s of potential applicants all gunning for a seat. We have the best and brightest at the helm!

        • They hire the "disadvantaged" people.

          Having worked with some of the governments "security experts", I can confidently confirm this.

      • by jwhyche ( 6192 ) on Monday February 26, 2018 @04:26PM (#56190591) Homepage

        I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

        You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power.

        • by Trogre ( 513942 )

          And now they've conned gullible liberals into taking away your guns so you can't fix it like you were supposed to.

          • And now they've conned gullible liberals into taking away your guns so you can't fix it like you were supposed to.

            Perhaps you don't live in the US, but there hasn't been any attempt to remove guns from anyone. You didn't happen to post this from Russia, did you?

        • by T.E.D. ( 34228 )

          I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up,...

          You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only.

          Gathering intelligence. That is literally their job.

          You might think it would be nice if some agency spend taxpayer $ all day helping software vendors to harden their OS's, and you may even be right. But no such agency exists today, and if Congress were to create one, it would most likely be a separate agency.

      • Comment removed based on user account deletion
    • by Anonymous Coward
      Ostensibly, the reason for breaking common encryption is because our adversaries are also using the same encryption in their efforts to undermine our security. At face value I don't think anyone would object to our country using all assets at its disposal to gather intelligence that could possibly save lives. The problem comes when our own privacy and liberty are undermined to achieve this objective.
    • by viperidaenz ( 2515578 ) on Monday February 26, 2018 @02:30PM (#56189789)

      Your government isn't working hard to bypass iPhone security.

      They just paid a private company to do it for them. Doesn't sound like they have any need to focus on it at all.

    • There currently doesn't exist a way to get into many locked phones WITH due process.

      These tools may allow a locked phone to be searched after a search warrant is issued.

      • by StormReaver ( 59959 ) on Monday February 26, 2018 @05:12PM (#56190855)

        These tools may allow a locked phone to be searched after a search warrant is issued.

        Or, more likely, allow the FBI/NSA to bypass the warrant entirely by saying, "We didn't do it. A private company, not subject to the constraints of warrants, did it. We just happened to stumble upon the results." They're quite fond of Parallel Construction and its bastard children.

        • by T.E.D. ( 34228 )

          ...that company would likely find itself sued. Quick history: What enabled Ralph Nader to found his first consumer organization was his invasion of privacy lawsuit after GM got caught tapping his phones.

          There's a REASON all those telecom companies insist on getting warrants before turning over personal info, and it isn't because they are all good citizens.

        • "Yes, Your Honor, the iPhone accidentally found itself in a shipment to Israel, and somebody, not us, must have paid the company, because imagine our surprise when we found...." To use for that purpose, the LEOs would have to have some sort of method to just take a phone and crack it, not send it to an Israeli company.

          Parallel construction is used when they can covertly get information by illegitimate means. This isn't covert.

    • by Anonymous Coward

      Find it weird that we have seemingly outsourced civil rights and due process to a private company? And more weird that, as a profit-oriented organization, there is some actual protection there?

      Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?

      Yeah, I know the story. Just commenting on what a crappy place we are in.

      • Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?

        Since,... THE BEGINNING. The idea is that THEY control US. If we know what's going on we have the potential to affect outcomes and seize control. This changes the THEM/US dynamic. Bad.

      • We haven't outsourced civil rights. LEOs would have to send the phones to the company, and that's going to be pretty obvious if done without a warrant.

    • by dj245 ( 732906 ) on Monday February 26, 2018 @03:08PM (#56190041) Homepage

      Our government works so hard to bypass security protocols for consumer technology. OK, so perhaps I'm naive. But a government what works for it's citizens should not be so focused on breaking into our computers without due process. (thank you Patriot Act).

      Israel's approach to cybersecurity is very different than the USA. Firstly, a majority of citizens must serve in the military for around 2-3 years. The cybersecurity division of their armed forces is quite substantial. Then, many if not most of those trained individuals are turned loose in the private sector. The skills learned in the military are very transferable to private practice, even if the exact vulnerabilities that a servicemember found in the military are classified and can not be used. Is it any surprise that Israel has a comparatively high percentage of cybersecurity companies?

      The US system appears to work mostly in reverse (to an outside observer). The NSA and other agencies find vulnerabilities and then keep them secret. Turnover to and from the private sector isn't as high as the Israeli system. The US military sector does a comparatively worse job training these skills and distributing them to the market, where they may do more good than spying on Angela Merkel.

    • But a government what works for it's citizens should not be so focused on breaking into our computers without due process.

      The government needs to attack iPhones owned by foreign powers. It would be nice if the technology could be restricted to avoid use on citizens, but that's just not possible, except via regulations.

      Look, we trust the government with: men with M-16's, fighter jets, and nukes. We have to to avoid getting conquered by China/Russia/Canada. Information warfare weapons are no less important

      • The entire Pentagon budget is worth it just so we don't have to put up with Canadians bragging about how they burned down the white house again, until the end of time. That'd just be insufferable. A Russian or Chinese invasion pales in comparison.
    • by MBGMorden ( 803437 ) on Monday February 26, 2018 @04:47PM (#56190707)

      Meh - this is fine. They still need due process (eg, a warrant) - this just gives them the technical ability to get into a phone that they have the legal right to do so.

      I'm not at all for building INTENTIONAL backdoors into the software (and whatever hole in the security this company is using to gain access I'd hope Apple soon finds and closes), but if they have their warrant I have no issue with them hacking into the phone if they can figure it out. IMHO it's the same as cutting the lock off of a door to gain entry to a building they've secured a warrant to.

  • by TechyImmigrant ( 175943 ) on Monday February 26, 2018 @02:16PM (#56189659) Homepage Journal

    At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.

    • by PPH ( 736903 )

      I thought the newer iPhones were supposed to have hardware-based encryption and security.

      • by Anonymous Coward

        They do. And as every device till now they are susceptible to an attack where the password is brute-forced while the in-silicon failed login counter is restored (likely with the whole memory content, since it's all indeed encrypted).

        To defend against such a vector one would need to ensure that external writes or reads are either not possible, or alter the state. Or very slow and expensive, which might be good enough. I am absolutely sure the solution involves some very clever electrical engineering at the v

        • > I am absolutely sure the solution involves some very clever electrical engineering at the very edge of the state of the art in IC design.

          Yep. You're right on the ball there. that's what I meant by primitives. Circuits that raise the security bar beyond the government actor level.

      • I thought the newer iPhones were supposed to have hardware-based encryption and security.

        Not all hardware security circuits are immune to attack though. Especially lid-off attacks where the chip is disassembled, probed and reverse engineered. There are defenses against those attacks but it take a lot of work to perfect those defenses.
         

        • by PPH ( 736903 )

          lid-off attacks where the chip is disassembled

          This is the case where I've done something Really Bad and they've recovered my phone from my dead body. And since I'm not a complete moron, it's unlikely that I'd use my phone while doing Evil anyway.

          If they sneak in and lift my phone from the gym locker, all I have to worry about is stuff that they can put back as it was before I'm done on the treadmill.

          • lid-off attacks where the chip is disassembled

            This is the case where I've done something Really Bad and they've recovered my phone from my dead body. And since I'm not a complete moron, it's unlikely that I'd use my phone while doing Evil anyway.

            If they sneak in and lift my phone from the gym locker, all I have to worry about is stuff that they can put back as it was before I'm done on the treadmill.

            Criminals will be criminals and they often aren't smart enough to leave the phone at home. However plenty of governments are evil and tech companies have insider attacks. So the need to protect information remains real.

      • They do. There's no such thing as perfect security. There's got to be flaws somewhere.

        What the Secure Enclave mostly does is ensure that the PIN/password can't be brute-forced, and keep the AES-256 key where it can't normally be extracted. This is a massive improvement over the 5C or earlier, but it seems unlikely to me that there's no point of attack. If you're not worried about putting anything back, you can try to figure out things at the hardware level. It won't be easy, and I don't know how pra

    • At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.

      Ha ha ha ah ahah ha. Your work aside, take a pill for that paranoia.

    • I imagine any sufficiently motivated entity can completely disassemble the silicon while recording the state, and rebuild it as needed to brute force it. I assume there's some secrecy if you're trying to race to a solution, but I assume there's something you can say on what's going to stop them from salami slicing, observing and salami slicing again?

  • "We have such data to show you."

  • by kalpol ( 714519 ) on Monday February 26, 2018 @02:19PM (#56189685)
    No source checking and very little editing of their crowd-sourced articles. I have not seen this claim reported by any legitimate sources.
    • by msmash ( 4491995 ) Works for Slashdot on Monday February 26, 2018 @02:30PM (#56189791)
      I agree with your general assessment of Forbes. They do have a contributor program which many people have been abusing for years by writing misleading articles. However, this particular story is written by a full-time staff reporter there. It's his scoop, and many reputed security journalists have shared it on social media, lending it more credibility. (Also, in general, we avoid linking back to Forbes because of its annoying daily quote thingy and stand on adblockers.) Opinion on Forbes is mine and it does not reflect the views of other people on Slashdot's staff.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Normally I'd agree with you over msmash, but not after having gone through Israeli security at one of the smaller regional airports (SDV). I've seen/had them use the tools on me. I had an Indonesian visa in my passport among others, and a very old photo with long hair. I guess I set off some red flags.

      At security they confiscated my iPhone 6, which had the boarding pass pulled up in my email app. When I got it back it was the last email I sent to my father. For whatever reason they couldn't also use the

  • You can buy stolen iPhone phones dirt cheap (often for on a few dollars on older models), the all important stolen logic boards are damn near free. It's basically only worth stripping it down and selling the parts individually. But, If it was as simple as a 10 minute software upgrade, you could make Coke dealer money in no time selling unlocked iPhones as long as you were the only one doing it. Of course carrier lockouts are another matter but bypassing an iCloud lock would be extremely profitable.
    • This company has ways to get at the data stored on the phone, not to remove the iCloud lock and reactivate. Activating an iPhone goes through Apple, so there's really no way around this.

  • Cos tells Marty, "We can change the world!"

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...