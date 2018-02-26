Israel-Based Vendor Cellebrite Can Unlock Every iPhone, including the Current-Gen iPhone X, That's On the Market: Forbes (forbes.com) 72
Cellebrite, an Israel-based company, knows of ways to unlock every iPhone that's on the market, right up to the iPhone X, Forbes reported on Monday, citing sources. From the report: Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 . That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.
The Israeli firm, a subsidiary of Japan's Sun Corporation, hasn't made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren't authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company's literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of "Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11." Separately, a source in the police forensics community told Forbes he'd been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple's newest devices worked in much the same way.
The Israeli firm, a subsidiary of Japan's Sun Corporation, hasn't made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren't authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company's literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of "Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11." Separately, a source in the police forensics community told Forbes he'd been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple's newest devices worked in much the same way.
Re: (Score:1, Funny)
I bet TIM C0CK knows all about backdoors.
Re: So they have an inside man at Apple (Score:2)
It's a bit disturbing to me (Score:5, Insightful)
Re:It's a bit disturbing to me (Score:5, Insightful)
I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.
Re: (Score:3, Insightful)
In the real world the gov't protects the gov't. Your lost privacy is their gain.
Re: (Score:2)
Welcome to a murder 1 charge with pretty damning evidence against you, all because you didn't think privacy was important.
In fact, it is those very situations that our guarantee of privacy from government snooping absent due process is intended to prevent.
Re: (Score:2)
Until your friend pranks you and you jokingly text them "I'm gonna kill you for that" in response and they end up dead a day or two later.
Make a joke about an FBI "secret society" and there'll be hell to pay.
They're really not that good. Private company (Score:3, Interesting)
>. I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.
That sounds nice, but it really wouldn't matter. Note "the intelligence agencies" can't hack iPhones, it's a private company that can. The people a the intelligence agencies really aren't that smart. It's nothing AT ALL like the movies. It's people who got a certificate in cyber security but
Re: (Score:2)
Paradox alert!
Re: (Score:2)
Re: They're really not that good. Private company (Score:2)
Note "the intelligence agencies" can't hack iPhones
Only a fool would believe that.
Re: (Score:2)
Re: (Score:2)
Re:It's a bit disturbing to me (Score:5, Interesting)
I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.
You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power.
Re: (Score:1)
Re: (Score:2, Insightful)
Funny thing is all the lefties seem to hate the govt spying on them especially without any good reason but if it happens to someone else *cough* Trump *cough* they pretend the whole thing is just a well oiled machine doing its job.
Old saying, which is why you should stand up for the rights of your enemies.
"First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.
Then they came for the Trade Unionists, and I did not speak out
Re:It's a bit disturbing to me (Score:4, Insightful)
Your government isn't working hard to bypass iPhone security.
They just paid a private company to do it for them. Doesn't sound like they have any need to focus on it at all.
Re: (Score:2)
There currently doesn't exist a way to get into many locked phones WITH due process.
These tools may allow a locked phone to be searched after a search warrant is issued.
Does Anyone Else (Score:1)
Find it weird that we have seemingly outsourced civil rights and due process to a private company? And more weird that, as a profit-oriented organization, there is some actual protection there?
Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?
Yeah, I know the story. Just commenting on what a crappy place we are in.
Re: (Score:1)
Since,... THE BEGINNING. The idea is that THEY control US. If we know what's going on we have the potential to affect outcomes and seize control. This changes the THEM/US dynamic. Bad.
Re: (Score:2)
Our government works so hard to bypass security protocols for consumer technology. OK, so perhaps I'm naive. But a government what works for it's citizens should not be so focused on breaking into our computers without due process. (thank you Patriot Act).
Israel's approach to cybersecurity is very different than the USA. Firstly, a majority of citizens must serve in the military for around 2-3 years. The cybersecurity division of their armed forces is quite substantial. Then, many if not most of those trained individuals are turned loose in the private sector. The skills learned in the military are very transferable to private practice, even if the exact vulnerabilities that a servicemember found in the military are classified and can not be used. Is it
Re: (Score:2)
The government needs to attack iPhones owned by foreign powers. It would be nice if the technology could be restricted to avoid use on citizens, but that's just not possible, except via regulations.
Look, we trust the government with: men with M-16's, fighter jets, and nukes. We have to to avoid getting conquered by China/Russia/Canada. Information warfare weapons are no less important
Re: (Score:2)
Meh - this is fine. They still need due process (eg, a warrant) - this just gives them the technical ability to get into a phone that they have the legal right to do so.
I'm not at all for building INTENTIONAL backdoors into the software (and whatever hole in the security this company is using to gain access I'd hope Apple soon finds and closes), but if they have their warrant I have no issue with them hacking into the phone if they can figure it out. IMHO it's the same as cutting the lock off of a door to
On The Bright Side... (Score:4, Insightful)
At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.
Re: (Score:2)
I thought the newer iPhones were supposed to have hardware-based encryption and security.
Re: (Score:1)
They do. And as every device till now they are susceptible to an attack where the password is brute-forced while the in-silicon failed login counter is restored (likely with the whole memory content, since it's all indeed encrypted).
To defend against such a vector one would need to ensure that external writes or reads are either not possible, or alter the state. Or very slow and expensive, which might be good enough. I am absolutely sure the solution involves some very clever electrical engineering at the v
Re: (Score:2)
I thought the newer iPhones were supposed to have hardware-based encryption and security.
Not all hardware security circuits are immune to attack though. Especially lid-off attacks where the chip is disassembled, probed and reverse engineered. There are defenses against those attacks but it take a lot of work to perfect those defenses.
Re: (Score:1)
At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.
Ha ha ha ah ahah ha. Your work aside, take a pill for that paranoia.
Re: (Score:2)
I imagine any sufficiently motivated entity can completely disassemble the silicon while recording the state, and rebuild it as needed to brute force it. I assume there's some secrecy if you're trying to race to a solution, but I assume there's something you can say on what's going to stop them from salami slicing, observing and salami slicing again?
Re: (Score:2)
Don't confuse the Jewish people with the corrupt government and intelligence apparatus of Israel. There is a reason Netanyahu has been referred for criminal prosecution.
Pinhead visits the DHS... (Score:2)
"We have such data to show you."
Forbes is a total rag these days (Score:5, Insightful)
Re:Forbes is a total rag these days (Score:5, Insightful)
Re: (Score:2)
Multi million dollar stolen phone market (Score:2)
Re: (Score:2)
This company has ways to get at the data stored on the phone, not to remove the iCloud lock and reactivate. Activating an iPhone goes through Apple, so there's really no way around this.
Those little sneakers (Score:2)