Cellebrite, the mobile forensics firm that helped the US government break into the San Bernardino shooter’s iPhone 5c, is apparently claiming it can crack any iPhone even if it’s running iOS 11. This is said to apply even to the latest flagship iPhones, although it’s possible this only applies to exploits fixed in recent updates to iOS 11.
Forbes was told by anonymous sources that Cellebrite has discovered a way to get around the security measures of iOS 11 in recent months. This could be a big deal for its clients like government agencies and private businesses alike, but at the risk of putting consumer data at risk.
As always, best practice is to update to the latest version of iOS to ensure the latest security fixes are in place.
Forbes does note that while the Israeli firm hasn’t made an official announcement on the matter, its services note it can provide advanced unlocking and extraction for “Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11.”
The report also says a second source claims an iPhone 8, which only runs iOS 11 or later, was unlocked using Cellebrite’s methods.
However, it’s not clear what version of iOS 11 Cellebrite is able to crack. It could be possible that the vulnerability it has found has been patched by Apple in recent updates. Apple references exploits discovered in previous versions of iOS after they’re resolved and fixes are in place in new versions of Apple’s software.
A potentially similar scenario happened when the iOS iBoot source code was leaked earlier this month. At first some said it was the “biggest leak in history.” However, Apple quickly responded by sharing that “by design the security of our products doesn’t depend on the secrecy of our source code.” At any rate, this serves as a good reminder of how important it is to keep up with software updates. Apple details how to stay up-to-date here.
In any case, Forbes reports that authorities in Michigan have used the latest Cellebrite techniques on an iPhone X in a real world scenario. Data was successfully extracted from the device last December, according to the report, but it’s not known exactly what information was extracted.
The timing also suggests the exploits may have been present in an older version of iOS 11. Apple has released multiple updates to iOS 11 since December including the latest version, iOS 11.2.6, which was released last week.
More importantly, the apparent crack requires both physical access to the device as well as actually giving Cellebrite a giant pile of cash for its service so every most iPhone customers should not be affected.