FBI reportedly to use Cellebrite to crack encrypted San Bernardino iPhone

Cellebrite, a company which could suck the data off cellphones in under two minutes several years back, is reportedly the firm helping the FBI crack the San Bernardino shooter's iPhone.

FBI badge and gun
Credit: FBI

Who is helping the FBI crack the San Bernardino shooter’s phone? It’s Israel’s Cellebrite, according to Reuters, which cited a report in the Yedioth Ahronoth newspaper.

And while the outside help is not coming from John McAfee, who was going to eat his shoe on live TV if his team could not crack the encryption, McAfee likened the method to a “universal master key.”

McAfee told CNBC, I promise you that [Apple CEO] Tim Cook and Apple are not going to be happy with the solution that the FBI has come up with because it is almost as bad as a universal master key.” While he didn’t say the exact method the FBI would use, he added, “It's much, much easier to break into a phone using this technique. I'm not fond of it.”

Not too many privacy advocates are fond of Cellebrite products. By at least 2011, Cellebrite’s Universal Forensic Extraction Devices (UFED) could reportedly extract and decrypt even deleted data from 95% of cellphones; that’s the same year Michigan State Police were discovered to be using the devices which could snarf the data from phones in one-and-a-half minutes. This lickety-split method prompted concerns that police might suck the data from a phone during something as “innocent” as a traffic violation stop.

Three years ago, the ACLU warned, "Intrusive cell phone searches are becoming ever easier for law enforcement officers to conduct. Companies such as Cellebrite produce portable forensics machines that can download copies of an iPhone’s ‘existing, hidden, and deleted phone data, including call history, text messages, contacts, images, and geotags’ in minutes. This type of equipment, which allows the government to conduct quick, easy phone searches, is widely available to law enforcement agencies—and not just to federal agents.”

As for the passcode on the San Bernardino shooter’s phone…pfft, no problem. Current promotional data (pdf) for Cellebrite’s UFED Touch solution says it includes the ability for the “physical extraction and decoding while bypassing pattern lock / password” on Android OS devices “and more.” The UFED Pro series (pdf) can still extract data from 95% of devices as well data from 59% of third-party apps, 45% of wireless cellular providers and 32% of cloud providers.

Cellebrite even claims it can decode messages sent via the Telegram app, which is supposedly a popular tool for ISIS terrorists to spread propaganda. And, as noted by The Next Web, “Leeor Ben-Peretz, vice president of the company’s forensics division, told Israeli news site Haaretz that the UFED is capable of unlocking Samsung’s (brand new) Galaxy S7.”

While Cellebrite has had a solution for unlocking iOS 8 devices with “no risk of device wipe or hardware intervention,” a Cellebrite tweet from October 2015 claimed it could extract data from iOS 9. If that was possible, then why didn’t the FBI just jump on that opportunity? After all, the Yedioth Ahronoth article said the FBI signed a contract with Cellebrite in 2013. Many people have pointed to other ways the FBI could obtain the data without trying to force a backdoor in Apple’s products.

Documentation from Cellebrite claims that – from iOS devices – it can extract, decode and recover deleted data such as “messages, apps data, calls history, contacts and much more.”

Decoded data includes:

Call logs, Voicemails, Contact lists, Locations (WiFi, cell towers and GPS fixes), Images, Video files, Text messages (SMS), MMS, Emails, Notes, Installed applications and their usage, User dictionary, Calendar, Bluetooth devices pairing history, Maps cache.

It can scoop out browser data, bookmarks, history and cookies as well as decode data from the followings apps:

Skype, Whatsapp, Viber, Fring, MotionX, AIM, TigerText, Facebook Messenger, Twitterrific, Textfree, Google+, Facebook, Foursquare, Garmin, TomTom, Waze, TextNow, Dropbox, Yahoo Messenger, Ping Chat, Twitter, Touch (new ping chat), Find My iPhone, LinkedIn, iCQ, Kik Messenger, Google Maps, Kakaotalk, QIP, Evernote, Vkontakte, Mail.ru.

If Cellebrite successfully helps the FBI – and the company refuses to comment on if it is helping – then that should be the end of the FBI trying to twist Apple’s arm and force a backdoor. For now at least.

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Related:
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.