Israeli forensics firm Cellebrite has claimed that it has created a tool which has the ability to unlock any iOS device running up to iOS 12.3. By unlocking, the security company means the tool can then be used to extract sensitive information like passwords and files from Apple iPhones and iPads.
Cellebrite has announced on its webpage that it has developed a new version of its Universal Forensic Extraction Device. UFED Premium, the company claims is the “only on-premise solution for law enforcement agencies to unlock and extract crucial mobile phone evidence from all iOS and high-end Android devices”.
UFED Premium is compatible with iPhones and iPads running iOS 7 through iOS 12.3. The company has entailed that the solution will be able to “bypass or determine locks and perform a full file system extraction” on any iOS device as well as Android devices. The company has claimed that their tool will also be able to physically extract data from devices made by Samsung, Xiaomi, Motorola, Huawei and LG.
Law enforcement agencies using the toolkit will also be able to gain access to 3rd party App data, chat conversations, downloaded emails and email attachments and deleted content of an individual.
While Cellebrite aims to cater to these tools for lawful use and uncovering potential evidence, it begs the question of how companies like these will be able to avoid the misuse of the same tools for illegal purposes.
Meanwhile, Cellebrite said that it takes misuse seriously and has set up a multi-step process in place to authenticate every unlock request. The company has also claimed that in order to unlock a phone, it’ll need physical access to the phone and the exploits can’t be pushed through the air.
The latest news sparks concerns of privacy for smartphone users, be it on iOS or the Android side of things. Smartphone manufacturers need to be quick to roll out security updates before companies like Cellebrite gain the resources to exploit into their devices. On the matter of privacy, the latest development also raises privacy concerns directly from the government and makes you wonder how long till the same is being accessed by criminals.