As The DOJ Continues To Complain About Encryption, Cellebrite (Again) Announces It Can Crack Any IPhone

from the do-y'all-not-get-the-internet? dept

On Monday, June 17, Deputy Attorney General Jeffrey Rosen said this during his speech to the National Sheriffs' Association:

In recent years, criminals have become more and more adept at using technology to avoid law enforcement in what we call “going dark.” While “going dark” has many manifestations, some of its greatest impacts are in the areas of encryption, in assuring the security of information. But, as you well know, encryption also allows criminals to frustrate law enforcement's access to evidence — even where a neutral judge has found probable cause and ordered that we have access to that evidence.

I guess the "going dark" crowd doesn't get out much.

On Friday afternoon, the Israeli forensics firm and law enforcement contractor Cellebrite publicly announced a new version of its product known as a Universal Forensic Extraction Device or UFED, one that it's calling UFED Premium. In marketing that update, it says that the tool can now unlock any iOS device cops can lay their hands on, including those running iOS 12.3, released just a month ago. Cellebrite claims UFED Premium can extract files from many recent Android phones as well, including the Samsung Galaxy S9. No other law enforcement contractor has made such broad claims about a single product, at least not publicly.

It was announced very publicly. This wasn't a press release sent only to government agencies or the byproduct of leaked internal documents. It was announced on the company's Twitter account, letting everyone know Cellebrite is apparently beating almost every device maker at their own encryption game. Like GrayKey's offering, Cellebrite's updated encryption-breaker is hardware that can be used on site by purchasers, allowing law enforcement agencies to perform their own cracking and extraction.

Sure, the flaws used to bypass device security will be patched, and Cellebrite and its competitors will keep digging around in device hardware/software to find holes to exploit. The security vs. insecurity war will continue. But for all the weak arguments made by the head of the FBI -- especially the ones about Apple, etc. "profiting" from locking out law enforcement -- it would seem companies like Cellebrite are more likely to directly profit from device encryption. Encryption on phones is a standard offering, not a selling point. Tools that break encryption? Now, that's where the real money is.

Cellebrite, along with companies like GrayKey, are providing the solutions the FBI and DOJ think device manufacturers should be creating for them. We don't hear much from FBI officials about third party offerings because this agency would prefer a permanent fix delivered by Congress and the courts, rather than spend any of their own money and time trying to find a solution. The FBI has been misleading and dishonest for the entirety of its "going dark" campaign, all the while claiming tech companies would willingly give the FBI what it wants -- encryption backdoors -- if they would just engage in an "honest" conversation about the issue.

Filed Under: doj, encryption, fbi, going dark, ios, iphone
Companies: apple, cellebrite


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 24 Jun 2019 @ 8:14am

    Re: Re: The software has been available online for over a year

    I think things are a little backward. it's been Android that's been quite easy to break into. It used to be most of the time encryption wasn't even turned on as it showed the phones down to much. These days that's no the norm anyway, but security is still quite weak with Android.

    Have you ever heard of the FBI complaining about not breaking into Android phones? NO!!! It's always iPhones. As for Cerllebrite saying they can get into any iPhone. I find that hard to believe. Maybe a large percentage as so many people use pretty weak passcodes. It is a cat and mouse game. Maybe as some point after finding a new hole they can finally get into that iPhone, even though there has since been a iOS update to fix it. That phone they've held onto doesn't have that new iOS version. SO they finally crack it.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.