Israel-Based Vendor Cellebrite Can Unlock Every iPhone, including the Current-Gen iPhone X, That's On the Market: Forbes

Cellebrite, an Israel-based company, knows of ways to unlock every iPhone that's on the market, right up to the iPhone X, Forbes reported on Monday, citing sources. From the report: Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 . That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

The Israeli firm, a subsidiary of Japan's Sun Corporation, hasn't made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren't authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company's literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of "Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11." Separately, a source in the police forensics community told Forbes he'd been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple's newest devices worked in much the same way.

So they have an inside man at Apple

Telling them how the backdoor works.

Yes, Apple has a backdoor. They all do.

Re: So they have an inside man at Apple

[Type44Q]

Shame on you; that was low-hanging fruit.

Re: So they have an inside man at Apple

Your mom called.
Dinner’s ready.

Re: So they have an inside man at Apple

Telling them how the backdoor works.

Yes, Apple has a backdoor. They all do.

This is modded Flamebate?

Wow, Mossad has backdoors in Slashdot as well.

Good to know.

It's a bit disturbing to me

Our government works so hard to bypass security protocols for consumer technology. OK, so perhaps I'm naive. But a government what works for it's citizens should not be so focused on breaking into our computers without due process. (thank you Patriot Act).

Re:It's a bit disturbing to me

[alvinrod]

A government that worked for its people would be helping companies like Apple, Google, etc. to harden their security systems instead of trying to pry into them. That may make it more difficult for law enforcement to arrest or convict a few people, but it does significantly more to protect citizens from scammers and other threats.

I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

Re:It's a bit disturbing to me

Ostensibly, the reason for breaking common encryption is because our adversaries are also using the same encryption in their efforts to undermine our security. At face value I don't think anyone would object to our country using all assets at its disposal to gather intelligence that could possibly save lives. The problem comes when our own privacy and liberty are undermined to achieve this objective.

Re:It's a bit disturbing to me

[viperidaenz]

Your government isn't working hard to bypass iPhone security.

They just paid a private company to do it for them. Doesn't sound like they have any need to focus on it at all.

Re:It's a bit disturbing to me

[Nukenbar]

There currently doesn't exist a way to get into many locked phones WITH due process.

These tools may allow a locked phone to be searched after a search warrant is issued.

Re:It's a bit disturbing to me

Think of it as evolution. Governments working to bypass security is a necessity to provide the evolutionary pressure for security to improve.

Think of it as a market mechanism to balance the need for privacy against the need for access by governments to provide security to its citizens. I have more confidence in a mechanism like this, that will set a steep price on compromising a device, than things like government backdoors with solemn promises not to abuse it.

I still prefer absolute security for my own devices, of course, but as with everything in our society, the key to success is balancing requirements. A digital arms race like this might actually work, at least for a while. In fact, one could even say that it is working right now.

Re:It's a bit disturbing to me

[dj245]

Our government works so hard to bypass security protocols for consumer technology. OK, so perhaps I'm naive. But a government what works for it's citizens should not be so focused on breaking into our computers without due process. (thank you Patriot Act).

Israel's approach to cybersecurity is very different than the USA. Firstly, a majority of citizens must serve in the military for around 2-3 years. The cybersecurity division of their armed forces is quite substantial. Then, many if not most of those trained individuals are turned loose in the private sector. The skills learned in the military are very transferable to private practice, even if the exact vulnerabilities that a servicemember found in the military are classified and can not be used. Is it any surprise that Israel has a comparatively high percentage of cybersecurity companies?

The US system appears to work mostly in reverse (to an outside observer). The NSA and other agencies find vulnerabilities and then keep them secret. Turnover to and from the private sector isn't as high as the Israeli system. The US military sector does a comparatively worse job training these skills and distributing them to the market, where they may do more good than spying on Angela Merkel.

Re:It's a bit disturbing to me

In the real world the gov't protects the gov't. Your lost privacy is their gain.

Re:It's a bit disturbing to me

[BronsCon]

Until your friend pranks you and you jokingly text them "I'm gonna kill you for that" in response and they end up dead a day or two later.

Welcome to a murder 1 charge with pretty damning evidence against you, all because you didn't think privacy was important.

In fact, it is those very situations that our guarantee of privacy from government snooping absent due process is intended to prevent.

Re:It's a bit disturbing to me

In the real world, the gov't is here to protect us

Nobody believes that anymore. If you do, then you're probably the naive idealist, which is all the funnier since you call other people "hippies." Is that the word they taught you at the last drum circle?

Re:It's a bit disturbing to me

In the Snowden leaks, I seem to recall it mentioned that the NSA had a 100% track record of being able to get into apple devices.
I don't see why this would change. If you assume the "goto fail" bug was deliberate (and that's not honestly a huge leap), then it's clear a malicious insider works there and takes for things.
Apple's well publicized security efforts, started only after the Snowden leaks, and there's little reason it was not mostly for PR purposes.

Re:It's a bit disturbing to me

[Actually,+I+do+RTFA]

But a government what works for it's citizens should not be so focused on breaking into our computers without due process.

The government needs to attack iPhones owned by foreign powers. It would be nice if the technology could be restricted to avoid use on citizens, but that's just not possible, except via regulations.

Look, we trust the government with: men with M-16's, fighter jets, and nukes. We have to to avoid getting conquered by China/Russia/Canada. Information warfare weapons are no less important.

What we can do is criminalize their use by state police agencies and rigorously enforce regulations against abuse.

Re:It's a bit disturbing to me

I just do not have a problem with law enforcement getting into a criminal's locked phone after they get a warrant.

The case that comes to mind is the San Bernardino Muslim bombers.

Privacy like freedom of speech does not have to 100 percent absolute so that criminals can be caught. That's the way it has been since the founding.

Work to strengthen the courts, not any particular encrypttion.

Re:It's a bit disturbing to me

[gnick]

Until your friend pranks you and you jokingly text them "I'm gonna kill you for that" in response and they end up dead a day or two later.

Make a joke about an FBI "secret society" and there'll be hell to pay.

Re:It's a bit disturbing to me

Incidentally, "hell toupee" can be used to accurately describe the animal on Trump's head.

Re:It's a bit disturbing to me

[jwhyche]

I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power.

Re:It's a bit disturbing to me

[nonBORG]

Did I hear someone say FISA?
Funny thing is all the lefties seem to hate the govt spying on them especially without any good reason but if it happens to someone else *cough* Trump *cough* they pretend the whole thing is just a well oiled machine doing its job.

Old saying, which is why you should stand up for the rights of your enemies.

"First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out—
Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out—
Because I was not a Jew.

Then they came for me—and there was no one left to speak for me."
Martin Niemöller

Re:It's a bit disturbing to me

[MBGMorden]

Meh - this is fine. They still need due process (eg, a warrant) - this just gives them the technical ability to get into a phone that they have the legal right to do so.

I'm not at all for building INTENTIONAL backdoors into the software (and whatever hole in the security this company is using to gain access I'd hope Apple soon finds and closes), but if they have their warrant I have no issue with them hacking into the phone if they can figure it out. IMHO it's the same as cutting the lock off of a door to gain entry to a building they've secured a warrant to.

Re:It's a bit disturbing to me

[StormReaver]

These tools may allow a locked phone to be searched after a search warrant is issued.

Or, more likely, allow the FBI/NSA to bypass the warrant entirely by saying, "We didn't do it. A private company, not subject to the constraints of warrants, did it. We just happened to stumble upon the results." They're quite fond of Parallel Construction and its bastard children.

Re:It's a bit disturbing to me

Your assertion doesn't hold up to the fact that "those in power" changed drastically about a year ago via elections.

Re: It's a bit disturbing to me

The Snowden leaks in relation to iPhone relied on a bug in the in the A4 processor where it could always be forced to boot from a RAM disk.

No such bug was public in A5 through A11.

Whilst itâ(TM)s possible Cellebrite has something major, itâ(TM)s also possible they are over selling a narrow solution : eg say if the know the iCloud account details they can extract a backup from the phone

Sales guys would totally turn that into âoewe can crack every iOS deviceâ as a pitch.

Itâ(TM)s highly unlikely that the Cellebrite solution works on phones that are supervised and pairing is blocked, or where the passcode is complex, or where the ICloud account details are not known.

Re:It's a bit disturbing to me

[eaglesrule]

The entire Pentagon budget is worth it just so we don't have to put up with Canadians bragging about how they burned down the white house again, until the end of time. That'd just be insufferable. A Russian or Chinese invasion pales in comparison.

Re:It's a bit disturbing to me

[Actually,+I+do+RTFA]

In fairness, all the Candians I've met are too polite to mention burning it down the first time.

Re:It's a bit disturbing to me

[Trogre]

And now they've conned gullible liberals into taking away your guns so you can't fix it like you were supposed to.

Re:It's a bit disturbing to me

You have been reported for WrongThink. Hillary and her kill squad will arrive shortly.

Re:It's a bit disturbing to me

I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power.

True that. I asked a local LEO why he joined the force. His answer was: "moderate pay and good benefits. I also like to make a difference in the community and make my street safer for my kids." Obvious code speak for "hail Satan Illuminati, must keep those in power in power". This one time he even pulled over some reckless driving teenagers. When they asked " why you pull me over?" He said "because Donald Trump would lose his power if I didn't give you this speeding ticket". True story bro.

Re:It's a bit disturbing to me

[dgatwood]

Make a joke about an FBI "secret society" and there'll be hell to pay.

You mean the FBI isn't a secret society? Crap. They tricked me again. Now what am I going to do with a thousand gallons of goats' blood?

Re:It's a bit disturbing to me

[i286NiNJA]

-- Filter error: You can type more than that for your comment.
(Ahem that's like trollface.png except with less aliasing and a record deal.)

Re:It's a bit disturbing to me

In the real world a government idiot is given the job of protecting someone or some thing, and ends up royally screwing something majorly simple up, and it always costs a crap load more money than any sane person would part with (500$ hammers?).

In the real world some other idiot supports that government idiot, because other idiot also thinks its OK to violate many of the earliest amendments of the US constitution (and our privacy).

In the real world (crack open your history book, idiot) the people 'the gov't is here to protect' don't put up with tyranny, treason, and unethical unconstitutional behavior, and historically and ultimately retaliate or overthrow the corrupted government.

In the real world this is how governments start civil wars, "unwittingly" as James Clapper may have put it.

There are cases where government could inadvertently perhaps commit high crimes against the public, but if its not wittingly its OK (and keep on doing it!)?

Re:It's a bit disturbing to me

[HiThere]

IIRC that $500 hammer was because the government wanted them to go through authorized channels and fill out a ream of paperwork rather than just going down to the hardware store. For a gross of hammers, that's not too unreasonable, for one hammer, though.... well, the company didn't want to jump through hoops, but the government insisted, so they set a discouraging price...but the government wasn't discouraged.

Re:It's a bit disturbing to me

[KBentley57]

And now they've conned gullible liberals into taking away your guns so you can't fix it like you were supposed to.

Perhaps you don't live in the US, but there hasn't been any attempt to remove guns from anyone. You didn't happen to post this from Russia, did you?

Re:It's a bit disturbing to me

[HiThere]

The problem is "why he joined" and "what he's working for five years later" can be rather extremely different...and he may not even realize it after 5 years of being socialized to a particular viewpoint. All too often it morphs into "supporting my comrades in whatever they do". During the 1960's thinking that was "being paranoid", but since then lots of new evidence has come out, to the point where people supporting the normal police policies are reduced to finding exceptional cases to point out. And this isn't fair either, because most police most of the time try to do a good job and be good citizens. But because they worry that they might make a mistake, or need someone else's support, they don't work to get the bad apples disciplined. The saying "one bad apple..." is a bit of an overstatement, but as far as public support there's a lot of truth to it, and justifiably so.

Re:It's a bit disturbing to me

[gnick]

Cut it with kale and fish sauce and tell people it's Clamato. Or you could get charitable and open a free clinic for goats in need of transfusions.

Re: It's a bit disturbing to me

There is only one crime. Thoughtcrime. The government doesnâ(TM)t care if terrorists kill you. Only that you are an obedient subject. They need to be able to monitor you to be sure you are an obedient idiot. Tax avoidance isnâ(TM)t about the money, they can create trillions with a computer entry. Itâ(TM)s all about power and control. Eventually they will even be able to monitor whatâ(TM)s going on in your head. If the battle for digital privacy is lost, everything is lost.

Re:It's a bit disturbing to me

The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power

In that regard, we are not that different from North Korea

Re:It's a bit disturbing to me

I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not. They may operate under the guise of "protecting the country" but when it comes right down to it, its the same thing as keep those in power in power.

It wasn't always like this. Didn't the NSA contribute towards SELinux?

Re:It's a bit disturbing to me

[jcr]

a government what works for it's citizens

I think I see the root of your confusion.

-jcr

Re:It's a bit disturbing to me

A government that worked for its people would be helping companies like Apple, Google, etc. to harden their security systems instead of trying to pry into them. That may make it more difficult for law enforcement to arrest or convict a few people, but it does significantly more to protect citizens from scammers and other threats.

Our government seems fond of solutions that are complete shit. In America cryptography was once labelled a munition, and somehow we have the unlimited right to bear arms, but not to be actually secure in our possessions.

Remember in the US we protect things in the order of how dangerous they are...

Gun (checked once, in a non comprehensive database. Can avoid the check by certain private sales, so not even that is guaranteed. No periodic inspections or licensing to insure safe operation. Your on your own. Extremely high bar to have them confiscated, and almost impossible to stop someone from obtaining one with modest effort.)
Car (licensed, inspected, and regularly monitored in operation)
Alcohol (21yr) - (licensed, inspected, and regular checked for while driving motor vehicles. Heavily punished if impaired while driving.)
Sudafed (limited, hard to get, and may require a prescription just to buy a box. Every purchase is tracked and in a central database these days.)

In short you can stock up on bullets and guns till your ready for WW3, but don't bother trying to buy a second pack of pseudofed to be ready for Flu season.

Re:It's a bit disturbing to me

The only people who talk about "taking away your guns" are those people associated with the NRA and Russian trolls. It is not taking away your guns, it is about keeping the nutjobs, felons, wife beaters and domestic terrorists (armed private Militia's) from getting guns in the first place.

I used to sell firearms (in a grocery store) and I know the "issues" that stupid people present when getting a gun. I had to read the Federal rules to some of them because they could not figure out what "all those big words mean". I had to describe what a felony was and with a few of them I had to explain what a mental issue was - aka. have you ever gone to a "head doctor"? You mean did I hurt my head? Like when I went through the windshield of my uncles truck?

There is a bunch of gawd awful stupid people who own guns. Even when they proudly show you their new "piece" and they point a loaded semi-auto pistol at you. Just hope you don't run into them when they are drunk and you look like a "pretty boy", because you will end up dead.

Re:It's a bit disturbing to me

[T.E.D.]

I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up,...

You would like to think that but lets make no bones about it. The intelligence and LEA agencies are here for one purpose only.

Gathering intelligence. That is literally their job.

You might think it would be nice if some agency spend taxpayer $ all day helping software vendors to harden their OS's, and you may even be right. But no such agency exists today, and if Congress were to create one, it would most likely be a separate agency.

Re:It's a bit disturbing to me

[T.E.D.]

...that company would likely find itself sued. Quick history: What enabled Ralph Nader to found his first consumer organization was his invasion of privacy lawsuit after GM got caught tapping his phones.

There's a REASON all those telecom companies insist on getting warrants before turning over personal info, and it isn't because they are all good citizens.

Re:It's a bit disturbing to me

I'm not suprised

Re:It's a bit disturbing to me

The intelligence and LEA agencies are here for one purpose only. Keeping those in power, in power. Doesn't matter if they deserve it or not.

The FBI is doing a pretty good job of fucking up their purpose then.

Re:It's a bit disturbing to me

I used to sell firearms (in a grocery store)

lolwut?

Re:It's a bit disturbing to me

[The+Snowman]

The saying "one bad apple..." is a bit of an overstatement

Finish the quote:

One bad apple spoils the bunch

Suppose we have a "good cop" who refuses to cross the blue line and stop a fellow officer from abusing a suspect in custody, for example, beating a person in handcuffs laying on the floor who offers no resistance. Clearly the officer abusing authority by beating a prone suspect is a bad cop. However, the good cop is now bad too, for failing to stand up for basic human rights. The bad apple spoiled at least one other.

That is the problem we, in the USA (and elsewhere but I live in the USA) have: our government and its agents have little to no accountability when they do wrong. Yes, some bad cops get convicted of felonies and go to jail. Others get fired and have their names dragged through the mud. Meanwhile, alleged "good cops" watch the bad cops do bad things, complicit in their crimes.

Re:It's a bit disturbing to me

[david_thornley]

The government also has different requirements than most people. For example, a $600 coffee maker in an aircraft was designed to not be a hazard under enemy attack. Since this is a very small market niche, the coffee makers cost more than they would have in a larger market. Military tools may be designed to work in environments where other tools would break or be unusable.

Re:It's a bit disturbing to me

[david_thornley]

"Yes, Your Honor, the iPhone accidentally found itself in a shipment to Israel, and somebody, not us, must have paid the company, because imagine our surprise when we found...." To use for that purpose, the LEOs would have to have some sort of method to just take a phone and crack it, not send it to an Israeli company.

Parallel construction is used when they can covertly get information by illegitimate means. This isn't covert.

Re:It's a bit disturbing to me

Dont be a dipshit. Oops, too late. Your local leo has no agenda. If your first priority in any endeavour is money then youll never be more than a tool

Re:It's a bit disturbing to me

[Trogre]

Apart from the first sentence, I agree with everything you just said.

Re:It's a bit disturbing to me

[Trogre]

You don't read the news much, do you?

On The Bright Side...

[TechyImmigrant]

At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.

Re:On The Bright Side...

[PPH]

I thought the newer iPhones were supposed to have hardware-based encryption and security.

Re:On The Bright Side...

They do. And as every device till now they are susceptible to an attack where the password is brute-forced while the in-silicon failed login counter is restored (likely with the whole memory content, since it's all indeed encrypted).

To defend against such a vector one would need to ensure that external writes or reads are either not possible, or alter the state. Or very slow and expensive, which might be good enough. I am absolutely sure the solution involves some very clever electrical engineering at the very edge of the state of the art in IC design. But - that's where Apple and other commercial players are anyway. Fingers crossed.

Re:On The Bright Side...

[TechyImmigrant]

I thought the newer iPhones were supposed to have hardware-based encryption and security.

Not all hardware security circuits are immune to attack though. Especially lid-off attacks where the chip is disassembled, probed and reverse engineered. There are defenses against those attacks but it take a lot of work to perfect those defenses.
 

Re:On The Bright Side...

[CustomBuild]

At least there are plenty of us who are working on unbreakable hardware primitives in silicon that will keep these bastards at bay. It's about as nontrivial as it gets and we and many other have been at it for several years. The endpoint is pretty clear though. We will prevail.

Ha ha ha ah ahah ha. Your work aside, take a pill for that paranoia.

Re:On The Bright Side...

[Actually,+I+do+RTFA]

I imagine any sufficiently motivated entity can completely disassemble the silicon while recording the state, and rebuild it as needed to brute force it. I assume there's some secrecy if you're trying to race to a solution, but I assume there's something you can say on what's going to stop them from salami slicing, observing and salami slicing again?

Re:On The Bright Side...

[PPH]

lid-off attacks where the chip is disassembled

This is the case where I've done something Really Bad and they've recovered my phone from my dead body. And since I'm not a complete moron, it's unlikely that I'd use my phone while doing Evil anyway.

If they sneak in and lift my phone from the gym locker, all I have to worry about is stuff that they can put back as it was before I'm done on the treadmill.

Re:On The Bright Side...

[TechyImmigrant]

You need to work with the assumption that that can happen and make it not matter.

Re:On The Bright Side...

[david_thornley]

They do. There's no such thing as perfect security. There's got to be flaws somewhere.

What the Secure Enclave mostly does is ensure that the PIN/password can't be brute-forced, and keep the AES-256 key where it can't normally be extracted. This is a massive improvement over the 5C or earlier, but it seems unlikely to me that there's no point of attack. If you're not worried about putting anything back, you can try to figure out things at the hardware level. It won't be easy, and I don't know how practical it is.

An iPhone is in a state much like DRM: the AES-256 key has to be in the phone somehow for it to be useful.

Re:On The Bright Side...

[TechyImmigrant]

lid-off attacks where the chip is disassembled

This is the case where I've done something Really Bad and they've recovered my phone from my dead body. And since I'm not a complete moron, it's unlikely that I'd use my phone while doing Evil anyway.

If they sneak in and lift my phone from the gym locker, all I have to worry about is stuff that they can put back as it was before I'm done on the treadmill.

Criminals will be criminals and they often aren't smart enough to leave the phone at home. However plenty of governments are evil and tech companies have insider attacks. So the need to protect information remains real.

Re:On The Bright Side...

[TechyImmigrant]

> I am absolutely sure the solution involves some very clever electrical engineering at the very edge of the state of the art in IC design.

Yep. You're right on the ball there. that's what I meant by primitives. Circuits that raise the security bar beyond the government actor level.

Pinhead visits the DHS...

[magusxxx]

"We have such data to show you."

Forbes is a total rag these days

[kalpol]

No source checking and very little editing of their crowd-sourced articles. I have not seen this claim reported by any legitimate sources.

Re:Forbes is a total rag these days

[msmash]

I agree with your general assessment of Forbes. They do have a contributor program which many people have been abusing for years by writing misleading articles. However, this particular story is written by a full-time staff reporter there. It's his scoop, and many reputed security journalists have shared it on social media, lending it more credibility. (Also, in general, we avoid linking back to Forbes because of its annoying daily quote thingy and stand on adblockers.) Opinion on Forbes is mine and it does not reflect the views of other people on Slashdot's staff.

Re:Forbes is a total rag these days

and many reputed security journalists have shared it on social media, lending it more credibility.

One does not imply the other.

Re:Forbes is a total rag these days

[kalpol]

I appreciate the reasonable response!

Re:Forbes is a total rag these days

Normally I'd agree with you over msmash, but not after having gone through Israeli security at one of the smaller regional airports (SDV). I've seen/had them use the tools on me. I had an Indonesian visa in my passport among others, and a very old photo with long hair. I guess I set off some red flags.

At security they confiscated my iPhone 6, which had the boarding pass pulled up in my email app. When I got it back it was the last email I sent to my father. For whatever reason they couldn't also use the tools to get in to my iPad 2 (with the old connector, in a short amount of time), and made me unlock it as well as prove the camera and microphone both worked.

I made the flight. Actually a much earlier flight because no one noticed or pointed out I accidentally booked for 7:30 PM instead of AM (they are on 24 hour time though). All around kind of unsettling and just another odd, one off travel story. The whole thing happened in under a half an hour and I was on my way despite panicking over missing the flight. It's anecdotal and I'm not presenting it as anything other than my personal experience, but it left quite the impression on me.

Re:Forbes is a total rag these days

Forbes? Yeah, I never look at it because it always complains about my adblocker. Whatever they've got to say I can get somewhere else so no, I won't be whitelisting them.

As for this... I'm an authoritative source (for myself). I can break into any phone, with any layers of security applied to it (including one-time pads). I'll do it for €500,000 per phone (payable upfront), but I'll refund 20% if I can't get into it within 50 years. Next stop: Forbes ;-)

Re: Forbes is a total rag these days

[Brockmire]

You'll get flagged if you show up way too early for a flight. 3 hours, lots of margin and reasonable. 12 hours? "Wtf is this guy doing?", scrutiny.

Cool

This is soooooo cool though.

Multi million dollar stolen phone market

[burtosis]

You can buy stolen iPhone phones dirt cheap (often for on a few dollars on older models), the all important stolen logic boards are damn near free. It's basically only worth stripping it down and selling the parts individually. But, If it was as simple as a 10 minute software upgrade, you could make Coke dealer money in no time selling unlocked iPhones as long as you were the only one doing it. Of course carrier lockouts are another matter but bypassing an iCloud lock would be extremely profitable.

Re:Multi million dollar stolen phone market

[Bill+Hayden]

This company has ways to get at the data stored on the phone, not to remove the iCloud lock and reactivate. Activating an iPhone goes through Apple, so there's really no way around this.

~Re:Cool

What do you mean?

Re:~Re:Cool

Yes

How long have they known Meltdown and Spectre?

For how many years have they exploited them on AWS and other places?

Re:How long have they known Meltdown and Spectre?

At least since the 80's.

Congregations

They've accomplished what couldn't have even been done by Apple in their iPhone x key note.

Re:BDS

There is a reason they have been expelled over three hundred times.

No device is secure.

There is no device allowed to be sold that cannot be back-doored. There are bluetooth hacks that do not need bluetooth to be turned on, you need to be close, have a laptop with the hacking software. Wi-Fi hacks are an absolute reality. To think any device is secure is to be living in a fool's paradise. Ignorance is bliss I guess.

They're really not that good. Private company

[raymorris]

>. I'd like to think that if the intelligence agencies devoted their time and effort to helping companies identify security weaknesses and shore them up, we wouldn't be seeing massive data breaches every few months.

That sounds nice, but it really wouldn't matter. Note "the intelligence agencies" can't hack iPhones, it's a private company that can. The people a the intelligence agencies really aren't that smart. It's nothing AT ALL like the movies. It's people who got a certificate in cyber security but couldn't get a job in the private sector, which pays better (but expects you to know wtf you're doing). You think Google wastes a lot of time talking about PC bullshit? You should see government! Government doesn't hire the best people. They hire the "disadvantaged" people.

Many, many private companies are in the business of "helping companies identify security weaknesses and shore them up". Heck you can get services from companies like Alert Logic for tens of dollars per month; does your company have static analysis and daily scans?

Re:They're really not that good. Private company

That's funny. 90% of the private sector is more incompetent and useless than the worst of the public sector.

Re: They're really not that good. Private company

[Type44Q]

Note "the intelligence agencies" can't hack iPhones

Only a fool would believe that.

Re:They're really not that good. Private company

[easyTree]

Paradox alert!

Re:They're really not that good. Private company

[BronsCon]

And the remaining 10% of the private sector is better than the best of the public sector. It actually makes perfect sense when you consider how many more people there are in private roles.

Re:They're really not that good. Private company

[alvinrod]

I think it really depends upon which intelligence agency we're talking about. There's probably your rank and file bottom feeders that couldn't find their ass with a map and a flashlight, but that's true of any organization and I'm pretty sure that anyone working in the private sector can point to several pristine examples of such individuals. However, there are also some government types that create things like Stuxnet and do some other nasty bits of work that the public will never hear about, so there are clearly a few competent individuals working for the government.

I don't think government intelligence agencies would be a complete replacement for private sector companies, but there are clearly cases where the government is contracting with some private company or has legislated that citizens are required to use some service provided by a third party. The government should certainly work to ensure that those organizations don't have any glaring security holes.

Re:They're really not that good. Private company

[organgtool]

That's a nice anti-government rant you have there but unfortunately it has little basis in reality. All of the biggest hacks have been perpetrated by nation-states: Stuxnet and the Kaspersky infections come to mind. Regardless of that, given that many of the government programs that generate hacking tools are classified, how can you claim that you could even begin to know how competently they operate? Before you cite the Snowden leaks, keep in mind that they are almost five year old now and I'm sure the government has developed much more sophisticated tools since then.

Re:They're really not that good. Private company

[pak9rabid]

They hire the "disadvantaged" people.

Having worked with some of the governments "security experts", I can confidently confirm this.

Re:They're really not that good. Private company

[i286NiNJA]

Riiiight.
Because good computer people wanna make a fraction of the pay, take drug tests and answer quizzes about their finances, drug history, and sex life.

Re:They're really not that good. Private company

[i286NiNJA]

It stops making sense when you realize that you need a 40k security clearance for a good chunk of the entry level IT jobs.
Where do you find an entry level worker with a 40k clearance? Fresh out of the military.

Now you're talking bout a guy who got A+/Net+ certified 3 years ago and was lucky if he was making even the most petty of decisions on his own the last year before he got out.

The only military IT people who impress me are comms guys.

Re:They're really not that good. Private company

[BronsCon]

You might want to re-read my comment, I'm pretty sure we both said basically the same thing.

Re:They're really not that good. Private company

[HiThere]

Well, this wasn't a federal job, but I took a government job right out of college (state civil service) because I plain *HATE* the idea of job hopping. Now this *was* a few decades ago, and the group I used to work for is not a place that I wouldn't have wanted to work, but I was rather happy with my job, and they let me refuse to go into management. (I think I was an excellent programmer, but I would have been really incompetent as a manager. They did keep pushing me towards management, but they also continued to allow me to decline.)

So sometimes it's personal characteristics rather than skill level.

OTOH, I always consider that my job was "right livelihood". To me that's important. I wouldn't say the same about those who work to ensure that people's computers can be broken into.

Re:They're really not that good. Private company

Our government is able to operate as an APT because they have lots of money and resources. They're able to assemble a team of devs and work on their tools using professional methodology with automated tests, staging environments, and diverse talent pools.

Typical blackhats have to work with their own deficiencies or form teams. They don't have a ton of say about the kinds of skills that they acquire for their teams. They don't have a lot of ability to do QA on each other's work, telling anyone their shit's not up to snuff might mean they walk off and take as many assets as they can and leadership of the group can change in a weekend. Oh plus they're trying to protect themselves from each other and from law enforcement.

Not exactly a great development environment. Imagine a hacking team that has just 10 "full stack" members each with a specialty and a well defined director, the budget for a datacenter with bazillaflops of GPUs, a petabyte of database dumps and rainbow tables, and a physical intrusion with diplomatic immunity who can dress up like a janitor and pick locks to plug shit into networks and PCs. Last but not least guys with guns are kicking down people's doors and if they find a computer maybe they give it to you to poke around.

A team like that could hack shit so fast they'd have to outsource managing their hacked sites. Starting to look and sound a lot like the modern day NSA but minus the useless report writing pencil dick risk management douchebags who come in out of management, the military, and law enforcement.

Please tell me I'm so far off.. come on I dare you.

Re:They're really not that good. Private company

[i286NiNJA]

Nah I totally feel that. There are some great career positions in the govt if you can find them. Come in, say hi, do your job, go home, and eventually retire.
For some reason IT hiring seems to be a challenge for most companies but the government in particular struggles with it and presents a face that turns off the exact sort of applicants they should be trying to get in the case of infosec.

When it comes to getting "the best of the best of the best!!!" our federal government starts by filtering out all the weird aspies, druggies, and neer-do-wells when, in this case, that's where the kind of talent they need lives and they should be working hard to hand select the most functional and competent members of these groups. They also have a hard time accepting that people just don't want to work for them anymore so they need to drop their superior attitude... the dude they're interviewing is takes his dog to work, works from home on wednesdays but always makes it in for beer and pajamas fridays where he works now so it won't take a lot of bureaucratic shit or down-talking to make him nope right the fuck out the front door.

Re:They're really not that good. Private company

[i286NiNJA]

I didn't work IT in the military but I watched those who did struggle with some rather laughable textbook-question problems and come up with even sillier solutions. I won't be specific because it could reveal a lot about my identity but these are interview-starter question level problems that any given candidate should be able to answer 3/4ths of... and it wasn't like we had just one guy running IT so between the lot of them they were um less than one good IT generalist if you added them all up.

This was ages ago so maybe things have changed.

Re:They're really not that good. Private company

[BronsCon]

I doubt they have. The US military hasn't been good at anything but killing since... well, I'm pretty sure forever.

Re:They're really not that good. Private company

Nothing has changed. My boy recently joined the Navy. 19% of the entering recruits couldn't swim.

Not the Air Force, not the Army, not the Marines.

The. Navy.

And they can't swim. It's official, we're fucked.

Re:They're really not that good. Private company

[HiThere]

Well I was never "the best of the best", and I certainly wasn't into infosec. But I think I was pretty good, and at least a couple of times I did things that people had thought were impossible. And I kept at least one public facing system from using social security numbers as a unique identifier.

Re:They're really not that good. Private company

[david_thornley]

It's good at organizing massive rescue efforts. Since the US Armed Forces are expected to go anywhere and kill people, there's a large logistical tail that can go anywhere, and that can be used for other purposes.

Does Anyone Else

Find it weird that we have seemingly outsourced civil rights and due process to a private company? And more weird that, as a profit-oriented organization, there is some actual protection there?

Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?

Yeah, I know the story. Just commenting on what a crappy place we are in.

Re:Does Anyone Else

[easyTree]

Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?

Since,... THE BEGINNING. The idea is that THEY control US. If we know what's going on we have the potential to affect outcomes and seize control. This changes the THEM/US dynamic. Bad.

Re:Does Anyone Else

Find it weird that we have seemingly outsourced civil rights and due process to a private company?

While this does happen, how does that relate to this story? The company TFA is about, doesn't appear to be working as a court.

Since when did our governments decide their populations were "risk factors" and citizens desire for privacy were "non-actionable concerns"?

Since US voters supported candidates who held that position, instead of promoting (and voting for) candidates who have other attitudes. I don't even remember the last time I saw a non-Republican-or-Democrat on a non-presidential ballot. People who actually hold American ideals tend to never, ever run for Congress. You might find weird exceptions in places like New Hampshire or something, but it's rare AF.

Re:Does Anyone Else

[david_thornley]

We haven't outsourced civil rights. LEOs would have to send the phones to the company, and that's going to be pretty obvious if done without a warrant.

Well ..

.. that's that then.

Re:BDS

[PopeRatzo]

There is a reason they have been expelled over three hundred times.

Don't confuse the Jewish people with the corrupt government and intelligence apparatus of Israel. There is a reason Netanyahu has been referred for criminal prosecution.

Apple

It just works!

simple really

First, they ask the phone owner for the password. But then, they say "please".

No, I think you meant #ironic

Working on Intel ME, AMD Secure Processor, and ARM Trustzone as 'silicon primitives of security' makes him akin to the Clipper Chip designers of the 90s, not the cypherpunks trying to actually protect us from big Government and even bigger Corporations. :)

And just to prove I'm not trolling, my captcha was 'angler' :-D

Those little sneakers

[theendlessnow]

Cos tells Marty, "We can change the world!"

Re: Those little sneakers

[Colourspace]

It's about who controls the information.

Is this legal in Isreal?

The login security on a phone is definitely a technological measure to limit access to copyrighted content (e.g. photos and other copyrightable works that a user might store on their phone).

OTOH, law enforcement and those they contract have an exemption, per 1201 (E). But on the third hand, whatever technology they manufactured, was probably made illegally unless they were working under a US government contract at the time they did it. (i.e. if they already had the means to crack iPhones when the US govt approached them, then they very likely committed a crime.) On the fourth hand, they're not in the US and therefore subject to Isreali law, not US law.

Thus raising the question: Does Isreal not have a DMCA-like law? Because if they do, then they're probably a criminal enterprise in Isreal. And if they don't, then Isreal couldn't be a WIPO member.

Can you legally distribute stuff like libcss in Isreal?

How they do it

iOS has a simple flaw. They tweet/text/whatever Q33 NYC in emoji.

We don't suspect you of anything but...

We'd like to see the data on your phone anytime we want to. And now we can!
But don't worry, if you have nothing to hide then you have nothing to fear!

It's not really fair to call it trust

[edris90]

Us government's relationship to its citizens is a custodial relationship that maintains exhistence only by threat of Harm or incarcerations to those replace their loyalties elsewhere. I like we have a choice not to deal with them. Don't trust the government they just don't give us an option to ignore or live independent of them.

Surefire way to stop government / Cellbrite

A surefire way to stop the government and cellbrite / other 'hacker' corporations, is to install APK's hosts engine on every single device. This will allow the hacks to be blocked at the Kernel level, ring 0, instead of relying on software running in user space (which slows down and consumes MORE with LESS) using less ram and less CPU power, working with what you have, for free! It cannot be broken, even by the Israelis.

You've extrapolated 2 steps too far

[raymorris]

Kaspersky suggested that NSA may have, at one time, used code which was also used by authors of Stuxnet. We also know they purchased much of the code they used. That's quite far from "the authors of Sticker were NSA employees". There is no evidence that the developers were NSA employees. Indeed the fact that similar code is also found in incidents for which NSA has no motive strongly suggests that NSA is but one of the clients/friends of the authors.

> how can you claim that you could even begin to know how competently they operate?

I know them, I work with them. I'm not tremendously impressed by them. Federal hiring regulations and processes, and salaries explain *why* this is so. The *director* of the NSA makes $180K. That's only slightly higher than the *average* private-sector exploit specialist. That's the director of the agency. My boss makes more than that, and he can barely use exploitdb.

Re:You've extrapolated 2 steps too far

[i286NiNJA]

Fun fact:
The government won't pay more because it's unfathomable that low level engineers should make more than the director of national intelligence.

The top people in our government can't grok why a low level employee with rare skills might make more than a guy who takes a job that has a pipeline of 100s of potential applicants all gunning for a seat. We have the best and brightest at the helm!

MH370

[NicknameUnavailable]

Here's how they do it:

If you remember awhile back, MH370 was lost. What you likely don't remember is that the majority of passengers were a part of a cutting edge semiconductor research company in southeast Asia. Shortly before it was lost a patent was published in the names of 6 people, a Rothschild and 5 engineers. One engineer died about a month before MH370 went missing, the others were onboard. The patent was for a room temperature quantum transistor capable of being mass produced with traditional semiconductor fabrication techniques.

Re:MH370

https://www.snopes.com/politics/conspiracy/malaysiapatent.asp

Re:MH370

[bioteq]

The snopes article saying that the plane being brought down for the PURPOSE of one person taking over a patent it false, not the patent and idea itself, which Nicknameunavailable is talking about.

Also, Snopes isn't exactly a...trusted....source site. Let alone one I would trust when it comes to thoughts / ideas that span beyond the 'box' of thinking.

Re:MH370

[NicknameUnavailable]

Pro tip: If you ever cite politifact, snopes, correct the record, or related sites it means you are wrong.

Re:MH370

[bioteq]

Definitely.

I laughed pretty hard when I saw the 'debunk' link pointing to snopes. I even clicked it to see what they had to say. Unfortunately, he linked to an article that had nothing to even do with what you mentioned. But then again, that's how snopes operates -- They take something then 'debunk' something completely unrelated to the original intent and call the entire thing 'false' because they sprinkled a very small part of the original intent in to the fake intent.

Millions of people fall for this. Wish I could get away with banging porn stars, doing drugs and making tons of money by lying like they do!

Let's dump intel!

So the word Cellebrite is actually a "play-on-words". The French word for celebrity is spelled 'celebritie. If you add an 'L' at the opportune position and remove an 'i' to make it a little more inconspicuous, you get the word 'Cellebrite'. This would be the same company Harvey Weinstein's ex-Mossad (Israeli) goons used when they were stalking American celebrities on American soil in violation of their civil liberties and furthering a wealthy sex offender's philandering. The agents would intercept the phones, use this software to unlock them, and leak any incriminating details to the tabloids to keep them spooked and in-line. Now they found a new customer, ie the Uncle Sam! ;)

Re:Let's dump intel!

Nope it's "célébrité". Some example words are
ignominy : ignominie
tragedy : tragédie
folly : folie (also means madness)
poetry : poésie
taxonomy : taxonomie
holly : houx :)
liberty : liberté
probity : probité
beauty : beauté
celerity : célérité
incivility : incivilité

There's a certain theme going on. For a change, certainty is "certitude".

Only fools doubt the power of GOD!

Why do people constantly imagine that our security agencies have magic powers? Instead of guessing why don't you take a look at some of the leaks and find out. They have some smart nerds somewhere and they're well equipped. There was nothing really surprising about what they could do, there were no capabilities that I couldn't explain easily.

It's completely believable that the NSA sometimes lacks the ability to crack into some commercial products.

AC pretends not to understand.

[i286NiNJA]

Why would you pretend like you don't know what he's talking about?
Completely different sort of LEO and it's no like there aren't a bunch of town cops who have set up little fiefdoms with a few of the other local power players. Maybe not your friend but there is zero chance that your understanding is actually this bad.

You got one part right

[raymorris]

You got this part right:

> the budget for a datacenter with bazillaflops of GPUs, a petabyte of database dumps

> Typical blackhats have to work with their own deficiencies or form teams. They don't have a ton of say about the kinds of skills that they acquire for their teams. They don't have a lot of ability to do QA on each other's work

Red Dawn was a movie. When Albert Gonzalez (one of the Shadow Crew members) was arrested, the FBI seized $1.6 million in cash he had laying around at that particular house at the moment. You think Shadow Crew couldn't manage to use Git? To contract people with whatever skill they want?

Hamza Bendelladj used SpyEye (a trojan horse) to steal $400 million. That'll hire an expert dev with any skill you need, thousands of times over.

All those Nigerian Prince emails and all that - those aren't done a million times a day because nobody is making any money from them. One organization running email scams may employ a hundred people. "Telling anyone their shit's not up to snuff might mean they walk off and take as many assets as they can and leadership of the group can change in a weekend"? Not any more than at any other business.

This is an industry, not a movie.

Except for that whole Apple thing

See ... when Apple chose to simultaneously chose to sell out to the Chinese government but advertise the iPhone as a law enforcement defeat device, they made their bed. Their integrity is at best compromised, and most likely they are actively selling you and your country out.

I don't buy this story

If it's true that a firm would unlock any encrypted device, that would quickly become public knowledge because that evidence would be introduced in court cases around the globe, which it hasn't been. Instead, law enforcement is sitting on mountains of encrypted devices and I haven't seen one story where a Cellebrite-decrypted device was introduced into evidence at trial.

Re:BDS

So who is responsible for that government being there, then? Is it the people of Yakyakistan?

Re: Surveillance

[AutodidactLabrat]

Then Mossad should be backdoored by everyone.