New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

FBI Enlists Israeli Firm Cellebrite to Unlock Shooter's iPhone

Israeli mobile software developer Cellebrite is helping the FBI in its attempt to unlock the iPhone at the center of the San Bernardino shooter investigation.

That's according to a story filed by Reuters this morning, based on a report in Wednesday's copy of Israeli daily newspaper Yedioth Ahronoth. If the software company succeeds then the FBI will no longer need the help of Apple, the report claimed, citing unnamed industry sources.

According to its website, Cellebrite offers "mobile forensics solutions" which "give access to and unlock the intelligence of mobile data sources to extend investigative capabilities, accelerate investigations, unify investigative teams and produce solid evidence".

Cellebrite
Apple and the U.S. government have been embroiled in a heated public battle that started when a court ordered Apple to help the FBI unlock the iPhone 5c of terrorist Syed Farook. Unlocking the iPhone would require Apple to build a new version of iOS that bypasses iPhone passcode restrictions and provides the FBI with a way to enter passcodes electronically, something Apple has staunchly refused to do.

On Monday, the U.S. Justice Department convinced the court overseeing its ongoing battle with Apple to postpone a hearing scheduled to take place March 22. The DoJ said new leads had been discovered that could provide it with a way to unlock the iPhone 5c used by San Bernardino shooter Syed Farook without involving Apple.

Various commentators on the case have cast doubt on the FBI's original claim that it had exhausted all avenues in its attempt to unlock Farook's iPhone and a number of ideas have been floated in the media by security experts. The most likely attack was set out in a March 7 blog post by the American Civil Liberties Union (ACLU), which directly called into question the FBI's initial assertion that it had no means of extracting the iPhone's data.

iphone5c
The process described by UCLA technology fellow Daniel Kahn Gillmor uses a technique called NAND mirroring to copy the portion of the phone's memory that counts the number of passcode attempts entered. By continually restoring the copy, the FBI could thereby circumvent the limit on the number of passcode guesses that can be made before the device is rendered permanently inaccessible.

Another, more risky – not to mention laborious – method is an invasive microchip attack known as "de-capping". This involves removing and de-capsulating the phone's memory chip, carefully drilling down into it using a focused ion beam to expose the portion of the chip containing the target data (in this case, the iPhone's unique ID and passkey algorithm) and then probing it, micron by micron, to extract the information.

The latter could then be used in an off-device "brute-force" attack on the passcode that would be able to try all possible combinations without running up against the iPhone's guess limit.

The judge involved in the high-profile California case has agreed to vacate the March 22 hearing and requested that the government provide an update on its progress by April 5. The motion requiring Apple to help the FBI lock the iPhone was suspended.

In a conference call with reporters on Monday, Apple said it would insist on obtaining details about the exploit the FBI plans to use should the government keep the case going. If the case is dropped, Apple will not be able to ask for that information.

Update 8:13 AM: As noted by Twitter user @zenalbatross, the FBI signed a $15,000 contract with Cellebrite on Monday.

cellebrite_contract
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: Apple-FBI


Top Rated Comments

(View all)

19 weeks ago
Ah Cellebrite, the company whose website mysteriously disappeared a few weeks ago (I was looking into them because of mentions of the company in certain leaked documents) but has a long history of building and selling the equipment for security states around the world.

They played a role in the systems used during the Arab Spring, the uprising in Tunisia, etc. This is a company who's products for surveillance are sold indiscriminately to dictators around the world to dragnet their citizens.

Good to see who the US security apparatus is in bed with.
Rating: 98 Votes
19 weeks ago
Gonna seem awfully silly when they find nothing but dick picks and Angry Birds
Rating: 81 Votes
19 weeks ago

As I said a while back.

What would be safer for everyone?

Apple, under their own total control accessing the data themselves and presenting just the data to the FBI.

Or some third party team working out how to access data on iPhones?

If we presume SOME 3rd party will be able to recover data at some point in time, which of the two scenarios do you feel would be preferable ?


3rd party for sure.. In that case, Apple can always work towards securing future versions of iOS and iPhone. Once they start going down the path of helping the government there is no turning back.
Rating: 62 Votes
19 weeks ago

As I said a while back.

What would be safer for everyone?

Apple, under their own total control accessing the data themselves and presenting just the data to the FBI.

Or some third party team working out how to access data on iPhones?

If we presume SOME 3rd party will be able to recover data at some point in time, which of the two scenarios do you feel would be preferable ?


Yes, what would be safer for everyone?

Apple, the phone manufacturer, creating a backdoor exploit for all iPhones - a backdoor in the posession of 'only' the US government - and an exploit that, since it has been deliberately programmed, has a much higher chance of being discovered by other hacking organisations. A legal outcome which means all future iPhones will require a backdoor.

Or some 3rd party working out how to hack an iPhone (which has been happening for ages, by the way -- ever heard of jailbreaking?), by finding an exploit or utilising a technique that Apple will patch in the near future.

Which of the two scenarios do you feel would be preferable?

EDIT: plus your argument almost seems to imply that with one, the other can't exist. It's a preposterous logical fallacy. If Apple created an iOS backdoor, that doesn't stop 3rd party hackers. Rather, it encourages them to find the backdoor or steal the custom version of iOS.
Rating: 14 Votes
19 weeks ago

Well, I wish them good luck on their first and last iPhone unlock, if they succeed.


I really hope they screw up good time.
Rating: 12 Votes
19 weeks ago
Let's just flush away US taxpayer's money, we have to avoid the court at any cost!
Rating: 11 Votes
19 weeks ago
tax payers dollars hard at work
Rating: 8 Votes
19 weeks ago

Ah Cellebrite, the company whose website mysteriously disappeared a few weeks ago (I was looking into them because of mentions of the company in certain leaked documents) but has a long history of building and selling the equipment for security states around the world.

They played a role in the systems used during the Arab Spring, the uprising in Tunisia, etc. This is a company who's products for surveillance are sold indiscriminately to dictators around the world to dragnet their citizens.

Good to see who the US security apparatus is in bed with.


Yes the US government are not exactly pushing to allow badly done to Mordechai Vanunu release from Israel.

Yet I bet if Belize wanted to question John McAfee they would say 'NO WAY'.

One rule for one another rule for the rest of the world.
Rating: 8 Votes
19 weeks ago

https://xkcd.com/538/
Rating: 8 Votes
19 weeks ago

I really hope they screw up good time.

Yeah, because we wouldn't want to see what's inside a terrorist's cell phone, the owner of which killed many people.

So the terrorist is the "good guy", and the FBI are the Big Bad Guys.

You guys are really screwed up.
Rating: 7 Votes

[ Read All Comments ]