Israeli mobile software developer Cellebrite gained media attention earlier this year when rumors suggested the FBI recruited the company to unlock San Bernardino shooter Syed Farook's iPhone. While the FBI did not enlist Cellebrite's help, the company does have technology licensed by governments that can extract iPhone data. ZDNet has obtained documents that reveal the scope of this technology.

cellebrite
The leaked files are "extraction reports," which are organized to allow investigators to easily see and analyze data from a phone. Extraction is conducted by plugging the phone into a Cellebrite UFED device. While the device is primarily for extracting information currently on the phone it can, in some cases, extract recently deleted items. The phone at the heart of ZDNet's extraction report was an non-passcode protected iPhone 5 running iOS 8.

The first couple pages of the report include case numbers and unique identifying information for the device, including phone number, IMEI numbers and Apple ID. In these first pages, the report also divulges which plugins the software used to extract information from the device. These plugins can help the software extract data from QuickTime and iPhone backups.

The report compiles geolocation data from every photo taken on the device and visualizes it on a map, allowing an investigator to easily see when and where a person was. Text messages are organized in chronological order, which makes it easier for investigators to track conversations. The wireless networks a device has connected to are also logged, including the MAC address of the router, encryption type and the time last connected to the network.

Call log information includes whether the call is incoming or outgoing, the time, date, the other number on the call, and the duration of the call. Contacts, installed apps and user accounts on the device are also collected. Configurations and databases from apps, which include settings and cache data, are included in collection. Notes and voice mails are also extracted.

Finally, Cellebrite's technology includes an analytics engine that can figure out how many actions have taken place per phone number. For instance, it can tell investigators how many calls and text messages have occurred with each contact.

Cellebrite notes that its UFED device cannot crack passcodes on iPhone 4s and later. iPhone 5s and later come with a secure enclave co-processor that makes it even more difficult to crack for information. In November, Cellebrite signed a deal with the Indian government to provide technology to bypass locked iPhones.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

Carlanga Avatar
80 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Someone didn't read lol
Score: 30 Votes (Like | Disagree)
Tubamajuba Avatar
80 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Cellebrite notes that its UFED device cannot crack passcodes on iPhone 4s and later. iPhone 5s and later come with a secure enclave co-processor that makes it even more difficult to crack for information.
Score: 26 Votes (Like | Disagree)
SoN1NjA Avatar
80 months ago
"Cannot crack passcodes on iPhone 4s or later."

So basically anyone not living under a rock can't be passcode cracked? Only their metadata stolen right?
Score: 8 Votes (Like | Disagree)
now i see it Avatar
80 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Score: 6 Votes (Like | Disagree)
fs454 Avatar
80 months ago
Crazy that this article and its source are so descriptive about the immense personal data they can harvest, but then in one tiny sentence at the end it says this all can only come from a phone older than a 5S and with no passcode set at all.

What? Who cares then? Just have a phone newer than one that came out in 2012, or have a passcode and they can't get anything. Business as usual.
Score: 5 Votes (Like | Disagree)
Superhai Avatar
80 months ago
The fact that law firms do not take their IT security serious enough so that evidence with so thorough personal data are available to anyone, should be a strong argument for not allowing backdoors into encryption systems.
Score: 4 Votes (Like | Disagree)

Popular Stories

iOS 16

iOS 16.3 Now Available for Your iPhone With These 4 New Features

Friday February 3, 2023 1:13 pm PST by
Apple released iOS 16.3 in late January following nearly six weeks of beta testing. The software update is available for the iPhone 8 and newer, and while it is a relatively minor update, it still includes a handful of new features, changes, and bug fixes. Below, we've recapped new features in iOS 16.3, including support for physical security keys as a two-factor authentication option for...
HomePod 2 White and Midnight Feature Purple Blue

Apple Explains Why HomePod Was Released Again, Wi-Fi 4 Limitation, and More

Thursday February 2, 2023 7:57 am PST by
Apple's VP of hardware engineering Matthew Costello and product marketing employee Alice Chan recently spoke with Men's Journal and TechCrunch about the new second-generation HomePod in wide-ranging interviews about the smart speaker. Apple discontinued the original full-size HomePod in March 2021 after multiple reports indicated that sales of the speaker were lackluster, but Chan told Men's ...
Apple Silicon Teal Feature

The Next Big Apple Silicon Device May Not Be a Mac or iPad

Wednesday February 1, 2023 3:57 am PST by
Apple's next device with an Apple silicon chip may not be a Mac or an iPad, but rather an advanced external display, according to recent reports. The display, which is rumored to arrive this year, is expected to sit somewhere between the $1,599 Studio Display and the $4,999 Pro Display XDR – but more exact information about the device's positioning and price point is as yet unknown. While ...
iOS 16

Apple Preparing iOS 16.3.1 Update for iPhone as Wait for iOS 16.4 Beta Continues

Thursday February 2, 2023 6:41 am PST by
Apple appears to be preparing an iOS 16.3.1 update for the iPhone, based on evidence of the software in our website's analytics logs this week. It's unclear when the update will be released, but it will likely be available at some point in February. The same logs have accurately foreshadowed the release of several previous updates, including iOS 16.0.3 and iOS 16.1.1 most recently, so they...
General iOS 16 Feature Yellow

Five New iOS Features Coming to Your iPhone Later This Year

Tuesday January 31, 2023 11:58 am PST by
Apple has previously announced several upcoming iOS features that are expected to be added to the iPhone this year. Some of the features could be introduced with iOS 16.4, which should enter beta testing soon, while others will arrive later in the year. Below, we have recapped five new iOS features that are expected to launch in 2023, such as an Apple Pay Later financing option for purchases ...
Apple Pay Later Quick Green Feature

Apple Pay Later Launching 'Soon'

Thursday February 2, 2023 2:10 pm PST by
The Apple Pay Later service that Apple has in the works is set to launch "soon," Apple CEO Tim Cook told CNBC ahead of today's earnings call for the first fiscal quarter of 2023. Cook said that Apple employees are beta testing the Apple Pay Later feature, which will help Apple boost services revenue. "It will be launching soon," Cook said. Apple Pay Later was first previewed at the...
webkit vs chromium feature

Google Working on Browser for iOS That Would Break Apple's App Store Rules

Saturday February 4, 2023 1:30 am PST by
Google's Chromium developers are working on an experimental web browser for iOS that would break Apple's browser engine restrictions, The Register reports. The experimental browser, which is being actively pursued by developers, uses Google's Blink engine. Yet if Google attempted to release it on the App Store, it would not pass Apple's App Review process. Apple's App Store rules dictate...