Israeli mobile software developer Cellebrite gained media attention earlier this year when rumors suggested the FBI recruited the company to unlock San Bernardino shooter Syed Farook's iPhone. While the FBI did not enlist Cellebrite's help, the company does have technology licensed by governments that can extract iPhone data. ZDNet has obtained documents that reveal the scope of this technology.

cellebrite
The leaked files are "extraction reports," which are organized to allow investigators to easily see and analyze data from a phone. Extraction is conducted by plugging the phone into a Cellebrite UFED device. While the device is primarily for extracting information currently on the phone it can, in some cases, extract recently deleted items. The phone at the heart of ZDNet's extraction report was an non-passcode protected iPhone 5 running iOS 8.

The first couple pages of the report include case numbers and unique identifying information for the device, including phone number, IMEI numbers and Apple ID. In these first pages, the report also divulges which plugins the software used to extract information from the device. These plugins can help the software extract data from QuickTime and iPhone backups.

The report compiles geolocation data from every photo taken on the device and visualizes it on a map, allowing an investigator to easily see when and where a person was. Text messages are organized in chronological order, which makes it easier for investigators to track conversations. The wireless networks a device has connected to are also logged, including the MAC address of the router, encryption type and the time last connected to the network.

Call log information includes whether the call is incoming or outgoing, the time, date, the other number on the call, and the duration of the call. Contacts, installed apps and user accounts on the device are also collected. Configurations and databases from apps, which include settings and cache data, are included in collection. Notes and voice mails are also extracted.

Finally, Cellebrite's technology includes an analytics engine that can figure out how many actions have taken place per phone number. For instance, it can tell investigators how many calls and text messages have occurred with each contact.

Cellebrite notes that its UFED device cannot crack passcodes on iPhone 4s and later. iPhone 5s and later come with a secure enclave co-processor that makes it even more difficult to crack for information. In November, Cellebrite signed a deal with the Indian government to provide technology to bypass locked iPhones.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

Carlanga Avatar
66 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Someone didn't read lol
Score: 30 Votes (Like | Disagree)
Tubamajuba Avatar
66 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Cellebrite notes that its UFED device cannot crack passcodes on iPhone 4s and later. iPhone 5s and later come with a secure enclave co-processor that makes it even more difficult to crack for information.
Score: 26 Votes (Like | Disagree)
SoN1NjA Avatar
66 months ago
"Cannot crack passcodes on iPhone 4s or later."

So basically anyone not living under a rock can't be passcode cracked? Only their metadata stolen right?
Score: 8 Votes (Like | Disagree)
now i see it Avatar
66 months ago
Apple: "We take security very seriously"

Cellebrite: "ha ha ha ha ha"
Score: 6 Votes (Like | Disagree)
fs454 Avatar
66 months ago
Crazy that this article and its source are so descriptive about the immense personal data they can harvest, but then in one tiny sentence at the end it says this all can only come from a phone older than a 5S and with no passcode set at all.

What? Who cares then? Just have a phone newer than one that came out in 2012, or have a passcode and they can't get anything. Business as usual.
Score: 5 Votes (Like | Disagree)
Superhai Avatar
66 months ago
The fact that law firms do not take their IT security serious enough so that evidence with so thorough personal data are available to anyone, should be a strong argument for not allowing backdoors into encryption systems.
Score: 4 Votes (Like | Disagree)

Popular Stories

maxresdefault

Review: M1 Max MacBook Pro After Three Months

Wednesday January 19, 2022 11:30 am PST by
It's now been a few months since the M1 Pro and M1 Max MacBook Pro models launched in October, and MacRumors video editor Dan Barbera has been using one of the new machines since they debuted. Over on the MacRumors YouTube channel, Dan has shared a three month review of his MacBook Pro to see how it has held up over time and how it's changed his workflow. Subscribe to the MacRumors YouTube ...
iphone se 2020 top

New iPhone SE Likely to Launch in April Based on Production Timeframe

Wednesday January 19, 2022 6:44 am PST by
Apple suppliers will begin producing display panels for the third-generation iPhone SE this month, with final assembly of the device likely to start in March, according to information shared by display industry consultant Ross Young. Based on this production timeframe, Young believes the third-generation iPhone SE is likely to launch in the second half of April, or perhaps in early May at...
AirPods 3 New Firmware Feature

Apple Updates AirPods 3 Firmware to Version 4C170

Tuesday January 18, 2022 11:46 am PST by
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December. Apple does not offer details on what's included in new firmware updates for the AirPods‌, so we don't know what improvements or bug fixes the new firmware brings. There is no standard way to upgrade the ‌AirPods‌‌ software, but firmware is...
iPad Air Feature 2 green

New Apple Products Filed in Regulatory Database, Likely Including New iPhone SE and iPad Air

Tuesday January 18, 2022 6:11 am PST by
Apple today filed unreleased iPhone and iPad models in the Eurasian Economic Commission database, as spotted by French blog Consomac. The filings likely represent the rumored third-generation iPhone SE, fifth-generation iPad Air, and potentially more. The unreleased iPhone models have the identifiers A2595, A2783, and A2784, while the unreleased iPad models have the identifiers A2588, A2589, ...
iphone 5g mmwave

U.S. Airlines Warn of 'Catastrophic' Crisis With Impending 5G Rollout, AT&T and Verizon Agree to Delay Around Airports

Tuesday January 18, 2022 10:35 am PST by
Verizon and AT&T's upcoming rollout of new C-Band 5G technology could cause chaos and lead to widespread delays of passenger and cargo flights, major U.S. airlines said on Monday in a letter sent to the White House National Economic Council, the FAA, and the FCC (via Reuters). "Unless our major hubs are cleared to fly, the vast majority of the traveling and shipping public will essentially...
microsoft office icons

Microsoft Releases Office for Mac Update With Full Apple Silicon Support in Excel

Tuesday January 18, 2022 4:15 am PST by
Microsoft has released a new version of its Office for Mac productivity suite that includes an updated Excel app with 100% native support for Apple silicon machines. According to the release notes accompanying version 16.57, Excel will now run natively on Macs powered by Apple's M1-series processors without having to use the Rosetta 2 translation layer, which means anyone using a Mac with an ...
appleeducation

Apple's US Education Store Now Requires Institution Verification to Buy Discounted Products

Wednesday January 19, 2022 2:22 am PST by
Apple is now requiring that customers in the United States verify that they're active students, teachers, or staff members at an educational institution in order to access education discounts on products. Previously, little verification was needed for customers to purchase products through Apple's education store in the United States. Apple's education stores offer models of the iPad and Mac ...
iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
Beyond iPhone 13 Better Blue Face ID

Rumored iPhone 14 Pro Feature Delayed Until Next Year

Wednesday January 19, 2022 3:00 am PST by
Apple's long-rumored under-display Face ID technology will not be coming to the iPhone 14 Pro, according to recent reports. Based on the latest rumors, it now looks unlikely that the 6.1-inch iPhone 14 Pro and 6.7-inch iPhone 14 Pro Max will feature Face ID technology under the display as several reports claimed over the past year. Display industry consultant Ross Young, who often reveals ...