New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Data Extraction Company Cellebrite Touts New Software for Cracking iPhones and iPads Running up to iOS 12.3

Israel-based software developer Cellebrite, known for breaking into mobile devices like the iPhone to obtain sensitive data, has announced that it can now unlock any iOS device running up to iOS 12.3, which was released only a month ago.


The firm revealed the capability in a tweet posted late Friday advertising UFED Premium, the latest version of its Universal Forensic Extraction Device.

On its UFED web page, Cellebrite describes the tool's ability to glean forensic data from any iOS device dating back to iOS 7, as well as from Android devices made by Samsung, Huawei, LG, and Xiaomi.

The Israel firm describes UFED Premium as "the only on-premise solution for law enforcement agencies to unlock and extract crucial mobile phone evidence from all iOS and high-end Android devices."

If the claims are accurate, Cellebrite's tool will enable authorities to potentially crack the vast majority of smartphones currently available on the market. As Wired notes, no other law enforcement contractor has made such broad claims about a single product, at least not publicly.

Apple continually introduces improvements to the security of its operating systems in order to keep ahead of companies like Cellebrite that are always searching for flaws and vulnerabilities to exploit in order to access the data on locked iOS devices.

For example, in October 2018 Apple's successfully thwarted the "GrayKey" iPhone passcode hack, sold by Atlanta-based company Grayshift, which had also been in use by U.S. law enforcement.

Cellebrite first garnered significant attention in 2016, when it was believed the company was enlisted to help the FBI break into the iPhone 5c of San Bernardino shooter Syed Farook after Apple refused to provide the FBI with tools to unlock the device.

The FBI did not use Cellebrite's services for that particular case, but several United States government agencies do regularly work with Cellebrite to unlock iOS devices.

According to Wired's sources, Grayshift has developed tools to unlock at least some versions of iOS 12. If true, the firm is still keeping its cards close to its chest, but probably not for much longer.

Even as Apple works to increase the security of its iOS devices, Cellebrite's brazen announcement suggests the cat-and-mouse game of exploiting vulnerabilities in mobile device software will only become more competitive, as rival companies attempt to grab a bigger share of the market.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Related Roundup: iOS 12


Top Rated Comments

(View all)

5 weeks ago

As long as Apple continues to have bugs that allow people to break in, how can Apple claim the high ground with regard to privacy. At the end of the day, it does not matter whether its a bug (in Apple's case) or a feature (in Google's case) it still puts our devices at risk.


There's no such thing as "bug free software", and there's no such thing as "100% secure" software. Security is, and always will be a game of cat and mouse and there's no way around it.
Rating: 10 Votes
5 weeks ago

Cellebrite first garnered significant attention in 2016, when it was believed ('https://www.macrumors.com/2016/03/23/fbi-israeli-firm-cellebrite-to-unlock-iphone/') the company was enlisted to help the FBI break into the iPhone 5c of San Bernardino shooter Syed Farook after Apple refused to provide the FBI with tools to unlock the device.

If i recall correctly, Apple did not "refused to provide the FBI with tools to unlock the device" they simply said they had no way to do what they were asked.....
Rating: 10 Votes
5 weeks ago

As long as companies continue to find ways to break into devices, there is no need for legislation requiring manufacturers to provide law enforcement with back doors.


I would argue even if there weren't private sector solutions, there is still no need to require back doors in smartphones and other computer hardware - because (beyond user privacy) there is no such thing as a secure back door, thinking back to the exploits that were leaked (from the NSA etc.) and the access would be abused by governments. JMHO...
Rating: 7 Votes
5 weeks ago

As long as Apple continues to have bugs that allow people to break in, how can Apple claim the high ground with regard to privacy. At the end of the day, it does not matter whether its a bug (in Apple's case) or a feature (in Google's case) it still puts our devices at risk.


C'mon. Even the "high ground" is not invulnerable. I think Apple can say that iOS is the most secure system. People can interpret that as they will. It does matter if it's a feature or a bug. And, of course Apple will change things as soon as they can find Cellebrite's method. Locking out the Lightning data lines was a great start. Google has less of an imperative.
Rating: 5 Votes
5 weeks ago

Every time there's a thread for cracking iOS devices, I get a good laugh. So many people think the government cares enough about them to want to get on their phone. I see similar behavior in schizophrenics. If you're not doing extraordinarily illegal activity, you could have a flip phone from 2001 and your personal data would be safe from any government.

Unless one of you was the San Bernardino shooter, no one cares. Does anyone fall into that category? Didn't think so.

You may now return to your government conspiracy theories and delusions and grandeur.


Thank you for touting your ignorance. If you ever are unlucky enough to be falsely accused of a crime, I’m sure you’ll change your tune... quickly

This has everything to do with potential and what an overreaching government is able to do
Rating: 5 Votes
5 weeks ago
We're on 12.3.2 so it's outdated already.
Rating: 4 Votes
5 weeks ago

Yes, but neither 12.3.1 nor 12.3.2 fixed and security issues.


Yeah, and Cellebrite claims they can "Bypass or determine locks and perform a full file system extraction on any iOS device" (emphasis mine). Maybe 12.3.x is safe, maybe Cellebrite just does not bother stating the patch number, maybe they just had not tested it at the time they prepared the text... I would not feel too safe about this.
Rating: 3 Votes
5 weeks ago

As long as Apple continues to have bugs that allow people to break in, how can Apple claim the high ground with regard to privacy. At the end of the day, it does not matter whether its a bug (in Apple's case) or a feature (in Google's case) it still puts our devices at risk.


Because they're security issues, nothing to do with their privacy policy.
Rating: 2 Votes
5 weeks ago
As long as companies continue to find ways to break into devices, there is no need for legislation requiring manufacturers to provide law enforcement with back doors.
Rating: 2 Votes
5 weeks ago
Given that marketing is basically legally brainwashing people, I can boldly say Cellebrite might as well just want to get some media attention and gain upper hand in marketing against other competitors. Whether they have the up to date tool or not could be another debate. I just assume government database has an up to date real-time Data cache of all my devices connected to the internet, period.
Rating: 2 Votes

[ Read All Comments ]