Firm involved in the FBI’s terrorist iPhone unlocking case admits it can now extract data from the iPhone 6 range
Cellebrite, a mobile forensics company based in Israel, has admitted it is now able to carry out “lawful unlocking and evidence extraction” from the Apple iPhone 6 and 6 Plus.
This was the admission from the firm’s Forensics Research director Shahar Tal on Twitter.
Cellebrite was at the centre of the furore over the FBI’s attempt to unlock an iPhone last year belonging one of the San Bernardino terrorists, Syed Rizwan Farook, the man was responsible for the San Bernardino, California shootings in December 2015.
After the shootings, the FBI recovered Farook’s iPhone 5C, and asked for Apple’s assistance in unlocking the device.
Apple refused point blank to co-operate with the FBI’s court order over the matter, and CEO Tim Cook robustly defended his company’s stance on encryption. Cook said the FBI’s request to create a new operating system, was the “software equivalent to cancer”.
The FBI had attempted to crack the passcode on Farook’s iPhone, but failed because Apple phone systems have a function that automatically erases the access key and renders the phone “permanently inaccessible” after 10 failed attempts.
At one stage the FBI threatened to bring in a ‘third party’ to unlock the device.
In the end however, the Feds reportedly paid unnamed ‘grey hat’ hackers to crack Farook’s iPhone. It was thought at the time that the FBI had paid the third party hackers at least $1.34m to unlock Farook’s iPhone 5C.
Until now, it was thought that later models of the iPhone were more difficult to crack. But now it seems that more modern Apple devices can be cracked, including the iPhone 6 and 6 Plus. But not the iPhone 6S or iPhone 7.
“Cellebrite’s CAIS now supports lawful unlocking and evidence extraction of iPhone 4S/5/5C/5S/6/6+ devices (via our in-house service only),” tweeted Cellebrite’s Tal.
Cellebrite’s website still only promises “the physical extraction of data” from the iPhone 4S, 5, and 5c.
Last month Cellebrite itself was hacked and it had 900 GB of data stolen from one of its servers, including customer information and technical product data.