The latest version of iOS might not be vulnerable though
Israeli mobile forensics company Cellebrite is now claiming it can crack any iPhone including those running iOS 11. As you may know, Cellebrite is the company that helped the FBI open the iPhone 5c belonging to San Bernardino shooter Syed Rizwan Farook.
Anonymous sources told Forbes the company had recently found a way through the security measures used in iOS 11. If true, this would mean that pretty much every iPhone sold is vulnerable to government scrutiny. Apparently, the technology was first used last November when Cellebrite extracted data from an iPhone X for the Department of Homeland Security.
The firm has not announced the breakthrough publically but reportedly is advertising it to agencies worldwide.
“[Cellebrite] hasn’t made any major public announcement about its new iOS capabilities. But sources (who asked to remain anonymous as they weren’t authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe.”
The company may not have announced its capabilities in a public statement but a datasheet published by the firm confirms what the anonymous sources revealed. The sheet claims Cellebrite can unlock or extract data from “Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11.”
This news should be somewhat concerning to iPhone owners. Despite the fact that Cellebrite sells its services to law enforcement and government agencies (“the good guys”), it is only a matter of time before that “bad guys” get their hands on it or develop similar techniques of their own. In fact, hackers were able to steal and distribute the tools used to crack Farook’s phone not long after they were used.
However, 9to5Mac says that Cellebrite’s technology may already be outdated. The last known crack of an iPhone involved an iPhone X back in December that was rooted by authorities in Michigan using Cellebrite’s techniques.
Since that time, Apple has issued several security updates for iOS 11. The latest version, iOS 11.2.6, was just rolled out last week. Any holes that Cellebrite may have been exploiting back in December are likely to have been patched by now.
There is also the fact that the firm’s engineers need physical access to the device to crack it. Users should have nothing to fear unless their phone is stolen.