NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

Using a screen lock on your smartphone will keep most prying eyes away from your personal data, but law enforcement is not so easily deterred. Police have access to tools and services that can crack phones, and we might not even know what capabilities they have until years later. Israeli forensics firm Cellebrite announced its new in-house phone cracking tool earlier this year, but a new report suggests law enforcement has had access to it since early 2018.

Cellebrite offers numerous services to law enforcement, all aimed at collecting digital evidence from seized devices. This has become big business ever since Apple and Google made encryption the default on their mobile platforms. Companies like Cellebrite search for or purchase undisclosed vulnerabilities and use those to build custom phone cracking tools.

Cellebrite announced its new Universal Forensic Extraction Device (UFED) Premium service in June 2019. With UFED Premium, police can unlock almost all iPhones and most Android phones in-house. With other services, law enforcement often has to send phones out to a forensic laboratory to have them unlocked. That adds a lot of red tape and slows down the investigation.

According to a new report, the Manhattan District Attorney’s office has had access to UFED Premium long before the official announcement — as early as January 2018. This claim comes from a leaked contract with the Manhattan DA, one of the most influential prosecution offices in the country. The office reportedly paid $200,000 for the UFED Premium license, training, and a set number of in-house phone unlocks. There were also additional service add-ons totaling about $1 million. The contract also requires the DA to set up a secure room to house the software with no recording devices allowed.

NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

Cellebrite always refuses to comment on its business or who uses its products, so we’re left to speculate about how this arrangement happened in secret. It’s possible Cellebrite had UFED Premium ready years ago, but it delayed making a public announcement so big customers like the Manhattan DA could make full use of the product. As soon as Cellebrite announced the in-house cracking capability, the security community set to work figuring out how it worked. Eventually, the company may need to devise a new approach as vendors patch to block the UFED Premium tools.

Currently, Cellebrite advertises UFED Premium as being able to unlock all iPhones as well as many high-end Android phones like those made by Samsung and Huawei. Presumably, that means even the latest iOS 13 is vulnerable.

Continue reading

LG Shifts Strategy, Will No Longer Release Yearly Handset Updates

LG has declared its out of the yearly flagship phone release cycle, preferring to concentrate on retaining form factors for a longer period of time.

MIPS Returns to Silicon Valley, Eyes Burgeoning AI Market

The custom CPU manufacturer MIPS has returned to its roots in Silicon Valley, and it's already plotting its comeback. Can the small CPU firm still find a place at the AI table?

SpaceX Falcon Heavy Launch Delayed by US Government Shutdown

After previously suggesting a government shutdown would not delay the Falcon Heavy project, SpaceX now says it won't be able to test the rocket during a government shutdown. Even if the current impasse in Washington is solved, we're not out of the budgetary woods just yet.

Former Tesla Employees Warn of Defective Model 3 Batteries

Some former Tesla employees report that many Model 3 batteries were assembled by hand, and there could be quality issues that make them more prone to failure. Tesla, however, denies this.