
Cellebrite claims it can unlock any iPhone, many new Android phones for police - microwavecamera
https://www.wired.com/story/cellebrite-ufed-ios-12-iphone-hack-android/
======
_kbh_
It is much more likely imo, that they have zero day exploits for something
that does not require the phone to be unlocked, eg wireless, 3g/4g, bluetooth,
or via the lightning connector.

If they are not doing that one of the only other options i can see is if they
can clone the phone and perform a offline brute force against the pin code but
my understanding is that the secure enclave is meant to prevent attacks like
that.

~~~
eridius
How would an exploit in wireless, 3g/4g, etc lead to a full compromise of the
device? These components don’t have full access to the device to begin with,
and definitely don’t have access to the disk encryption keys.

And yeah, you can’t clone an iPhone and get anything usable. The pin is
entangled with a secret that never leaves the Secure Enclave, so an offline
attack would be an attack on the full encryption key, not on the pin.

~~~
chatmasta
Google Project Zero was able to remotely own devices via a Broadcom
vulnerability: [https://googleprojectzero.blogspot.com/2017/04/over-air-
expl...](https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-
broadcoms-wi-fi_4.html?m=1)

~~~
eridius
They demonstrated owning an Android device. The page says iPhones since iPhone
4 use the Broadcom WiFi SoC but otherwise makes no mention of whether the
exploit works on iPhone.

Most mobile phones allow the baseband to have full access to the entire
device, which is why an exploit of the baseband can turn into a full device
compromise, but AIUI iPhones don't do this and keep the baseband as a separate
unprivileged component, specifically to defend against this attack vector. So
a baseband compromise might get you access to any data going over the baseband
(e.g. phone calls, unencrypted data traffic, etc) but shouldn't get you access
to the rest of the device.

------
thornjm
In the past a USB or WIFI/Bluetooth attack would have got kernel mode
execution then used the secure enclave to brute force credentials.

I think what makes this statement interesting is that Apple recently
introduced anti-replay counters into their A12 SOC to defeat replay attacks
that just reset the memory after each attempt.

I think this might represent a new generation of attacks that either have
found a bug in the secure enclave OS itself or some kind of local timing/side
channel attack.

The secure enclave has been getting more complex (things like neural net for
FaceID) and I have no idea if it has modern mitigations like ASLR so there is
reasonable chance people can get execution there. Really just another local
privilege escalation.

The side-channel idea is also really interesting because a lot of the row-
hammer and SPECTRE style attacks seem far-fetched in real scenarios but
attacking a different ring of your own chip with full kernel access makes any
kind of hardware attack seem much more reasonable.

------
dingaling
That is terrifying given how the phone is the single key to many people's
digital identity and their finances.

And that's what scared me into changing my relationship with my phone. I try
to treat it as an ephemeral, disposable data terminal in which I have minimal
trust.

Every few weeks I back it up to the LAN and purge it. If I lose it I revoke
its login certificates so that it can't access the mail and chat servers, and
block the PAYG SIM.

Yet more and more services want me to regard it as a secure token endowd with
ultimate trust. The latest is one of my banks ( Halifax ) which demands that I
install their app to authorise any online payment.

~~~
iamnothere
I'm holding out hope that one day we will see an up-to-date iPod Touch type
device for the Android ecosystem. (With fingerprint/NFC support, unlike the
iPod Touch.) I could carry this around as a "clearnet terminal" and power it
on when needed, mostly for banking, casual communications, and non-critical
password storage. Everything else is relegated to more secure single-purpose
devices that avoid touching the broader web.

------
earenndil
Most users have 4-digit or 6-digit numeric passwords, which can be trivially
brute-forced. The only reason they can't generally is that SEP rate-limits
decryption attempts. They probably have a way around the rate-limit. Meaning:
if you use an alphanumeric password, you're fine.

~~~
jMyles
I can't immediately find the methodology by which a pattern is converted to a
pin.

For example, what's the degree of entropy for a non-trivial 6x6 pattern? (And
why is my search fu not availing me of the answer to this question? :-) )

~~~
f1refly
Check out the "specific pattern decrypt note" section from the twrp faq

[https://twrp.me/faq/openrecoveryscript.html](https://twrp.me/faq/openrecoveryscript.html)

------
mullingitover
Interesting that this company is able to do this without threat of being sued
into a smoking crater by Apple. They'd have to use Apple's software to build
their product, and to do that they'd be bound by the license agreement. Apple
could forbid the research in the license.

Oracle created the DeWitt Clause that forbids researchers from publishinging
_benchmarks_ for their products, and this apparently stands up in court. I
have to imagine Apple could forbid researching and building exploit tools just
as easily.

~~~
3xblah
"Oracle created the DeWitt Clause that forbids researchers from publishing
benchmarks for their products, and this apparently stands up in court."

Was this "DeWitt Clause" ever challenged specifically _in a trial_? If yes,
can you give us some details, e.g., date, the name of the opposing party, the
venue, etc.?

If it has never been challenged specifically, and gone through litigation all
the way to a trial, can we honestly say "it stands up in court"?

~~~
pvg
What would the nature of that specific challenge be?

~~~
3xblah
For example, if there was a lawsuit for breach of license agreement based on
publishing results in violation of the "DeWitt Clause", the defendant might
argue that clause was unenforceable.

It might be possible to require a publication delay as a condition to a
license, but an outright ban on publication might not be enforceable. The only
way to know for sure is a lawsuit that goes to trial. Of course, even if we
never actually find out because it never actually is the basis of any
litigation that goes to trial, inclusion of a "DeWitt Clause" in a license
could still intimidate licensees and effectively discourage publication.

The 2002 story linked on the Wikipedia page for "DeWitt Clause" mentions a
telephone call to DeWitt's employer asking for him to be terminated. However
it says nothing about a lawsuit based on breach of this particular "DeWitt
Clause".

~~~
pvg
I'm no lawyer but it seems to me the world is awash with contracts that
include agreements by one or more parties not to disclose something or other.
What's the sort of thing that would make this particular one 'not
enforceable'?

------
puzzledobserver
Wouldn't such an ability, by virtue of having been tested at least once, run
afoul of the DMCA? Of course, it is an Israeli company and not an American
one, and we have no proof that they have the ability or have ever exercised
it, and IANAL, but I am curious.

~~~
pas
DMCA? How, they don't do this to access protected music/movie files. Or is
that statute also covers other kinds of data?

~~~
boredishBoi
It is my understanding that under the DMCA the security measures themselves
are copyrighted works and breaking them is a violation of the DMCA in and of
itself. That’s why breaking DRM, even if it’s to access public domain works is
still illegal.

~~~
javagram
I don’t think that understanding is correct. Content in the public domain is
not “protected under this title [copyright law]”

[https://www.law.cornell.edu/uscode/text/17/1201](https://www.law.cornell.edu/uscode/text/17/1201)

> (A) No person shall circumvent a technological measure that effectively
> controls access to a work protected under this title

------
ISL
If such a device were used in the course of an investigation, wouldn't the
defense have the right to examine the device and cross-examine the responsible
engineers to ascertain how it works and to ensure that the recovered
information has not been tampered-with?

~~~
gruez
Not if they use parallel construction

------
tty2300
It would be interesting to know what kind of bugs they are exploiting for
this. Are they attacks over USB, bugs in the lock screen, or in the radio
hardware.

------
jMyles
First of all, to give words to the obvious question here: what leads a group
of people to flaunt their insanely unethical desire to profit from <insert
antonym of freedom>? They are literally trumpeting the ability for their
clients to forcibly copy data without the permission of the owner of the
device in question. Is it just money? Is it that simple?

Annnyway, more importantly: are there any details about how their claims are
even possible? I guess that somehow, in every case of both iOS and Android,
the symmetric key with which the data directory is encrypted is somehow
gleanable?

It's a bit puzzling, because it seems that something as simple as 15-year old
LUKS (eg, using dm-crypt) is sufficient for this purpose... right?

I mean, this company isn't claiming it can perform the same attack on an off-
the-shelf laptop that has FDE with dm-crypt, right?

What's the difference? Why are phones such a security nightmare? At least in
terms of encryption at rest on a cold device, isn't this a solved problem?

~~~
hueving
Are you seriously shocked that there are people out there that would be
willing to assist law enforcement? It's not like they are advertising this
service for anyone to drop by with any arbitrary phone to unlock.

They are no worse than locksmiths advertising the ability to crack safes.

~~~
speedplane
> Are you seriously shocked that there are people out there that would be
> willing to assist law enforcement? ... They are no worse than locksmiths
> advertising the ability to crack safes.

It's more like a locksmith advertising the ability to break anyone's safe that
contains details on every place you've ever been, purchase you've ever made,
and person you've ever communicated with. Phones are far more ubiquitous and
contain far more information than any family safe. Not a fair comparison.

~~~
danarmak
Are you suggesting a locksmith should refuse to help the police open safes
that contain too many valuables or PII inside?

~~~
Jonnax
At the end of the day you live in a global world.

Is it acceptable for this company to sell it to Saudi Arabian police where
it's a crime for a woman to run away from home?

[https://www.businessinsider.com/saudi-arabia-imei-track-
runa...](https://www.businessinsider.com/saudi-arabia-imei-track-
runaways-2019-5?r=US&IR=T)

Or how about Australia raiding journalists for whistleblowing on abuses
conducted by their arm forces in war: [https://www.bbc.com/news/world-
australia-48522729](https://www.bbc.com/news/world-australia-48522729)

Perhaps you agree or perhaps you don't. But the issue is more complex than
saying that "everyone should help the police"

~~~
danarmak
I'm not saying "everyone" should help the police. I do think it's alright that
a few companies, in specialized professions, exist to help the police (and
other governmental organizations).

Yes, a lot of the effect is harmful, including in helping police do harm. But
an argument that no-one should help the police is basically an argument the
police shouldn't exist.

~~~
kerkeslager
No it's not.

I'd argue that nobody should help the police as they exist in many modern
implementations, because the police as they exist now are often bad actors.
But it's not hard to imagine a police force that's held to a higher standard
such that they actually are trustworthy. The argument doesn't have to be
"police shouldn't exist"\--it could be "police should be better".

~~~
danarmak
But since we lack an individually actionable way of making the police better,
doesn't the argument reduce to "we should not help the police as they are
now"?

~~~
kerkeslager
Yes, tautologically, "no-one should help the police" means "we should not help
the police as they are now", but given that's obvious, I suspect that's not
what you intend to say.

My previous post was responding to your claim "But an argument that no-one
should help the police is basically an argument the police shouldn't exist",
which is incorrect. The two are very different arguments.

~~~
danarmak
The police could not exist if most people refused to help them. Arguing for
people not to help the police is therefore arguing for the police to stop
existing or to become less powerful or less effective.

I take "not helping" to mean not just not developing specialized products that
only police can legally use, but also not calling the police in case of crime,
not helping them with investigations as witnesses. Where the law permits, not
selling them generic products and services (eg food). And where personal
circumstances permit, not working for a company that does business with them,
deplatforming them, etc.

------
earenndil
This is almost certainly a way to brute-force passwords without the rate limit
which is enforced by default. The only reason passwords can be brute-forced is
that they're numeric and have few digits. If you use an alphanumeric passcode
with at least 8-10 digits, you're fine.

~~~
gloflo
What makes you so certain of that?

~~~
earenndil
#1 it's the most plausible given that it's impossible to be patched upstream
and apple aren't slouches regarding crypto. #2 I saw a demo a while back of
such a mechanism, and it was obviously brute-forcing. Rest assured, I'm not
working for cellebrite selling fake assurances; it's obvious alphanumerics
aren't _less_ secure than numeric PINs, and you shouldn't store anything
actually sensitive on a biometric-enabled phone _anyway_.

------
Sephr
I'm quite interested to hear if these attacks involve exploiting side channel
leaks against the Secure Enclave, as Apple has supposedly hardened the Secure
Enclave against side channel leaks.

I'm sure a technical deep dive on these vulnerabilities would be an exciting
read.

------
stunt
This is also a great advertisement to tell everyone we buy zero-days and
information about backdoors!

------
jasonhansel
Can apple just add to their Terms of Service that private firms like
Cellebrite are required to disclose any security flaws they find?

~~~
mcny
I don't understand. Why would celebrate be bound by these ToS?

We talk about how we want to abolish the CFAA so we can't (morally) turn
around and use it when it suits us.

EULA is not the law. Terms of service is not the law. It is absurd to say that
Apple should have the legal authority to (in a practical sense) legislate.
Yes, theoretically speaking we don't need an iPhone to stay alive but still.
You could have argued we didn't need Carnegie steel to stay alive either.

------
marmshallow
Still bums me out there's not an active market like this but for jailbreaking
iPhones.

~~~
gruez
Jailbreakers aren’t willing to fork over millions of dollars and don’t have a
monopoly on violence.

