The “arms race” of mobile forensics – ever-tougher encryption and the breakneck operations to crack it – has become more of a public tug-of-war than ever before.
Cellebrite, the largest player in the mobile-forensics industry, unveiled its UFED Premium last Friday. Along with the announcement came the bombshell: that it can now get into any Apple iOS device, and many of the high-end Android devices.
“An exclusive solution for law enforcement to unlock and extract data from all iOS and Android devices,” the company said in a tweet.
Those devices have historically been the toughest to crack – and Cellebrite’s newfound ability to perform a full-file system extraction on any iOS device in particular would allow law enforcement “to get much more data than what is possible through logical extractions and other conventional means.”
“Our certified forensic experts can also help you gain access to sensitive mobile evidence form several locked, encrypted or damaged iOS and Android devices using advanced in-lab only techniques,” the company added in its Friday announcement.
The latest tool works on Apple device running anything from iOS 7 to iOS 12.3, according to the company. Among the Android devices covered are the Samsung S6, S7, S8, and S9. Also supported are the most popular models of Motorola, Huawei, LG and Xiaomi.
The announcement follows the highly-publicized breakthrough of the GrayKey devices made by Grayshift more than a year ago. The GrayKey tool had exploited a low-power loophole in some iOS systems, one expert explained to Forensic Magazine. But Apple put in a fix to stop the access late last year, involving an iOS system to reconnect with a home device. Since then, GrayKey has made some inroads on some Apple devices – but not all of them, according to experts.