iOS Cracking Tools Used By Feds Now Made Public

We all know the story -- the Federal Bureau of Investigation (FBI) had requested Apple last year to help them unlock an iPhone 5c unit owned by one of the perpetrators involved in the San Bernardino attacks. The phone maker had famously said no thanks, so the feds had no choice but to acquire the services of an Israel based mobile security firm called Cellebrite in order to help them crack the said iPhone. Here is where it gets more interesting -- about a month ago, Cellebrite had revealed that some hacker had breached its legacy servers, and now that person is making some of that data public (as sort of a lesson to the FBI).

What exactly is contained in the information being released? It reportedly includes code that is connected to Cellebrite’s Universal Forensic Extraction Device (UFED). Moreover, this code is said to be capable of unlocking older iPhone models (such as the iPhone 5c), plus other mobile devices that run on Android or BlackBerry mobile operating systems.

With his real identity still a secret, the hacker has spoken to Motherboard, pointing out how the simple fact of creating cracking tools makes them inevitably vulnerable to being uncovered, even falling into the hands of parties with less than noble intentions, not only by criminal elements, but also by oppressive regimes. 

The hacker is claiming to have retrieved the tools from Cellebrite’s own servers, and then after getting the encrypted files, proceeding to post them on Pastebin, a popular repository for code. Also, it seems that some of the code have been acquired from jailbreaking code, especially those accessible by the public. According to a spokesperson for Cellebrite, the files did not contain any source code, except for packaging data. 

Last year, Tim Cook, the chief executive officer of Apple, has expressed his concerns about the potential dangers of creating backdoor software that allow parties to bypass the security protocols of smartphone devices. With this latest hack, the lesson here is that once a backdoor exists, it will likely become a target that can be used by others to sneak in.

Apple’s feud with the FBI was a hot topic in 2016, with both sides offering strong arguments against each other. While the feds were pointing out at that national security was at stake, Apple was quick to counter that smartphones are, first and foremost, personal and private devices that should be protected under the United States Constitution.