In a surprising turn of events, Apple’s latest iOS 17.4 update has included a feature that blocks Cellebrite machines commonly used by law enforcement agencies to unlock iPhones. This move by Apple comes as part of an ongoing back-and-forth battle between the tech giant and Cellebrite, an Israeli company known for its advanced unlocking technology.
According to a recent report based on leaked Cellebrite documentation, the company’s machines are currently unable to unlock iPhones running iOS 17.4 or later using its brute force technique. While Cellebrite is actively researching ways to break into newer iOS builds released since early March, it seems that Apple has managed to stay one step ahead for now.
The iOS 17.4 update, known for its changes in the 27 member EU countries to comply with the EU’s Digital Markets Act, has clearly put a dent in Cellebrite’s unlocking capabilities. However, it is expected that Cellebrite will soon find a way to unlock iPhone models ranging from the iPhone 12 to the iPhone 15 running iOS 17.1 through iOS 17.3.
For iPhone users who have not yet updated their devices, it is advised to do so promptly to ensure maximum security and privacy. The Cellebrite machines bypass Apple’s passcode security measures, which limit the number of passcode attempts before erasing the data on the device. Despite this, the brute force attack method used by Cellebrite is a slow process, with only a limited number of passcodes able to be entered each day.
Interestingly, before resorting to brute force, Cellebrite machines try to unlock the phone using various personal information such as the phone owner’s birthday, the birthdate of their significant other, and other important dates in their life. This highlights the importance of not using easily guessable passcodes based on personal information.
In addition to iPhones, the leaked Cellebrite documentation also sheds light on the vulnerability of Android devices to Cellebrite’s brute force attack. While Pixel 6 through Pixel 8 series models cannot be unlocked if the device is turned off, all Samsung models and non-Samsung Android phones running Android 7-14 are susceptible to Cellebrite’s unlocking techniques.
Overall, the ongoing battle between Apple and Cellebrite highlights the importance of staying vigilant when it comes to protecting personal data on smartphones. With technology constantly evolving, it is crucial for users to regularly update their devices and take necessary precautions to safeguard their privacy and security.