Every iPhone/iPad can be hacked using this backdoor, forensics company claims

In the wake of news that the upcoming iPhone 11 will feature a Mate 20 Pro-like camera module, Apple’s reputation is seemingly up for another hit.

Israeli forensics company Cellebrite is claiming that it can “perform a full file system extraction on any iOS device”, and the service is for sale to the public. In addition, other flagship Android devices from smartphone manufacturers (including Samsung, Xiaomi) can also be unlocked.

To explain the credibility that Cellebrite has, it was widely rumoured that the FBI used their services to crack 2015 San Bernardino terrorist Syed Rizwan Farook’s iPhone back in 2016.

How do you protect yourself?

Cellebrites technology requires actual physical access, with Chief Marketing Officer Jeremy Nazarian explaining to Forbes in 2018;

“It’s not like this is over the wire listening technology… it requires physical access. It’s not like anyone is listening to your iPhone or my iPhone. There’s nothing inherent in the technology that means it’s open to misuse.”

In the past, U.S. authorities have discussed with Apple the possibility of coding a backdoor for their devices—this was met with some opposition from Apple CEO, Tim Cook.

What if this backdoor was discovered by governmental agencies around the world? Or leaked by nefarious parties? Ultimately, Cook explained that a built-in backdoor would fundamentally compromise iOS devices.

And it has proven to be true, with reports of Cellebrite tools being put up for sale for as little as $100 surfacing earlier in 2019. Cellebrite says that lengthy security checks will be conducted on anyone that wants to crack a phone, but the backdoor reportedly extends across all iOS devices; including those on the latest release, iOS 12.3.2.

Apple devices have long been touted as the most secure options when it comes to backdoors or hackers, and they will need to address the issue quickly—with the release of iOS 13 coming up, they will definitely need to.

Apple has patched vulnerabilities with OS updates in the past, including the iOS 12 update that became the centre of the infamous ‘Charge Gate’ issue.

[ VIA ]