Israeli security company Cellebrite has announced that they have found a way to extract data from every iOS devices ever produced.
According to Apple, there are roughly 1.4 billion Apple devices in the market, meaning that if Cellebrite’s claims are true, there is a backdoor on all iOS devices that allows all security measures on the device to be circumvented.
Cellebrite is the same company that unlocked the iPhone 5c belonging to the San Bernardino shooter. This was the iPhone that Apple said they could not unlock due to the fact that too many attempts had been made to unlock the phone.
The FBI tried to pressurise Apple into creating a version of iOS with backdoors in it, but Apple refused, citing that if a backdoor was ever built into iOS, there was no way to guarantee that it would not fall into the wrong hands.
It appears that Cellebrite may have discovered an unintentional backdoor of sorts. On the company’s website, it says that they can unlock any iOS device running on any iOS version between iOS 7 and iOS 12.3.
The company claims that it can determine passcodes and perform unlocks for Apple devices, giving law enforcement the ability to extract all information stored in the file system. Law enforcement would not even have to send the device to Cellebrite for this, but the company does say that they take misuse very seriously, and have a multi-step process in place designed to authenticate the validity of the unlock request.
While Cellebrite has tried to assure that they do the utmost to prevent misuse, their devices have been found on eBay for as little as $100.