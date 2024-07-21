Internal documents of Cellebrite — an Israeli security company whose programs are used by intelligence agencies to hack Apple iPhones and Android have been leaked. The leak shows which smartphones it can (or cannot) unlock.

Cellebrite, whose tools are used to The FBI hacked the phone of the Trump attacker, is not yet able to jailbreak iPhones running iOS 17.4, and all iPhone 15s are not yet able to be jailbroken regardless of the firmware. At the same time, iPhone 12 and older, as well as Android, are very easy to jailbreak. The documents also show which Android phones and operating system versions Cellebrite can access.

The documents are titled «Cellebrite Support Matrix for iOS» and «Cellebrite Support Matrix for Android». The company provides this data to customers but does not publish it. An anonymous source claims to have received them from a Cellebrite customer.

For all locked iPhones that may be running version 17.4 or later, Cellebrite’s document states «In research» — meaning it is not a given that they can be unlocked using Cellebrite tools. Regarding previous versions of iOS 17, from 17.1 to 17.3.1, Cellebrite notes that it supports iPhone XR and iPhone 11. In particular, the company has recently added support for the Supersonic BF (brute force, «group force», full brute force) feature to these models, which promises fast results.

Support for iPhone 12 and newer operating systems «will be coming soon». In other words, Cellebrite can only unlock iPhones with the penultimate version of iOS that were released almost five years ago.

Also, Cellebrite does not cover all locked Android devices, although «breaks» most of them. The company cannot force disabled Google Pixel 6, 7, or 8 to give out user data. The most recent version of Android at the time of the Cellebrite documents was Android 14, released in October 2023. The Pixel 6 was released in 2021.

Cellebrite has confirmed the authenticity of the leaked documents:

«As with any other software company, the documents are designed to help our customers understand Cellebrite’s technological capabilities as they conduct ethical, legally sanctioned investigations subject to the constraints of a search warrant or owner consent. The reason we don’t openly advertise our updates is to ensure that attackers don’t have information that could further their criminal activities. Cellebrite does not sell [software] to countries that are sanctioned by the US, EU, UK, or Israeli governments, or [are] on the FATF blacklist. We only work with customers that we believe will act lawfully and will not violate privacy or human rights,» writes Victor Ryan Cooper, Senior Director of Corporate Communications and Content at Cellebrite.

The Cellebrite Premium advertisement claims that the program is able to retrieve passwords for «almost all modern mobile devices, including the latest versions of iOS and Android». This statement does not seem to be consistent with the documents obtained.

Source: 404 Media