Police use Cellebrite's technology to unlock phones for forensic analysis, but it's not magic. A few highlights from this reporting:
- Device manufacturer matters. E.g., Samsung devices appear more crackable than Google.
- Downloading your updates requires Cellebrite to research/develop new techniques. They're always playing catch up.
- Older devices are more vulnerable.
- Encryption matters. They often have to work harder if your password-protected device is turned off.
https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
@mshelton Yeah, and Cellebrite straight up steals opensource work, and 'found' exploits.
@mshelton The biggest takeaway should be that using a strong alpha numeric password is worlds better than a 4 or 6 digit pin. Celebrite gets around the restrictions of the iPhone locking after failed attempts so it then has the relatively easy task of brute forcing a 4 or 6 digit pin. If there is a strong password they will be out of luck.
@mshelton Device powered off is best, but FaceID is better as it makes using a strong device password feasible and prevents shoulder surfing it. Knowing how to disable FaceID quickly and disabling it when going through customs for example is more secure than constantly entering your device password in public.
@mshelton So:
1. Strong password (in settings change password and select passcode options > custom alphanumeric)
2. Keep iOS updated.
3. Know how to disable FaceID by pressing and holding either volume button and the Sleep/Wake button simultaneously for 2 seconds.