Cellebrite: The Rumored "Outside Party" in the Apple-FBI Case Is Just That
What we do know: Cellebrite routinely works with the U.S. government.
Reports abound that the “outside party” the federal government is employing to break into the (irrelevant) San Bernardino iPhone 5c is Israeli firm Cellebrite.
There are numerous other reports that this rumor is just that, a rumor. “I am not able to comment on the identity of the outside party,” FBI spokesman Christopher Allen told the BBC. Meanwhile, NPR speculates it might just be “a publicity stunt” by Cellebrite to drum up business.
Here’s what we know: Cellebrite didn’t just come out of the woodwork — the U.S. government and over 110 different countries routinely use this technology to generate reports based on phones searched in criminal cases — which makes the convenient timing suspicious. (Possible sentiment: “We’re not making progress in compelling Apple to assist us, and nor does it seem like we’ll win the precedent battle anytime soon, so let’s just go with Cellebrite. Screw it.”)
The government has known that Cellebrite can gain access to and generate comprehensive data reports on iPhones (and virtually all other devices). No less, in the court case in San Bernardino, the government pled naïve: “Apple has the exclusive technical means which would assist the government in completing its search,” the government argued. And the government has since — until now — repeatedly argued that no one but Apple can enter the iPhone in question.
That’s now patently false. Judge Sheri Pym complied with the government’s orders to put the San Bernardino case on hold until further notice:
On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. (“Apple”) set forth in the All Writs Act Order in this case.
In July, 2015, Cellebrite shared a video on how to use its technology to break into an iPhone that was running iOS 7 or older.
On its website, in November, 2015, the company shared that it could break into all iOS 8-equipped devices. (“UNLOCK APPLE DEVICES RUNNING IOS 8.X WITH NO RISK OF DEVICE WIPE OR HARDWARE INTERVENTION.”)
No one should therefore be surprised, then, if Cellebrite can actually break into this iOS 9 iPhone 5c. The FBI and the U.S. government should be the least surprised.
The company’s video, below, makes privacy intrusions cheery:
And once inside the phone, here’s an old, but informative, glimpse into what a Cellebrite report tells law enforcement agencies about you: