Mobile device security is more crucial than ever, and the latest news about Cellebrite’s inability to unlock certain versions of the iPhone only underscores the ongoing race between device manufacturers and forensic computing companies. According to subsequently verified leaked documents by 404 Media, Cellebrite, an Israeli forensic computing company, cannot unlock iPhones running on iOS 17.4 or later versions.
“Coming soon,” for now we are safe
The original information comes from the document “Cellebrite iOS Support Matrix,” which reveals that the company’s ability to access locked devices is in a research phase for the latest versions of Apple’s operating system.
We don’t know exactly which iPhone models are immune to Cellebrite attacks, as Apple does not break down how many devices have the lower versions of the system installed. What we do know, as of June this year, is that 77% of all iPhones are running iOS 17 or later.
Beyond the global vision, the document also shows the infiltration capability for previous models such as the iPhone XR and the iPhone 11, for which Cellebrite has managed to offer support in versions ranging from iOS 17.1 to 17.3.1. However, for newer models like the iPhone 12, support is still under development for those same iOS versions. The “Coming soon” status is further evidence of the cat-and-mouse game in terms of security.
Moving away from iOS, the documents indicate that while most Android devices are vulnerable to Cellebrite tools, there are notable exceptions such as the Google Pixel 6, 7, and 8, which cannot be forced if they are turned off at the time of attempting to access them. This is because the cold boot process blocks the exploit used by Cellebrite, although these devices can be accessible if they are turned on, albeit locked.
An endless game of cat and mouse
While it is understandable that there may be times when it is necessary to force the unlocking of a device, the truth is that the security of something as personal as an iPhone cannot be taken lightly. The usual practice in the world of cybersecurity is for researchers to find security flaws in the software, report them to the responsible companies, who fix the error and pay the researchers for their discovery.
With companies like Cellebrite, this cycle is interrupted. Researchers are tempted to sell their findings to companies that can sometimes improve on the manufacturers’ offer. If so, they develop an attack using the detected vulnerabilities, but the worst part is that these vulnerabilities remain open. Open not only to unlock phones, but also for any attacker to attempt to compromise the phone’s security for any purpose.
The security of many is compromised, or at least not sufficiently reinforced, by the interest in unlocking certain specific phones. Setting aside whether we are in favor or against better security and privacy for the devices that contain most of our personal information, what is clear is that the game of security never ends. Every day flaws are discovered, every day flaws are fixed, and with each update, new ones can appear. In this case, however, it seems that Apple is achieving its goal, since from iOS 17.4 onwards, we are, for now, well protected.
