Leaked Documents Show How Much iPhone Data Cellebrite Can Access
State police departments in the U.S. have spent millions of dollars on phone cracking technology from the Israeli firm Cellebrite. Now, leaked documents show just how much the forensic tool can access.
Cellebrite is an Israeli forensic research tool that allows its users to crack cellphones, or more specifically the retrieval of mobile data. The company claims its UFED tool can bypass passcode locks, extract and decode almost all data from hundreds of smartphone and tablet models, including Apple hardware.
Now, leaked documents, first reported on by ZDNet, show just how powerful the software is. The specific data referenced in the report is from an iPhone 5 running iOS 8. The phone was unencrypted, without a passcode set.
The leaked files are “extraction reports,” which are organized to allow investigators to easily see and analyze data from a phone. Extraction is conducted by plugging the phone into a Cellebrite UFED device. While the device is primarily for extracting information currently on the phone it can, in some cases, extract recently deleted items.
The report compiles geolocation data from every photo taken on the device and visualizes it on a map, allowing an investigator to easily see when and where a person was. Text messages are organized in chronological order, which makes it easier for investigators to track conversations. The wireless networks a device has connected to are also logged, including the MAC address of the router, encryption type and the time last connected to the network. The report also includes a detailed log of all calls made and received as well.
Cellebrite made headlines earlier this year after its technology was used to crack into the iPhone of the San Bernardino shooter amid a heated legal battle between Apple and the FBI concerning the device’s encryption keys.