Cellebrite can unlock any iPhone (for some values of “any”)

An update by Ars Technica on Cellebrite’s ability to access the content on otherwise secured iOS devices:

Cellebrite is not revealing the nature of the Advanced Unlocking Services’ approach. However, it is likely software based, according to Dan Guido, CEO of the security firm Trail of Bits. Guido told Ars that he had heard Cellebrite’s attack method may be blocked by an upcoming iOS update, 11.3.

“That leads me to believe [Cellebrite] have a power/timing attack that lets them bypass arbitrary delays and avoid device lockouts,” Guido wrote in a message to Ars. “That method would rely on specific characteristics of the software, which explains how Apple could patch what appears to be a hardware issue.”

Regardless of the approach, Cellebrite’s method almost certainly is dependent on a brute-force attack to discover the PIN. And the easiest way to protect against that is to use a longer, alphanumeric password—something Apple has been attempting to encourage with TouchID and FaceID, since the biometric security methods reduce the number of times an iPhone owner has to enter a password.

This once again confirms the importance of establishing strong, long, passwords for iOS devices. Sure they’re less convenient but they provide measurably better security.


Serious Vulnerabilities (Probably) Found in All iOS Devices

From Forbes:

The Israeli firm, a subsidiary of Japan’s Sun Corporation, hasn’t made any major public announcement about its new iOS capabilities. But Forbes was told by sources (who asked to remain anonymous as they weren’t authorized to talk on the matter) that in the last few months the company has developed undisclosed techniques to get into iOS 11 and is advertising them to law enforcement and private forensics folk across the globe. Indeed, the company’s literature for its Advanced Unlocking and Extraction Services offering now notes the company can break the security of “Apple iOS devices and operating systems, including iPhone, iPad, iPad mini, iPad Pro and iPod touch, running iOS 5 to iOS 11.” Separately, a source in the police forensics community told Forbes he’d been told by Cellebrite it could unlock the iPhone 8. He believed the same was most probably true for the iPhone X, as security across both of Apple’s newest devices worked in much the same way.

If Cellebrite has, indeed, found a way of compromising all iOS devices then they’ve accomplished a pretty impressive task. I have to wonder whether the vulnerabilities emerged from studying the iBoot leak or their own software or hardware research. Assuming Cellebrite’s claims are legitimate they serve to underscore the position that government’s shouldn’t introduce backdoors or vulnerabilities into devices given that doing so will only exacerbate the existing problems associated with securing devices. Security is designed to add friction, not totally prevent an unauthorized party’s actions, and deliberately reducing such friction will put all users at greater jeopardy.



iOS is still incredibly janky. Since updating to iOS 11 I’ve had to periodically do full device resets in order to stop podcasts from trying (and failing) to download in perpetuity; there’s no other was I’ve found to stop the process and, if I don’t, the battery drain rate is approximately 10-15% per hour, when the device is just sitting idle. And on a device that only has wireless service (no mobile data connection) I have to turn the wireless radios on and off about once per week to get Siri to actually take requests. Without a doubt this version of iOS is the worst I’ve ever had to muddle through…


Watching someone switch from Android and to iOS for the first time is a really interesting experience. The ease of wirelessly transferring data between operating systems (and devices!) and automatic installation/configuration of apps like they’re set up on their iPad is pretty magical. The near-automatic warning that they’re out of iCloud space and thus need to pony up a monthly payment to Apple is the only jarring part of the experience so far; Apple really needs to increase the default amount of storage provided to at least 10GB or so.


A Fix for Bad iPhone Battery Life

stewie.jpgFor the past weeks I’ve had outrageously bad battery life on my iPhone 7, running iOS 11. A lot of the battery drain was from the Podcasts app (approx. 24-33%) but I couldn’t figure out why the drain rate was so high: even when I only streamed over Bluetooth or Airplay I’d had the same power drain percentages, so it didn’t seem to be linked to powering the speaker on the phone (which can impact battery life significantly).

Then I realized that the application was searching for new podcasts every hour and downloading any that were available. My battery life has drastically improved after changing the setting so that the app only looks for new podcasts every 6 hours: I can now use the phone normally for a day and end up at about 20-30% battery remaining when it gets set down to charge for the night. Victory is mine!


As one of the many people on iOS 11, but who didn’t enrol in the beta testing, I was very surprised that the Twitter and Facebook share integrations were removed as system settings. As it stands it’s not entirely clear how such sharing is supposed to take place in many apps, where the share sheet still points to the settings in iOS 10. I can only hope that app developers update quickly to return this functionality to their applications.


The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender – The Citizen Lab

The place I work at did some stuff.

But the major takeaway for most people should probably be this:


  1. Open Settings >> General >> Software Update
  2. Tap Download and Install. If a message asks to temporarily remove apps because iOS needs more space for the update, tap Continue or Cancel.

The vulnerabilities we identified in iOS are incredibly severe. Please update your device immediately.