Confidential documents from mobile forensics company Cellebrite, recently obtained and verified by 404 Media, provide a rare glimpse into the capabilities and limitations of phone unlocking technology used by law enforcement agencies worldwide.
Cellebrite DI Ltd. is an Israeli digital intelligence company specializing in providing tools for collecting, reviewing, analyzing, and managing digital data.
The leaked “iOS Support Matrix” and “Android Support Matrix” from April 2024 detail which specific phone models and operating system versions Cellebrite’s tools can access, exposing gaps in the company’s ability to crack newer devices.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
iPhone Unlocking Capabilities
According to the documents, Cellebrite could not unlock any iPhones running iOS 17.4 or newer as of April 2024, labeling them as “In Research.” For iOS versions 17.1 to 17.3.1, the company could unlock the iPhone XR and iPhone 11 series using their “Supersonic BF” (brute force) capability. However, iPhone 12 and newer models running these iOS versions were listed as “Coming soon.”
This reveals a significant limitation, as Cellebrite could only unlock iPhones released nearly five years ago running the penultimate version of iOS. With Apple reporting that 77% of all iPhones and 87% of iPhones introduced in the last four years were running iOS 17 as of June 2024, this leaves a large portion of devices potentially inaccessible to Cellebrite’s tools.
iPhones:
- All iPhone models running iOS 17.4 or newer were labeled as “In Research,” meaning Cellebrite could not unlock them.
- iPhone 12 and newer models running iOS versions 17.1 to 17.3.1 were listed as “Coming soon,” indicating Cellebrite did not have current unlocking capabilities for these devices.
- The entire iPhone 15 lineup, regardless of iOS version, was not exploitable by Cellebrite.
Android Device Access
The Android support matrix showed broader coverage for locked Android devices, though some limitations remained. Notably, Cellebrite could not brute force Google Pixel 6, 7, or 8 devices that had been powered off. The document also specifically mentioned GrapheneOS, a privacy-focused Android variant reportedly gaining popularity among security-conscious users.
According to the leaked Cellebrite documents from April 2024, the following iPhone and Android models were inaccessible to Cellebrite’s tools:
Android devices:
- Cellebrite could not brute-force the Google Pixel 6, 7, and 8 series when the devices were powered off.
These revelations come in the wake of the FBI’s announcement that it had successfully accessed the phone of Thomas Matthew Crooks, the suspected shooter in an attempted assassination of former President Donald Trump.
While the FBI has not disclosed the phone model or unlocking method used, the Cellebrite documents highlight the ongoing challenges faced by law enforcement in accessing newer, more secure devices.
Victor Ryan Cooper, senior director of communications at Cellebrite, confirmed the authenticity of the leaked documents to 404 Media, stating they are “designed to help our customers understand Cellebrite’s technology capabilities as they conduct ethical, legally sanctioned investigations.” Cooper emphasized that Cellebrite does not openly advertise its capabilities to avoid aiding criminal activities.
It should be recognized that Cellebrite’s abilities are continually developing, and these constraints indicate the status of their technology as of April 2024.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.