Report: Israeli company helping FBI crack iPhone security

Daily News Article   —   Posted on March 24, 2016

(by Sagi Cohen, YNet News) – The FBI has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist’s locked iPhone, according to experts in the field familiar with the case.

The US Justice Department last month obtained a court order directing Apple to create software that would disable the password protection on the iPhone, allowing American authorities to access the phone used by Rizwan Farook, one of the two killers who perpetrated the December massacre in San Bernardino, California.

But Apple has fought back, arguing that the order is an overreach by the government and would undermine computer security for everyone.

This led to widespread discussion in the US on whether the government should receive access to the personal and private information of its citizens, and if so, what should be the extent of such access.

On Monday, US prosecutors announced that a “non-governmental third party” had presented a possible method for opening an encrypted iPhone, noting they were “cautiously optimistic” it would work.

The announcement led a federal judge in Riverside, CA to postpone a hearing originally scheduled for Tuesday so that the FBI could try the newly discovered technique. The Justice Department said it would update the court on April 5.

Cellebrite has not responded to the report. But if it is indeed the “third party” in question, and it is able to break into the terrorist’s iPhone, it would bring the high-stakes legal showdown between the government and Apple to an abrupt end.

Cellebrite, considered one of the leading companies in the world in the field of digital forensics, has been working with the world’s biggest intelligence, defense and law enforcement authorities for many years.

The company provides the FBI with decryption technology as part of a contract signed with the bureau in 2013.

Cellebrite’s technology is able to extract valuable information from cellular devices that could be used in criminal and intelligence investigations, even if the phone and the information it contains are locked and secure.

Meanwhile, an Apple executive told reporters on a press call that the company knew nothing about the Justice Department’s possible method for getting into the phone, and that the government never gave any indication that it was continuing to search for such solutions.

Apple said on Monday that if the government was successful in getting into the phone, which might involve taking advantage of previously undiscovered vulnerabilities, it hoped officials would share information on how they did so. But if the government drops the legal case, it would be under no obligation to provide information to Apple.

Cellebrite, led by CEO Yossi Carmil, offers two types of services: Data backup and diagnostic services used by cellular operators worldwide; and solutions to law enforcement in the field of digital forensics.

Cellebrite’s system can retrieve and back up data, as well as run diagnostics on over 15,000 models of cellphones, smartphones and tablets. It can also map the connections between the owner of the phone and the people he contacted using the information extracted.

Law enforcement, military, intelligence, security and government authorities in over 90 countries have been able to solve serious crimes using Cellebrite’s technology in the past.

Reuters contributed to this report. Reprinted here for educational purposes only. May not be reproduced on other websites without permission from Israel’s YNet News. 



Background

More from the YNet News article:

On December 2, 2015, married couple Syed Rizwan Farook and Tashfeen Malik, both Muslim US citizens, opened fire with automatic weapons at a community center in San Bernardino, CA, killing 14 people and wounding 22 others.

During its investigation of the attack, the FBI found an iPhone 5C that belonged to Farook. The bureau believes the iPhone contains a lot of information that could shed light on the attack, and reveal, amongst other things, places the two visited before the attack, and who they were in contact with, in the search for possible accomplices. However, Farook's iPhone (which was issued to him by his employer, the San Bernardino County Health Department) is locked with a password, without which investigators cannot access the information on the phone. [The employer (0wner of the phone) has given the FBI permission to attempt to open it.]

Apple claimed it cannot break its own security system.

[Cellebrite, a subsidiary of Japan's Sun Corp, has its revenue split between two businesses: a forensics system used by law enforcement, military and intelligence that retrieves data hidden inside mobile devices and technology for mobile retailers.]