On Monday, a much anticipated hearing in the case between Apple and the FBI over access to a dead terrorism suspect's iPhone was canceled after the FBI claimed that an "outside party" had surfaced with a potential method for bypassing the phone's lock screen without Apple's help.On Wednesday, the Yedioth Ahronoth newspaper reported that outside party as being Cellebrite, an Israeli phone forensics firm, attributing the information to "sources in the field/industry well acquainted with the subject." Haaretz reported that "While the Cellebrite executives would not comment on the San Bernardino case, they indicated they are confident that a completely hack-proof phone has not been invented yet and that they would eventually be able to unlock any existing system on their own." Leeor Ben-Peretz, executive vice president of products and business development for mobile forensics at Cellebrite told Haaretz, "The level of complexity is exponential and it's at a point that it's getting difficult—but if anyone can do it, it's us."Cellebrite's CellebriteNovember 10, 2015
Advertisement
"The forensics industry has not received a lot of attention," Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU) told Motherboard in a phone call. "This is an industry that relies on discovering and exploiting flaws in mobile phones. There's a lot of secrecy because each company has their secret sauce."Within this circle of companies, however, Cellebrite is pretty well-known when it comes to mobile phone forensics, and has a long history of working with government agencies, including the FBI.WHAT IS CELLEBRITE?Founded in 1999, Cellebrite focuses on digital forensics tools and software for mobile phones. According to a document on its website, Cellebrite supports intelligence services, border patrols, special and military forces, and even financial organisations in more than 100 countries. Cellebrite's products can allegedly collect, amongst other things, location and cloud data from mobile and GPS devices, and the company claims to have an archive of 8,000 different mobile phones at its headquarters.Cellebrite's US subsidiary has taken over $2 million worth of purchase orders from the FBI since 2012
Advertisement
In 2014, the company's CEO Yossi Carmil said in an interview, "iOS on the iPhone 4S and later devices have impressive security with hardware encryption, and that certainly makes our job harder, but no device is 'bullet-proof."Cellebrite also offers customer support, seemingly in a similar way to companies such as Italian surveillance company Hacking Team; where engineers can be on call to deal with customer queries.WHO HAS CELLEBRITE WORKED WITH?According to public records, Cellebrite's US subsidiary has taken over $2 million worth of purchase orders from the FBI since 2012. Interestingly, a purchase order with the agency for $15,278.02 for "software renewals for seven machines" was signed on March 21, 2016: the same day that the Apple hearing was delayed. However, the "principal place of performance" for that order is listed as Chicago, not San Bernardino.
Advertisement
On February 16, a warrant for the DEA was approved to search an iPhone 6, according to independent journalist Marcy Wheeler. In the related documentation, a DEA agent writes that a search would be attempted with a "CelleBrite" device. What operating system that iPhone 6 was running on is unclear, and it's also unclear if the method would actually work—but it does support the idea that Cellebrite may be the outside party that thinks it can crack the San Bernardino's iPhone 5C.Also according to public records, other customers of Cellebrite's include the Office of Inspector General, the Department of Homeland Security, and the Secret Service.The company has had some success with circumventing encryption for law enforcement before, too. In January, Motherboard reported that Dutch investigators were able to read encrypted messages sent on so-called PGP Blackberries; custom, security focused BlackBerry devices that come with an encrypted email feature. That process is carried out with a piece of software made by Cellebrite.But the company hasn't just worked with law enforcement or government agencies."Apple has a weird relationship with this company, because there are Cellebrite devices in every Apple store," Soghoian added. This is because devices are used to take data from customers Androids phones, and easily transfer contacts and other info over to newly purchased iOS ones.Whether the company's tools are indeed being used to crack the San Bernardino iPhone is still unconfirmed. But either way, as the proliferation of strong, robust encryption for mobile phones continues, the forensics industry is going to be one to keep an eye on.Joshua Kopstein and Emanuel Maiberg contributed reporting.A paper by Cellebrite explaining tools validation and testing in a court of law, what I've been saying Jonathan ŹdziarskiMarch 23, 2016