New York City uses Israeli tools to crack into locked iPhones


GrayKey can bypass iPhone security
iPhone security is no match for Cellebrite.
Photo: Ed Hardy/Cult of Mac

Law enforcement agents in New York City have been cracking into locked iPhones since January 2018, according to a new report.

Agencies are using a tool called Universal Forensic Extraction Device (UFED) that’s developed by Israeli firm Cellebrite. It is said to have cost at least $200,000 and allows a full file system extraction.

iPhone is one of the toughest smartphones to crack into, thanks to incredibly robust security. And Apple has faced criticism for not making it easier for law enforcement to get into its devices.

But if you have enough cash, there are tools out there that will extract data from a locked iOS devices. New York City has been using one of them for almost two years now.

How NYC cracks into locked iPhones

OneZero claims it has proof that the Manhattan District Attorney’s office has been using a UFED to gain access to extract data from suspects’ iPhones and high-end Android devices.

The UFED Premium was announced by Cellebrite this June. It promises to be the only “on-premise solution” for breaking into locked handsets and extracting almost every byte of data available.

The tool can pull messages, emails, third-party app data, and even deleted content. But it costs a fortune, according to a leaked contract.

OneZero says NYC was using a UFED Premium 18 months before Cellebrite announced it publicly, for which it is paying around $200,000 over three years for licensing, installation, and training.

Cracking into iPhones isn’t cheap

And that’s just the start of it.

The supposed contract between Cellebrite and NYC law enforcement also references $1 million worth of undisclosed add-ons. But it’s not clear if any of those have been obtained by the DA.

There are also some strict rules that must be adhered to. Only an agreed-upon number of devices can be cracked. And the process must happen in a designated “secure room” that must not contain any recording devices.

Apple security no match for Cellebrite

Cellebrite has been walking all over Apple’s security systems for years. It was reported in 2016 that the company helped the FBI obtain access to an iPhone used by a San Bernardino shooter. Apple refused to provide a backdoor of its own.

Cellebrite makes millions of dollars selling data extraction solutions to law enforcement agencies around the world. The FBI alone has spent at least $2 million since 2012. It was reported last month that Cellebrite had signed a $30 million contract with Immigration and Customs Enforcement (ICE).

It’s not clear how many devices the Manhattan DA has gained access to — or how many convictions UFED Premium may have led to. The DA hasn’t even disclosed the use of Cellebrite’s tool, and it did not respond to requests for comment from OneZero.

Cellebrite is also keeping quiet about the use of its tools. It said: “Cellebrite company policy prohibits us from discussing the details of our customers and clients.”

It’s not clear if iOS 13 takes any steps to block Cellebrite tools.