Archive for March 2020
Android Phones Now Harder To Hack Than iPhones | RISC
While governments and law enforcement agencies continue to push device makers to create backdoors, there is always a workaround that lets them crack open devices on there own in the name of investigation.
In this regard, companies like Cellebrite and Greyshift have turned out to be very helpful, as they provide solutions to break into almost any device.
Back in 2016, we saw a major controversy involving Apple and the FBI when Apple refused to unlock the iPhone of the shooter involved in the San Bernardino case.
It’s a different story that recently Apple faced criticism for not encrypting iPhone backup data on iCloud, thereby leaving scope for government access.
iPhone more hackable than Android
Anyway, when it comes to cracking smartphones, iPhones are assumed to be superior to Android in terms of privacy and security.
However, the story has taken a u-turn, and Android phones have become harder to crack than iPhones. That’s according to a forensic detective Rex Kiser who works with the Fort Worth Police Department.
“Right now, we’re getting into iPhones. A year ago we couldn’t get into iPhones, but we could get into all the Androids. Now we can’t get into a lot of the Androids,” Kiser told Vice.
Kiser suggests that it has now become tougher to extract data from newer operating systems. Probably, they are “trying to make it harder for law enforcement to get data from these phones, under the guise of consumer privacy.”
During a test conducted by NIST, Cellebrite’s UFED InFeild Kiosk tool couldn’t efficiently harvest browsing activity, GPS data, or app data from social media apps like Facebook, Instagram, Twitter, etc., when trying to get inside Google Pixel 2 and Galaxy S9.
Surprisingly, the tool returned empty-handed in the case of Huawei P20 Pro. As per the test report, the tool (version v7.5.0.875) supports over 15,000 types of devices on paper, including Android, iOS, and feature phones.
On the other hand, the UFED tool could suck in a lot more when tested on iPhone X.
Overall, it’s evident that OEM encryption backdoors could be helpful, but law enforcement agencies aren’t relying on them entirely. Instead, they’re trying to create backdoors on their own by reverse engineering.
So, technically, it’s possible to get inside a smartphone as new as iPhone 11 Pro Max; it will just take time, patience, and resources.
However, one thing to note here is that breaking a smartphone’s encryption isn’t the end of the road, according to former FBI agent Bob Osgood.
Beyond that, forensic detectives need to decipher millions of lines code inside apps containing complex data structures that constantly change with software updates. That’s where companies like Greyshift, Cellebrite, and MSAB jump into the game with their magic wands.
Monday, March 2, 2020
Posted by Sivapriya