Elcomsoft, a company which sells tools to law enforcement agencies to access locked iPhones, says that it is now able to extract some data from devices running any version of iOS from 12.0 to 13.3.
It relies on the checkm8 exploit of a vulnerability present in most A-series chips, which made possible the Checkra1n jailbreak.
Crucially, Elcomsoft says that the $1,495 tool works even when the iPhone is in its most secure state, known as BFU…
The company says that its tool works even after a restart.
Elcomsoft discovered that some keychain data is accessible even at this stage.
In Apple’s world, the content of the iPhone remains securely encrypted until the moment the user taps in their screen lock passcode. The screen lock passcode is required by Secure Enclave to produce the encryption key, which in turn is used to decrypt the iPhone’s file system. In other words, almost everything inside the iPhone remains encrypted until the user unlocks it with their passcode after the phone starts up.
It is the “almost” part of the “everything” that’s being targeted by Elcomsoft iOS Forensic Toolkit. The company has discovered certain parts of data being available in iOS devices even before the first unlock.
Running the tool does require installing a jailbreak, but this too can be done on locked iPhones and iPads.
Apple’s latest iPhones and iPads are, however, protected from the vulnerability, which is found in the A-series chips from A7 to A11.
Elcomsoft sells a range of different tools to law enforcement agencies and governments, businesses and even individuals.