Thanks for the new slides and the write up. We all appreciate it.

Thanks!
By the way, will there be a complete PDF file of the support matrix + release notes + user manual distributed like in May?

    I don't understand Polish, but when I watched the video at the following URL using the translation function, I remember hearing the following statement by a man:

    "Control Center must be enabled in order to use Premium to extract data from the iPhone in a hot state (AFU)."

    Does this mean that Premium uses a vulnerability in Control Center to access RAM?

    Video URL:
    https://www.youtube.com/watch?v=8iY9PIHfnFQ

      • [deleted]

      • Post #6
      • Edited

      It is intriguing to observe that they have ceased displaying their IPR (instant passcode recovery) capabilities. According to the April document, we are aware that Cellebrite can perform IPR on iOS versions up to 17.0.3 and iPhone models up to 14. Is there any information available regarding whether Cellebrite can conduct IPR on newer iOS versions or iPhone 15/iPad?

        orangecola There could be a bug in the control center, or it's possible that he is simply utilizing the control center availability to distinguish between AFU and BFU mode. Additional information is required to further clarify the situation.

          GrapheneOS In the near future, we plan to ship support for adding a PIN as a 2nd factor to fingerprint unlock to enable users to use a strong passphrase combined with PIN+fingerprint secondary unlock for convenience. We have an initial implementation, but it needs more work before shipping.

          Will it be possible to use a PIN instead of a passphrase for the primary unlock method?

              • [deleted]

              • Post #10

              Does this mean that newest iPads are not safe?

                horde Pixel (GrapheneOS) devices are protected from https://oxygenforensics.com/en/resources/extract-and-decrypt-android-keystore/ ?

                That article lists two extraction approaches.

                One approach relies on the device being unlocked, or on adb being enabled and available. The GrapheneOS project frequently warns users against leaving debugging on, especially wireless debugging, on the grounds that it increases attack surface (it does).

                The other approach is described as working for certain hardware types, not including Pixels. This is consistent with other information that Pixels, especially if up to date on patches, are more difficult to exploit. Again this is consistent with the project's insistence that at present the Pixel platform is the only platform with sufficient hardware security plus the ability for third-party OSs to effectively use that security.

                Though I am not an expert on the Android Keystore, based on what I see in that piece, a GrapheneOS device that is up to date and configured in accordance with recommendations (e.g., USB and wireless debugging off), is likely not subject to the described key extraction.

                  [deleted] The latest iPhones and iPads can be exploited by Cellebrite. They're likely going to continue keeping up with the latest iOS versions and new hardware models unless there's a major change to how they function. They sometimes have a couple months of delay for certain new Android and iOS versions when they have to update their exploits for major changes or replace them completely.

                      Lukas You'll be able to do that, but the intended purpose is making it possible to use a strong passphrase while having the convenience of fingerprint unlock + short PIN for secondary unlock.

                        [deleted] It's likely simply implied by AFU exploitation capability on iOS. If they lose the capability on newer iOS versions they may start listing where they have it again.

                          orangecola we don't have access to the iOS and Android support matrix documents at the moment because it's what we requested from one of our sources. We didn't ask for the rest. We don't plan to publish the documents ourselves anymore, but there was a user on our forum who published the extended documentation before and they may do it again.