Every now and then, miraculous tools promising to unlock iPhones and other Apple devices pop up, causing turmoil in the technological world – the most recent case concerned Cellebrite devices, which are being sold on eBay at a bargain price.
In each case, a question stands out: how can the professionals behind these devices find so many loopholes in iOS? Now, the Motherboard may have an answer.
The digital magazine published a report exposing the use, by hackers, crackers and security researchers, of pre-production iPhone units to discover secrets, loopholes and flaws in the construction of the device and on iOS.
These devices have a number of disabled security features and, theoretically, they shouldn’t leave Cupertino’s cellars – in one way or another, however, they find their way out of the outside world (almost always smuggled out of iPhone production lines on China) and are sold for thousands of dollars in parallel markets.
THE Motherboard obtained some units of these devices, which look like normal iPhones with the exception of a few elements – among them, a QR code and a bar code on the back, as well as a decal bearing the brand of Foxconn, an Apple partner that assembles the devices. The system, however, is totally different: when connecting pre-production iPhones, what is displayed is a command terminal, through which the user can execute codes and explore the “guts” of the device and the system.
According to the report, companies such as Cellebrite and Grayshift have already acquired some units of these prototype iPhones to manufacture their unlocking tools; a few years ago, devices of the type were used by researchers to explore the Secure Enclave iOS (which, on “common” iPhones, is protected under several layers of encryption) and discover secrets about the biometric security system employed by Apple.
The price of prototypes scares: the Motherboard came across a pre-production unit from iPhone X being sold in the parallel market for US $ 1,800 – its seller, even, has already sold other units of the device to security researchers and the like. An equivalent copy of the iPhone XR was found to be sold for no less than $ 20,000!
Apparently, Apple is “well aware” of the problem and is implementing new actions to prevent these devices from leaving its supply chain and falling into the wrong hands; nevertheless, it is impossible to have absolute control over such a formidable production line – and, moreover, located on the other side of the world.
Let’s look at the next chapters of that story…