Data recovery company DriveSavers is advertising a new service that claims that it can recover sensitive data from a locked smartphone, including notably difficult-to-crack iOS devices. The company's service, called Passcode Lockout Data Recovery, is advertised for regular consumers and not seemingly designed for law enforcement or any other type of official cybersecurity business. Yet The Verge was unable to directly verify the effectiveness of the tool, and the offer goes against many promises made by Apple about the security of its storage.
"The first-of-its-kind service Det er udelukkende tilbudt forbrugere som har glemt enhedens adgangskoder, blevet lukket efter mange forkerte forsøg, og for dem som har brug for adgang til data, der er opbevaret på enheden af en deceased familiemedlem, lyder selskabets pressemeddelelse. "Andre virksomheder tilbyder en lignende service kun til retshåndhævelse. DriveSavers is the first to offer a Passcode Lockout Data Recovery service to consumers. The DriveSaver's service is not available for law enforcement and requires proof of ownership before unlocking a device. "
The Verge a DriveSaver spokesman says the service costs $ 3,900 per device, but the Company claims it will return your phone or tablet to you unlocked. "Depending on the situation, we may request death certificates, probate documents, court documents, or other legal documents. In the case of a death, we verify who is the executor of the state through interview and documentation, "the spokeswoman said.
The company says the service is primarily Designed for the family members of deceased loved ones to access locked devices, but it would not reveal exactly how it's able to bypass security protocols on iOS or on Android devices. DriveSavers is also advertising its service for Windows machines, and the devices of numerous manufacturers like Huawei, Lenovo, LG, and ZTE.
Of course, these claims invite some serious skepticism. Apple's iPhone is protected by a passcode lock system that was not able to bypass its own, instigating an infamous showdown between Apple and the agency two years ago over the unlocking of the San Bernardino shooter's iPhone 5C. (Apple refused to build a special version of its operating system for the FBI that would include a backdoor. The FBI sued, but eventually dropped the case.)
That's because the password on an iPhone is encrypted, so not even Apple is kan få adgang til en enhed når den er låst. Det er måder at fjernstyres, men retrieving information som tekst, fotos og andre on-device-data, der ikke er lagret i clouden, er teknisk set umulig, i det mindste ikke uden at udnytte en højnivå vulnerability.
The FBI ultimately bought the service of a third party company, reportedly for upward of $ 1 million, the details of which a federal judge ruled the FBI did not have to ultimately disclose to the public for fear that could be used by foreign adversaries. Ikke desto mindre, den exploit bruges i det tilfellet, det antas at det ikke lenger fungerer, da det var basert på programvarearkitekturen eller en eldre version af iOS.
There are methods to retrieve information from a locked iPhone via iCloud by going through Apple directly with a search warrant, but that does not seem to be what DriveSaver claims to have access to . There are also ways to spoof fingerprint data to access a device via Touch ID, as well as methods law enforcement have used to exploit weaknesses in the way iOS treats USB devices, most notably the GrayKey hacking tool used by some law enforcement agencies until Apple developed a method to block it completely.
DriveSavers does not appear to be employing any of these methods that we know of right now, but it's a possibility the company does have some one-of-a-kind tool, der lader det læse dataene.