Hacker News new | ask | show | jobs
by sidoshi 698 days ago
How do you Image an iphone device?
2 comments
einsteinx2 697 days ago
I assume you can desolder the flash chip and directly dump its contents. Not trivial, but not too difficult for someone with the right skills.
link
kalleboo 697 days ago
That won't give you the encryption keys, which are stored in the Secure Enclave.
link
aziaziazi 697 days ago
Isn’t the Secure Enclave another separate flash chip?
link
wkat4242 697 days ago
Yes but with the controller built in and hardware hardening.

They are designed precisely to prevent this kind of attack.

I bet most of the exploits used by these boxes have nothing to do with the secure element but just bypass security using exploits in standard system or USB code. Most phones will be captured with the OS running but just the UI locked, with all encrypted volumes already mounted.

link
neuralRiot 697 days ago
If they can access the iCloud account then the phone can be backed up remotely then read the backup.
link
wkat4242 697 days ago
True but only if the user actually uses iCloud backup of course. I never did when I had an iPhone, for that reason, I don't want all my personal stuff in the cloud.

But this is not how cellebrite boxes work anyway. They focus on the device.

link
kalleboo 697 days ago
Assuming the user hasn't enabled end-to-end encrypted backups (which is an option, not the default)
link
filoleg 698 days ago
Yeah, I had the same question. Because the grandparent comment explanation felt very much like the “…and then draw the rest of the owl” joke.
link