The company isn’t saying exactly how it’s able to do so
 |
| © Photo by Amelia Holowaty Krales |
By Nick Statt, The Verge
Data recovery company DriveSavers is advertising a new service that
claims it can recover sensitive data from a locked smartphone, including
notably difficult-to-crack iOS devices. The company’s service, called Passcode Lockout Data Recovery,
is advertised for regular consumers and not seemingly designed for law
enforcement or any other type of official cybersecurity business. Yet The Verge
was unable to directly verify the efficacy of the tool, and the offer
goes against many promises made by Apple about the security of its
storage.
“The first-of-its-kind service is being offered exclusively to
consumers who have forgotten device passwords, been locked out after too
many incorrect attempts, and for those who need access to data stored
on the device of a deceased family member,” reads the company’s press release.
“Other companies offer a similar service only to law enforcement.
DriveSavers is the first to offer a Passcode Lockout Data Recovery
service to consumers. The DriveSavers service is not available for law
enforcement and requires proof of ownership prior to unlocking a
device.”
In an email to The Verge, a DriveSavers
spokesperson says the service costs $3,900 per device, but the company
claims it will return your phone or tablet to you unlocked. “Depending
on the situation, we may request death certificates, probate documents,
court documents, or other legal documents. In the case of a death, we
verify who is the executor of the state through interview and
documentation,” the spokesperson said.
The
company says the service is primarily designed for the family members
of deceased loved ones to access locked devices, but it would not
disclose exactly how it’s able to bypass security protocols on iOS or on
Android devices. DriveSavers is also advertising its service for
Windows machines, and the devices of numerous manufacturers like Huawei,
Lenovo, LG, and ZTE.
Of course, these claims invite some serious
skepticism. Apple’s iPhone is protected by a passcode lock system that
not even the FBI were able to bypass on its own, instigating an infamous showdown between Apple and the agency
two years ago over the unlocking of the San Bernardino shooter’s iPhone
5C. (Apple refused to build a special version of its operating system
for the FBI that would include a backdoor. The FBI sued, but eventually
dropped the case.)
That’s because the passcode on an iPhone is
encrypted, so not even Apple is able to access a device once it is
locked. There are ways to remotely wipe the device, but retrieving
information like texts, photos, and other on-device data not stored in
the cloud is supposed to be technically impossible, at least not without
exploiting a high-level vulnerability.
The FBI ultimately purchased the service of a third-party company, reportedly for upward of $1 million, the details of which a federal judge ruled the FBI did not have to ultimately disclose to the public
for fear it could be used by foreign adversaries. Nevertheless, the
exploit used in that case is believed to no longer work, as it relied on
the software architecture of an older version of iOS.
There are
methods to retrieve information from a locked iPhone via iCloud by going
through Apple directly with a search warrant, but that’s not a standard
procedure for your everyday consumer, and it does not appear to be what
DriveSavers claim to have access to. There are also ways to spoof fingerprint data to access a device via Touch ID, as well as methods law enforcement have used to exploit weaknesses in the way iOS treats USB devices, most notably the GrayKey hacking tool used by some law enforcement agencies until Apple developed a method to block it completely.
DriveSavers
does not appear to be employing any of these methods that we know of
right now, but it’s a possibility the company does have some
one-of-a-kind tool that lets it read the data.
COMMENTS