A new report claims that Android phones have gotten tougher to crack than iPhones over the past couple of years. This is opposite to most consumers’ belief that iPhones are safer in comparison.
According to a new report from Vice, Cellbrite’s UFED 4PC software can extract all the data, including call logs, contacts, GPS data, and messages, from the iPhone X (or older devices). Even partial data from Instagram, LinkedIn, Pinterest, Snapchat, and Twitter can be extracted. However, it couldn’t get as much information from Android smartphones such as the Google Pixel 2 and the Samsung Galaxy S9.
The Galaxy S9 and the Pixel 2 didn’t allow data related to GPS, social media, or web browsing. Call logs and messages couldn’t be extracted from the Ellipsis 8 tablet from Verizon and the Galaxy Tab S2. In spite of all the allegations about backdoors on Huawei devices, no information could be extracted from the Mate 20 Pro. Apparently, even government agencies are noticing that Android devices are getting tougher to crack.
Cellbrite is the famous Israeli security company that’s known for its Universal Forensic Extraction Device (UFED) cracking machine that allows government forensic agencies to get into locked smartphones. Grayshift, another security firm, has a similar device known as GreyKey. Apple had been involved in a battle with these firms. It blocks known vulnerabilities that Cellbrite and GreyKey use to hack iPhones, but these firms always find newer methods.
These hacking machines plug into iPhones’ Lighting ports and use a brute force technique to enter all possible 999,999 combinations of six-digit codes to unlock the devices. With the iOS 11.4.1 updated, Apple tried to render this method useless by restricting the use of Lighting ports to just charging when they’re unlocked. However, Cellbrite and Grayshift overcame these restrictions in a few months.
In spite of Apple’s promises of user privacy and data security, security agencies have been able to crack iPhones and extract data out of iPhones and other devices from the company. The Cupertino-based firm needs to up its game and probably, its bug bounty program would be able to help it plug some of the security gaps sooner than later.[Via Vice]