0 sats \ 2 replies \ @Zk2u 22 Jul \ parent \ on: REVEALED: Here's the Cellebrite Premium Device Support Matrix for July 2024 security
Lockdown mode blocks USB connections while the device is locked. Doesn't that mitigate the AFU issue as if the device is locked, even after first unlock, it won't allow anything to connect to it in the first place?
Cellebrite mentions nothing about Lockdown Mode in their documentation. We believe Lockdown Mode does not matter to them as they have an appendix for caveats on certain extractions and Lockdown Mode is not one of them.
Lockdown Mode reduces attack surface for the browser and Apple services like iMessage or FaceTime. It hardly does anything to secure the base OS, which we think is disappointing. We believe the setting is too strict and should be more configurable, instead they design it with their way of minimising settings. You cant individually toggle hardening like changes for the browser.
reply
As far as I know, most cellebrite devices work by plugging in the device. If you enable lockdown mode and your phone is locked even after AFU, iOS will refuse any data connections over USB. They’d have to either exploit something from inside the phone or do a memory extraction which isn’t exactly easy. I don’t think graphene can protect from a memory extraction? I haven’t looked at the latter in much detail
reply