0 sats \ 1 reply \ @final OP 22 Jul \ parent \ on: REVEALED: Here's the Cellebrite Premium Device Support Matrix for July 2024 security
Cellebrite mentions nothing about Lockdown Mode in their documentation. We believe Lockdown Mode does not matter to them as they have an appendix for caveats on certain extractions and Lockdown Mode is not one of them.
Lockdown Mode reduces attack surface for the browser and Apple services like iMessage or FaceTime. It hardly does anything to secure the base OS, which we think is disappointing. We believe the setting is too strict and should be more configurable, instead they design it with their way of minimising settings. You cant individually toggle hardening like changes for the browser.
As far as I know, most cellebrite devices work by plugging in the device. If you enable lockdown mode and your phone is locked even after AFU, iOS will refuse any data connections over USB. They’d have to either exploit something from inside the phone or do a memory extraction which isn’t exactly easy. I don’t think graphene can protect from a memory extraction? I haven’t looked at the latter in much detail
reply