What you need to know
- A government report details its capabilities in breaking phone encryption and acquiring data.
- All iOS devices are effectively crackable.
- Popular Android devices can be cracked but only select models.
While the FBI wages a court battle against phone manufacturers, our friends at Vice have found an interesting report from the Science and Technology branch of the Department of Homeland Security that shows the government is already quite capable of cracking your phone's security. The most recent round of testing involved tools from security company Cellebrite, and many other companies offer cracking tools with similar records for success.
The good news is that the diversity of Android devices may be a saving grace in keeping the phone secure. While the government reports that nearly all iPhone models since the iPhone 4S can be broken into, the list of possible Android targets is a bit more hodge podge and shifting. At publishing time, Cellebrite claims it can get into such recent flagships as the Samsung Galaxy S10 and Galaxy Note 10, but high end devices from Huawei and Motorola are causing problems. Also the company specifically calls out "high-end" phones, so it seems the variety of software builds and the incremental update status on Android devices creates too many variables for one across-the-board solution.
As noted, the security landscape is shifting with constant updates, so the phones that are secure today may be vulnerable tomorrow, or could be already vulnerable in ways that have not been made public. Even on phones that were unlockable, not all of the data was available and reliable, and the NIST reports some partial failures. The governemnt also did not detail attempts to break into the stream of an end-to-end encrypted conversation on a messaging app like WhatsApp, only the ability to gain access to the phone's storage.
"I think a lot of these ... companies are just trying to make it harder for law enforcement to get data from these phones ..." Or possibly there's an explanation that makes a little more sense... It's not all about you, dude.
I'm worried about the comments on the S10. Hopefully Android 10 changed that for them....
I'm not concerned about the American CIA (homeland insecurity) trying to hack into my key2. If that company can't get into the device itself, then the US can't either. From my BlackBerry Key2 LE on Freedom Mobile LTE or 3G HSPA+
You do understand that the whole point of a zero day exploit is that the company that makes the device or software doesn't know it exists.
I wonder if the phones that are harder to crack, use google's Titan security idea, or Titan. Heard that's extremely hard to crack.
Get the best of Android Central in in your inbox, every day!
Thank you for signing up to Android Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.