Data recovery company DriveSavers is advertising a new service that claims it can recover sensitive data from a locked smartphone, including especially hard-to-crack iOS devices. The company's service, called Passcode Lockout Data Recovery, is advertised for regular consumers and not apparently designed for law enforcement or any other type of official cybersecurity business. Yet The Verge was unable to directly verify the effectiveness of the tool, and the offer goes against many of Apple's promise of security of its storage.
"The first-of-its-kind service is offered exclusively to consumers who have forgotten device passwords, have been locked out after too many incorrect attempts, and for those who need access to data stored on the device of a deceased member of the family," reads the company's press release. "Other companies offer similar services only to law enforcement. DriveSavers is the first to offer Passcode Lockout Data Recovery service to consumers. The DriveSavers service is not available for law enforcement and requires a proof of ownership prior to unlocking a device. "
In an email to The Verge, and DriveSavers spokesperson says the service costs $ 3,900 per device, but the company claims it will return your phone or tablet to you unlocked. "Depending on the situation, we may request death certificates, probate documents, court documents, or other legal documents. In the case of a death, we verify who is the executor of the state through interview and documentation, "the spokesperson said.
The company says the service is primarily intended for family members of the deceased loved ones to access locked devices, but it would not disclose exactly how it is able to bypass security protocols on iOS or Android devices. DriveSavers also advertises its service for Windows machines, and devices of many manufacturers such as Huawei, Lenovo, LG, and ZTE.
Of course, these claims invite some serious skepticism. Apple's iPhone is protected by a passcode lock system that even the FBI was unable to bypass on its own, instigating an infamous showdown between Apple and the agency two years ago over the unlocking of the San Bernardino shooter's iPhone 5C. (Apple refused to build a special version of its operating system for the FBI that would include a backdoor. The FBI sued, but eventually dropped the case.)
That's because the passcode on an iPhone is encrypted, so even Apple can not access the device once it is locked. There are ways to remotely wipe the device, but retrieving information like texts, photos, and other on-device data not stored in the cloud should be technically impossible, at least not without exploiting high-level vulnerability.
The FBI ultimately bought the service of a third party company, reportedly for upwards of $ 1 million, the details of which a federal judge ruled the FBI did not have to ultimately disclose to the public because of the fear that it could be used by foreign adversaries. Nevertheless, the exploit used in that case is believed to be no longer working, as it relied on the software architecture of the older version of iOS.
There are methods to retrieve information from a locked iPhone via iCloud by going through Apple directly with a search warrant, but that's not a standard procedure for your everyday consumer, and it does not appear to be what DriveSavers claims to have access to. There are also ways to spoof fingerprint data to access a device via the Touch ID, as well as methods law enforcement have used to exploit weaknesses in the way iOS treats USB devices, most notably the GrayKey hacking tool used by some law enforcement agencies until Apple developed a method to block it completely.
DriveSavers does not seem to employ any of these methods that we know about right now, but it's a possibility that the company has some one-of-a-kind tool that allows it to read the data.