Sometimes it’s necessary for the authorities to break into a person’s smartphone as part of a criminal investigation. However, thanks to improving cryptography techniques and a growing focus on the privacy of user data, it’s generally getting harder and harder for police and other agencies to get inside phones.
It’s the reason why “government encryption backdoor” legislation is once again being discussed, and whether such laws will actually help or just be an enormous security risk is being passionately debated.
While many of these discussions are sparked by iPhones, it now seems like Apple devices are actually easier to hack than the alternative.
In a report by Vice (via Android Authority) into law enforcement methods of cracking phone encryption, a quote by one of the article’s interviewees, Detective Rex Kiser of the Fort Worth Police Department, said that modern Android phones can actually be harder to break into than equivalent iOS devices.
The quote given in Vice’s article reveals that this has been a recent role reversal when it comes to getting into phones: “Some of the newer operating systems are harder to get data from than others. I think a lot of these [phone] companies are just trying to make it harder for law enforcement to get data from these phones ... under the guise of consumer privacy.
“Right now, we’re getting into iPhones. A year ago we couldn’t get into iPhones, but we could get into all the Androids. Now we can’t get into a lot of the Androids.”
This is supported by a look at smartphone cracking company Cellebrite’s effectiveness at breaking into different phones. Cellebrite can easily open up any iPhone X or earlier iPhone, but the same software used on a Google Pixel 2 or Galaxy S9 extracts very little information, and nothing at all in the case of the Huawei P20 Pro.
That’s not to say that these Android devices are unbreakable. It's just that it requires a different, more labor-intensive process to get the data requested.
The sheer variety of Android hardware and customized software builds makes it hard for phone-crackers to build a universal tool to break into Android phones. Meanwhile, a "jailbreak" released late last year permanently bypasses the security functions of every iPhone model from the iPhone 4s to the iPhone X.
A separate report in The Washington Post yesterday argued that Apple's secretiveness has backfired, with the result that you can't tell if a company or an intelligence service has broken into an iPhone. By contrast, Android's underpinnings are accessible to anyone, so it's easier to find and fix exploitable flaws.
Although Apple puts a lot of focus in its marketing on how secure its iPhones are, apparently when faced with popular hacking tools used by the police, it’s not too hard to open one up.
This could of course all change depending on how Apple and Google update their operating systems going forward, and of course on what the US government and other authorities around the world decide regarding laws on encryption.