iPhone X running iOS 12.3.2 – 4 digit passcode.
iCloud backup, but has been deleted online as well have I changed Apple ID password.
I know that AES 256 bit encryption cannot be decrypted, and I know about the USB Restricted Mode.
The phone was past boot phase and had been unlocked once. However, when I lost it, USB Restricted Mode was enabled.
is it therefore impossible to brute force it? Because brute forcing such a weak code would be child’s play.
Also would it be possible for a hacker/police to just physically remove the hard drive from the phone, then insert it into some other machine and proceed to brute force?
I know about the fbi case with apple, but that was a while ago. Maybe things have changed? I know the Israelis forensic team and Greykit can unlock up to iOS 12.3. Mine version is 12.3.2
Also how does Checkm8 fit into all of this?
Thx in advance!
Best Answer
There isn’t a hard drive in iPhones, and Apple has engineered things so that it’s very expensive to get to the leads and snoop or alter the electrical signals to defeat encryption, so there’s no trivial path to decrypt or bring another os to your storage.
However, you should assume that unless you’re very good the police and government can get your data by coercion or brute force - especially if their budget is $25,000 or more (and maybe far less to compromise some devices). Your 4 digit pass phrase is the weakest link so that weakens your protection substantially if iOS is not set to self erase after 10 failed attempts.
Also, just because an exploit or jailbreak isn’t out now, doesn’t mean they can’t image or keep your device and crack it later. The iPhone X is way on the “more secure” side so unless you chose a weak pass phrase, you’re probably safe for some time to come if they didn’t get your data from a subpoena / home computer which are far easier to seize and crack and then get to your records by account takeover.
There are jailbreaks for your device on both iOS 12 and iOS 13 so I wouldn’t assume you’re safe if they have physical control of the device and time to work it and get USB active: