Do you have any opinions or thoughts on Drive Savers?
They claim to be able to recover data and unlock ANY smartphone, regardless of manufacturer or operating system with a 100% success rate.
Full claims here: drivesaversdatarecovery.com/data-recovery-
Conversation
Replying to
That's not what they claim. Read what is written there more carefully. There's no claim that they can break encryption using a strong passphrase without a million years of time. They don't even claim they can do that for a PIN by bypassing secure element mitigations on ANY phone.
1
1
1
I'd certainly believe they have Android and iOS exploits allowing them to brute force PIN codes and passphrases at the rate supported by the hardware. Firmware-based throttling by the iPhone SEP could be bypassed by another exploit. Is there really any surprising about that?
1
1
1
Most Android phones have no throttling beyond the cost of on-device key derivation once an attacker controls the OS. Many Android including the Nexus 5X and 6P didn't implement true hardware-bound encryption and can even have the on-device aspect bypassed via a TEE exploit.
1
2
2
Pixel 2 and 3 have a dedicated security chip with low attack surface, particularly on the Pixel 3, which implements throttling like the iPhone SEP. I doubt they have an exploit for it but they don't need one to make those claims and it's certainly possible that one could be made.
If you use a 6 digit PIN or weak passphrase, the reality is that you're relying entirely on the hardware-based security which can be inherently bypassed given enough resources. Hardware acceleration for key derivation does make all passphrases inherently more secure though.
2
2
1
The point of the other hardware-based security is to turn the PINs and weak passphrases used by the VAST MAJORITY of people on their phones into a form of meaningful credential-based encryption. Meaningful meaning it will take ages to break without having substantial resources.
1
1