Final on Nostr: Yes. If the device is unlocked successfully via brute force then it's considered an ...
Yes. If the device is unlocked successfully via brute force then it's considered an unlocked device extraction. Cellebrite call hot phones that are locked 'AFU' and hot phones that are unlocked / brute forced successfully as 'Unlocked'. Older Cellebrite docs we published used to call their AFU iOS capabilities Instant Password Retrieval (IPR) but they stopped doing that for some reason.
AFU exploits are to access and extract data without unlocking the device or to bypass the unlock mechanism entirely. Since data isnt encrypted/at rest when AFU they can obtain almost all of the data (except conditional circumstances like data of other Android user profiles or the Mail inbox on iOS) if an exploit is available.
"BFU Yes" in their docs means accessing data encrypted by the device rather than user credentials in a BFU state. For Android it's some OS configuration and APKs of installed apps. iOS provides far more information.
AFU exploits are to access and extract data without unlocking the device or to bypass the unlock mechanism entirely. Since data isnt encrypted/at rest when AFU they can obtain almost all of the data (except conditional circumstances like data of other Android user profiles or the Mail inbox on iOS) if an exploit is available.
"BFU Yes" in their docs means accessing data encrypted by the device rather than user credentials in a BFU state. For Android it's some OS configuration and APKs of installed apps. iOS provides far more information.