iOS Forensic Toolkit and Open Source

May 4th, 2023 by Oleg Afonin
Category: «Elcomsoft News», «General»

As a provider of mobile forensic tools, we at Elcomsoft strongly believe in giving back to the community. Our iOS Forensic Toolkit (EIFT) is a highly complex and powerful mobile acquisition tool, consisting of almost eighty sub-projects, many of which are open source. While we have benefited from the contributions of the community, we also believe that it’s time to contribute back to the open source community by publishing our changes to those projects as required by their permissive license.

In addition to fulfilling legal requirements, there are several benefits to open sourcing some of our projects. Collaboration with the open source community can result in faster updates, improved features, and greater security. By sharing our efforts, we can help each other to build better tools, rather than reinventing the wheel. To this end, we are currently preparing to open source several of our projects. With a long list of projects that are going to be public soon, we are currently in the process of doing some technical preparations for publication. Once this is complete, we will start pushing code to our github. We are excited about the opportunities that this initiative will bring and look forward to working together with the open source community.

The benefits of open source

There are more reasons to opensource those components other than it being required by the license. Have you heard of palera1n, an opensource checkm8-based jailbreak? The work on kernel patches done by those people partially overlaps with the kernel patches we need to do for iOS Forensic Toolkit ramdisk. By joining forces with the opensource community we could help each other to build updates faster by sharing the efforts instead of doing the work twice. Another example are publicly available tools for iOS downgrading, which we can use internally to extensively test our software on every supported iOS version, in order to provide the best quality software to our customers.

Conclusion

We have been fortunate to benefit from the contributions of the open source community, and we believe that it is time to give back. As required by the permissive licenses, we are in the process of preparing to publish our changes to these open source projects. In addition to fulfilling our legal obligations, we are excited about the opportunities that this initiative will bring.

By collaborating with the open source community, we can work together to build better tools, faster updates, improved features, and greater security. We can learn from each other, avoid duplicating efforts, and focus on what we do best. We are currently preparing our projects for publication and are eager to push our changes to the community. We understand that this is a large undertaking, but we are committed to taking it one step at a time. We look forward to the benefits that this initiative will bring and to working with the open source community to create even better tools.


REFERENCES:

Elcomsoft iOS Forensic Toolkit

Extract critical evidence from Apple iOS devices in real time. Gain access to phone secrets including passwords and encryption keys, and decrypt the file system image with or without the original passcode. Physical and logical acquisition options for all 64-bit devices running all versions of iOS.

Elcomsoft iOS Forensic Toolkit official web page & downloads »