I was a cellebrite certified operator/analyst. The answer is a combination of "The iPhone is that secure" and "Androids usually aren't".
The tools that Cellebrite sells will handle all but the most recent iPhones and maybe the most recent Androids. The newer the iPhone, the less likely a law enforcement officer is gonna have the tools to get into it. Cellebrite offers a service where you can ship them the phone and let their techs go at it. Whether it is because of legitimate limitations in their technology, or purely a marketing/commercial limitation, is unknown.
In general, any non-i{hone is Android. Most Androids are garbage phones that are sold by the dozen in the bottom of a bin at a gas station. Security isn't something its creator or buyer is really concerned about.
I have been out of the field for a few years, so things may have changed slightly in either direction, but I imagine its the same general concept. Newer is harder to break into, brand new iPhone model is probably impossible for now.
Using a throwaway. I was arrested and had technology devices raided. Cellebrite was able to bypass the login screen and encryption of my powered on seized Android cellphone, but they were not able to access a different Android phone that was powered down fully.
During my initial arrest they politely asked me once for the passwords, which I declined. Around 9 months later they asked my legal counsel for the passwords, which was declined.
I found a subsequent court case where my same prosecutor tried via the court system to get a different defendant to reveal their passwords and they failed. Oh well.
Reading their internal emails regarding encryption and their general tech capabilities was enlightening.
Apparently they knocked for several minutes before letting themselves in. I had gone to sleep only a couple hours before due to a late night, and as a double whammy I took some melatonin so I was completely out of it.
Obviously I would never obstruct justice but in theory had I heard them knocking, there would have been plenty of time to do so.
Ironically half the "evidence" they recovered from the phone actually would have helped my case if it had gone to trial because it showed no criminal intent and no attempt to hide from law enforcement. In short, if they never gained access to that phone on their own it may have been in my interests to provide the passwords for that specific device but who knows.
They were looking for general evidence of guilt as I was accused of a purely technological crime. They were not looking for specific files or anything.
If I say the specifics it will be obvious who I am because it was front page news, not that I really mind too much I suppose but I'll refrain for now. Suffice to say the question wasn't whether I did the actions but whether it was illegal or not. Turns out it is not illegal in the USA according to their prosecutors and we'll never find out if it was illegal in Canada because it will never go to trial due to withdrawn charges. Some charges were however ruled not a crime during an early hearing by the judge and the remaining were dropped.
I'm in Canada but the investigation was with both the FBI and RCMP. The FBI offered tech assistance with encryption matters as well according to emails between the two agencies.
A (still current) cellebrite ambassador told me in 2016-2017 that the most recent Samsung flagship back then, if encrypted, was safe from all attacks they had.
The tools that Cellebrite sells will handle all but the most recent iPhones and maybe the most recent Androids. The newer the iPhone, the less likely a law enforcement officer is gonna have the tools to get into it. Cellebrite offers a service where you can ship them the phone and let their techs go at it. Whether it is because of legitimate limitations in their technology, or purely a marketing/commercial limitation, is unknown.
In general, any non-i{hone is Android. Most Androids are garbage phones that are sold by the dozen in the bottom of a bin at a gas station. Security isn't something its creator or buyer is really concerned about.
I have been out of the field for a few years, so things may have changed slightly in either direction, but I imagine its the same general concept. Newer is harder to break into, brand new iPhone model is probably impossible for now.