Cellebrite Releases Report of Digital Intelligence Trends 2020

· Andrew Orr · Link

Forensics company Cellebrite, mainly known for its iPhone hacking capabilities, released a report of top digital intelligence trends for 2020. One thing that stuck out at me:

…over 70 percent of officers are still asking witnesses and victims to surrender their devices…However, most people do not want to have their primary communication device taken away for an indefinite period. To combat this issue, 67 percent of agency management believe that mobility technology is important or very important to the agency’s long-term digital evidence strategy and 72 percent of investigators believe it is important to conduct in-the-field extractions of this data.

In other words, it sounds to me like LE wants the capability to extract data from devices on site, instead of sending it to a lab. Fast action is important for LE, but it may also be too fast for people to think about those pesky rights they have before handing their phone over.

Cellebrite’s Acquisition Adds Computer Forensics to its Portfolio

· Andrew Orr · Link

Cellebrite, a company specializing in hacking smartphones for law enforcement, has acquired BlackBag Technologies, a company specializing in hacking computers for law enforcement. This will let Cellebrite offer law enforcement an “all-in-one” forensic solution to cover smartphones, laptops, desktops, and cloud data.

It also means offering a broad array of field acquisition capabilities including consent-based evidence collection along with an integrated solution set that provides access, insight and evidence management to facilitate and control large-scale deployments and orchestrate the entire digital intelligence operation.

Cellebrite offers all of these capabilities to law enforcement, but the FBI still wants Apple to create a backdoored version of iOS.

Here’s What Data is Accessible With Cloud Forensics

· Andrew Orr · Link

When a company like Cellebrite or GrayKey use their devices to break into your iPhone, it’s not just your local data that can be accessed. Using various types of “cloud forensics” or cloud extraction technology, they can get your data in the cloud as well. It’s a long read but worth it.

Cellebrite’s UFED Cloud Analyzer, for example, uses login credentials that can be extracted from the device to then pull a history of searches, visited pages, voice search recording and translations from Google web history and view text searches conducted with Chrome and Safari on iOS devices backed-up iCloud.

Cellebrite Now Uses iOS Exploit Checkm8

· Andrew Orr · Link

Checkm8 is an iPhone flaw in the bootrom that can lead to a jailbreak. It can’t be patched via software, and it affects the iPhone 4s through iPhone X. But attackers need physical access to your device, and the jailbreak can only be tethered, meaning that if the iPhone is restarted it disappears.

The Cellebrite UFED team is working quickly to provide users with support for the above-mentioned scenario.  This will be included with the launch of our iOS extraction agent in an upcoming release. The team is committed to providing a comprehensive, forensically-sound solution that adheres to Cellebrite’s high standards, is fully tested, and is admissible in court.

Speaking about recent rumors, if Apple did remove the Lightning port from future iPhones, I wonder if it would defeat companies like Cellebrite. I’m not sure if they could still extract data via the wireless charger.

New York City Partners With Cellebrite to Hack iPhones

· Andrew Orr · Link

Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.

Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.

I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.

Cellebrite Hacking Tool Sells on eBay for $100

· Andrew Orr · News

The Cellebrite hacking tool used to break into iPhones is being sold on eBay starting at US$100, and could contain data from legal cases.

Apple Enters Medicine, Vero Viability, Cellebrite Insecurity - ACM 451

· Bryan Chaffin · Apple Context Machine Podcast

Apple Context Machine Logo

Apple is entering into the business of medicine, and Bryan Chaffin and Jeff Gamet explore the ramifications of this momentous development. They also discuss whether or not the Vero social network is viable, as well as Cellebrite’s claim that it can open up most iOS devices.

Meet the Man Who Wants to Use His Personal Tragedy to Screw Us All with Textalyzer

· Bryan Chaffin · The Back Page

An iPhone being used in the dark

Meet Ben Lieberman of New Castle, NY. He suffered a horrific tragedy in 2011 when his 19 year old son was killed by someone texting-while-driving. Powered by his personal loss, Mr. Lieberman is on a crusade to dramatically amp up the power of the police to search your smartphone without a warrant.

Hackers Post Cellebrite's Smartphone Cracking Tools Online

· Andrew Orr · News

UFED hacking tools

A hacker dumped 900GB of hacking tools and data used by Cellebrite. The cache of data is on Pastebin, for now, at least. Cellebrite is an Israeli security company that came to public prominence when the FBI used its services to hack into the San Bernadino shooter’s iPhone.

FCC Net Neutrality, Backdoor Hacks, and New Apple Products - ACM 394

· Bryan Chaffin · Apple Context Machine Podcast

Apple Context Machine Logo

Outgoing FCC Chairman Tom Wheeler made a plea for the incoming administration to protect Net Neutrality. Bryan and Jeff discuss whether that plea is likely to fall on deaf ears [spoiler: yes, it will]. They also discuss the implications of the Cellebrite hack, and the fact that Apple released two product updates this week.

Cellebrite Hacked, Reaffirming Apple's iOS No-backdoor Stance

· Jeff Gamet · Analysis

Cellebrite's servers hit with data breach

A year ago the FBI was pushing to force Apple into making a hackable version of iOS for a terrorist investigation while claiming the code would stay secure. Now Cellebrite—the company the FBI reportedly hired to break through the iPhone’s encryption—has been hacked, validating Apple’s concerns the tools would eventually leak.