On Tuesday, security company Cellebrite claimed to have broken the encryption that Signal uses to keep user communication safe. The blog post has since been removed, but the BBC has an archived version here. But Signal says that claim isn’t true.
It is important to understand that any story about Cellebrite Physical Analyzer starts with someone other than you physically holding your device, with the screen unlocked, in their hands. Cellebrite does not even try to intercept messages, voice/video, or live communication, much less “break the encryption” of that communication. They don’t do live surveillance of any kind.
Cellebrite, a company known for its iPhone hacking tools, is pitching its products to governments as a surveillance alternative to contact tracing.
When someone tests positive, authorities can siphon up the patient’s location data and contacts, making it easy to “quarantine the right people,” according to a Cellebrite email pitch to the Delhi police force this month.
This would usually be done with consent, the email said. But in legally justified cases, such as when a patient violates a law against public gatherings, police could use the tools to break into a confiscated device, Cellebrite advised.
I get the feeling that there are many who are unhappy that Apple and Google’s solution is private and opt-in. Companies like Cellebrite and Palantir can’t pass up such an opportunity.
Forensics company Cellebrite, mainly known for its iPhone hacking capabilities, released a report of top digital intelligence trends for 2020. One thing that stuck out at me:
…over 70 percent of officers are still asking witnesses and victims to surrender their devices…However, most people do not want to have their primary communication device taken away for an indefinite period. To combat this issue, 67 percent of agency management believe that mobility technology is important or very important to the agency’s long-term digital evidence strategy and 72 percent of investigators believe it is important to conduct in-the-field extractions of this data.
In other words, it sounds to me like LE wants the capability to extract data from devices on site, instead of sending it to a lab. Fast action is important for LE, but it may also be too fast for people to think about those pesky rights they have before handing their phone over.
Forensic company BlackBag, a Cellebrite company, recently found that locked Apple Notes are temporarily stored in an insecure state.
Cellebrite, a company specializing in hacking smartphones for law enforcement, has acquired BlackBag Technologies, a company specializing in hacking computers for law enforcement. This will let Cellebrite offer law enforcement an “all-in-one” forensic solution to cover smartphones, laptops, desktops, and cloud data.
It also means offering a broad array of field acquisition capabilities including consent-based evidence collection along with an integrated solution set that provides access, insight and evidence management to facilitate and control large-scale deployments and orchestrate the entire digital intelligence operation.
Cellebrite offers all of these capabilities to law enforcement, but the FBI still wants Apple to create a backdoored version of iOS.
When a company like Cellebrite or GrayKey use their devices to break into your iPhone, it’s not just your local data that can be accessed. Using various types of “cloud forensics” or cloud extraction technology, they can get your data in the cloud as well. It’s a long read but worth it.
Cellebrite’s UFED Cloud Analyzer, for example, uses login credentials that can be extracted from the device to then pull a history of searches, visited pages, voice search recording and translations from Google web history and view text searches conducted with Chrome and Safari on iOS devices backed-up iCloud.
Checkm8 is an iPhone flaw in the bootrom that can lead to a jailbreak. It can’t be patched via software, and it affects the iPhone 4s through iPhone X. But attackers need physical access to your device, and the jailbreak can only be tethered, meaning that if the iPhone is restarted it disappears.
The Cellebrite UFED team is working quickly to provide users with support for the above-mentioned scenario. This will be included with the launch of our iOS extraction agent in an upcoming release. The team is committed to providing a comprehensive, forensically-sound solution that adheres to Cellebrite’s high standards, is fully tested, and is admissible in court.
Speaking about recent rumors, if Apple did remove the Lightning port from future iPhones, I wonder if it would defeat companies like Cellebrite. I’m not sure if they could still extract data via the wireless charger.
John Martellaro and Andrew Orr join host Kelly Guimont to discuss Cellebrite’s new partnership and other iPhone hacks like Lightning cables.
Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.
Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.
I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.
The Cellebrite hacking tool used to break into iPhones is being sold on eBay starting at US$100, and could contain data from legal cases.
There’s a new company called Crowdfense that represents the obstacles companies like Apple, Google, and other operating system vendors have in keeping their platforms secure.
The ability to unlock any iPhone model is significant, and the cost of unlocking an iPhone can be pretty cheap.
Meet Ben Lieberman of New Castle, NY. He suffered a horrific tragedy in 2011 when his 19 year old son was killed by someone texting-while-driving. Powered by his personal loss, Mr. Lieberman is on a crusade to dramatically amp up the power of the police to search your smartphone without a warrant.
A hacker dumped 900GB of hacking tools and data used by Cellebrite. The cache of data is on Pastebin, for now, at least. Cellebrite is an Israeli security company that came to public prominence when the FBI used its services to hack into the San Bernadino shooter’s iPhone.
Outgoing FCC Chairman Tom Wheeler made a plea for the incoming administration to protect Net Neutrality. Bryan and Jeff discuss whether that plea is likely to fall on deaf ears [spoiler: yes, it will]. They also discuss the implications of the Cellebrite hack, and the fact that Apple released two product updates this week.
A year ago the FBI was pushing to force Apple into making a hackable version of iOS for a terrorist investigation while claiming the code would stay secure. Now Cellebrite—the company the FBI reportedly hired to break through the iPhone’s encryption—has been hacked, validating Apple’s concerns the tools would eventually leak.