The technology behind Cellebrite, an Israeli company that’s been selling smartphone unlocking devices to governments and police agencies across the world, is full of exploitable software flaws, according to the founder of the encrypted chat app Signal.
Signal Founder Moxie Marlinspike got his hands on a smartphone unlocking device from Cellebrite—known as a UFED—and found that it's so vulnerable the machine can be manipulated if it scans a specially configured file on a smartphone. Hence, any evidence the UFED pulls for police investigators can be called into question.
Credit: Signal/Cellebrite
“For example, by including a specially formatted but otherwise innocuous file in an app on a device that is then scanned by Cellebrite, it’s possible to execute code that modifies not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices in any arbitrary way,” Marlinspike wrote in a blog post.
The modifications can be implemented without detectable timestamp changes or failures in the digital values. “Any app could contain such a file, and until Cellebrite is able to accurately repair all vulnerabilities in its software with extremely high confidence, the only remedy a Cellebrite user has is to not scan devices,” he added.
Tweet
To illustrate the flaws, Marlinspike’s blog post contains a video demonstrating an iPhone tricking Cellebrite’s UFED device to post a hacker-created message.
Interestingly, he then implies Signal itself is adding some specially formatted files to the messaging app capable of scrambling Cellebrite’s technology.
“In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage,” he wrote. “These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software.”
Recommended by Our Editors
However, Cellebrite is downplaying the alleged flaws. "Cellebrite is committed to protecting the integrity of our customers’ data, and we continually audit and update our software in order to equip our customers with the best digital intelligence solutions available," the company said in a statement, without elaborating.
One mystery is how Signal’s founder got his hands on a Cellebrite UFED device. According to Marlinspike, the device fell off a truck, which coincidentally landed right in front of him as he was taking a walk.
We’re pretty sure Marlinspike is trying to cover up his true source. In the meantime, Signal’s founder wrote he’s willing to disclose all the flaws he found in the company’s technology—but only if they do the same and reveal how Cellebrite is extracting data from locked smartphones. In December, Cellebrite wrote its own blog post about how the company has been helping law enforcement access data from the Signal app on confiscated smartphones.
"device" - Google News
April 22, 2021 at 05:56AM
https://ift.tt/32zNqhM
iPhone Hacking Device From Cellebrite Is Rife With Exploitable Flaws, Says Signal - PCMag
"device" - Google News
https://ift.tt/2KSbrrl
https://ift.tt/2YsSbsy
Bagikan Berita Ini
0 Response to "iPhone Hacking Device From Cellebrite Is Rife With Exploitable Flaws, Says Signal - PCMag"
Post a Comment