Monday Briefing: Iraq s ongoing cycle of successes and disasters mei.edu - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from mei.edu Daily Mail and Mail on Sunday newspapers.
Signal, the world's most encrypted app, revealed Cellebrite's software is exposed and its data can be manipulated. Now activists in Israel and U.K. demand police stop using the phone-hacking tech
By Juha Saarinen on Apr 22, 2021 11:00AM Source: Cellebrite
Numerous vulnerabilities allow code execution.
Israeli digital forensics firm Cellebrite, whose products are used by law enforcement but also repressive, murderous regimes and groups around the world, has been left with egg on its face after an analysis of its software found it to be riddled with easily exploitable vulnerabilities.
The figurehead of the Signal encrypted messaging project, Moxie Marlinspike, got hold of a Cellebrite kit containing two key pieces of Windows software, the Universal Forensic Extraction Device (UFED) and Physical Analyser.
How the Cellebrite kit ended up in the Signal team s hands remains unclear for now.
By Ionut Arghire on April 22, 2021
Cellebrite’s forensic applications do not include the type of security protections one would expect from a parsing software, which renders them susceptible to attacks, according to privacy-focused messaging service Signal.
The Israel-based mobile forensics company offers data extraction and analysis services to intelligence organizations and public safety entities, but also to military and enterprise sectors. Cellebrite claims to have thousands of customers in over 140 countries. It has reportedly helped the FBI access information on locked phones, including in high-profile cases, but it has also been accused of providing its services to authoritarian regimes.
The company’s software solutions, Universal Forensic Extraction Device (UFED) and Physical Analyzer, work by parsing data from devices. With that data generated by the applications running on the device, Cellebrite’s software is not in control of the data, thus prone to attacks.
It fell off the truck : Encrypted message app Signal gets revenge on Israel s Cellebrite - Israel News haaretz.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from haaretz.com Daily Mail and Mail on Sunday newspapers.