What the Truck? Cellebrite Vulnerabilities Highlighted by Signal Hack (Six Extracts)

According to Dan Goodin of Ars Technica, the Cellebrite vulnerabilities could provide fodder for defense attorneys to challenge the integrity of forensic reports generated using the Cellebrite software. Additionally, Lucas Ropac of Gizmodo notes that if all of these disclosures are true, it could have pretty massive ramifications for Cellebrite.

en flag
nl flag
et flag
fi flag
fr flag
de flag
pt flag
ru flag
es flag

Content Assessment: What the Truck? Cellebrite Vulnerabilities Highlighted by Signal Hack

Information - 95%
Insight - 95%
Relevance - 100%
Objectivity - 95%
Authority - 90%

95%

Excellent

A short percentage-based assessment of the qualitative benefit of the recent post highlighting via multiple articles the supposed vulnerabilities of Cellebrite as shared by Signal app creator Moxie Marlinspike.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from data discovery and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s data and legal discovery-centric service, product, or research announcements, contact us today.

Reference: Aggregated Article Extracts on Cellebrite Vulnerabilities


Signal Hacked Cellebrite’s Phone Hacking Software Used by Law Enforcement

Article Extract via Engadget – Author Steve Dent

After the cellphone hacking company Cellebrite said it had figured out a way to access the secure messaging app Signal, Signal said in a blog post that it has turned the tables. The app’s creator Moxie Marlinspike claimed that his team obtained Cellebrite’s hacking kit and discovered several vulnerabilities. He then implied that Signal will update the app to stymie any law enforcement attempts to hack it.

Read the complete article.


Exploiting Vulnerabilities in Cellebrite UFED and Physical Analyzer from an App’s Perspective

Article Extract via Signal – Author Moxie Marlinspike

Cellebrite makes software to automate physically extracting and indexing data from mobile devices. They exist within the grey – where enterprise branding joins together with the larcenous to be called “digital intelligence.” Their customer list has included authoritarian regimes in Belarus, Russia, Venezuela, and China; death squads in Bangladesh; military juntas in Myanmar; and those seeking to abuse and oppress in Turkey, UAE, and elsewhere. A few months ago, they announced that they added Signal support to their software.

Their products have often been linked to the persecution of imprisoned journalists and activists around the world, but less has been written about what their software actually does or how it works. Let’s take a closer look. In particular, their software is often associated with bypassing security, so let’s take some time to examine the security of their own software.

Read the complete article.


Signal’s CEO Just Hacked the Cops’ Favorite Phone Cracking Tool and Became a Legend

Article Extract via Gizmodo – Author Lucas Ropac

If all of these disclosures are true, it could have pretty massive ramifications for Cellebrite. If we can assume it’s really this easy for someone to break into the company’s software and drastically alter the data that police are collecting, how certain can law enforcement be that the evidence they are collecting is actually correct? What would the legal ramifications be for the cases that have hinged on Cellebrite’s software, if its security is really so paltry? Anyone who’s been involved in a case that used this software should probably be calling their lawyer right now.

Read the complete article.


Signal says Cellebrite Phone-Hacking Tool Used by Police is Easily Hacked

Article Extract via Mashable – Author Jack Morse

Dan Tentler, the executive founder of the security company Phobos Group, explained over email that Moxie’s findings mean that it’s now incredibly risky for government agents to use Cellebrite’s products.

“What agency would you like to exploit?” he asked rhetorically. “Bait one of them into reading a phone loaded with the exploit, and have the exploit then compromise the computer the Cellebrite platform is plugged into after the fact to retrieve the files.”

Read the complete article.


In Epic Hack, Signal Developer Turns the Tables on Forensics Firm Cellebrite

Article Extract via Ars Technica – Author Dan Goodin

Cellebrite provides two software packages: The UFED breaks through locks and encryption protections to collect deleted or hidden data, and a separate Physical Analyzer uncovers digital evidence (“trace events”).

To do their job, both pieces of Cellebrite software must parse all kinds of untrusted data stored on the device being analyzed. Typically, software that is this promiscuous undergoes all kinds of security hardening to detect and fix any memory-corruption or parsing vulnerabilities that might allow hackers to execute malicious code.

“Looking at both UFED and Physical Analyzer, though, we were surprised to find that very little care seems to have been given to Cellebrite’s own software security,” [Moxie] Marlinspike wrote. “Industry-standard exploit mitigation defenses are missing, and many opportunities for exploitation are present.”

Read the complete article.


Signal Gives Phone Hacking Company Cellebrite a Taste of its Own Medicine

Article Extract via TechRadar Pro – Author Mayank Sharma

To illustrate the lack of prudent security measures, in his breakdown of Cellebrite’s two main tools, Marlinspike observed that they bundle FFmpeg DLLs from 2012. He pointed out that FFmpeg has reported over two hundred vulnerabilities since then.

In addition to the security blunders, Marlinspike also observed a couple of Apple copyright violations in the apps.

Cellebrite did not respond immediately to our request for comment.

Read the complete article.


Additional Reading

Source: ComplexDiscovery

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

ComplexDiscovery is an online publication that highlights cyber, data and legal discovery insight and intelligence ranging from original research to aggregated news for use by business, information technology, and legal professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data and legal discovery organizations. Registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world, ComplexDiscovery OÜ operates virtually worldwide to deliver marketing consulting and services.

Joint Cybersecurity Advisory from the CISA, FBI, and NSA on BlackMatter Ransomware

This Joint Cybersecurity Advisory from the CISA, FBI, and NSA provides...

Keeping Secrets? Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021

According to a recently published report, the U.S. Treasury's Financial Crimes...

A Geographical Depiction: Ransomware Attacks in the United States Between 2018 and Today

Published by Comparitech, a pro-consumer website providing information, tools, reviews, and...

Recommendations for Mitigating the Risk of Software Vulnerabilities: NIST Secure Software Development Framework

This draft document from NIST on a proposed secure software development...

Consilio Completes Acquisition of Legal Consulting and eDiscovery Business Units of Special Counsel from Adecco

According to Andy Macdonald, CEO of Consilio, “Consilio’s acquisition of D4...

Cellebrite to Acquire Digital Clues

According to Cellebrite CEO Yossi Carmil, “We are pleased to announce...

iCONECT Acquires Ayfie Inspector Artificial Intelligence Codebase

According to Ian Campbell, CEO of iCONECT, “Direct access to the...

eDiscovery Mergers, Acquisitions, and Investments in Q3 2021

From Ipro and Disco to Nuix and Lighthouse, the following findings,...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Five Great Reads on Cyber, Data, and Legal Discovery for September 2021

From countering ransomware to predictive coding and packaged services, the September...

Five Great Reads on Cyber, Data, and Legal Discovery for August 2021

From the interplay of digital forensics in eDiscovery to collecting online...

Five Great Reads on Cyber, Data, and Legal Discovery for July 2021

From considerations for cyber insurance and malware to eDiscovery business confidence...

Five Great Reads on eDiscovery for June 2021

From remediating cyberattacks to eDiscovery pricing, the June 2021 edition of...

Harvest Time? eDiscovery Operational Metrics in the Fall of 2021

In the fall of 2021, 67 eDiscovery Business Confidence Survey participants...

Unseasonably Hot? Fall 2021 eDiscovery Business Confidence Survey Results

Since January 2016, 2,595 individual responses to twenty-four quarterly eDiscovery Business...

More Keepers? Predictive Coding Technologies and Protocols Survey – Fall 2021 Results

From the most prevalent predictive coding platforms to the least commonly...

Glowing Expectations? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2021

In the summer of 2021, 63.3% of survey respondents felt that...