Signal Founder Hacks Cellebrite’s Phone Hacking Tools

Signal Founder Hacks Cellebrite’s Phone Hacking Tools

The secure lock screens on Android and iOS devices are supposed to keep your data secure, but there are still some ways to crack the lock. You just need a capable digital crowbar like the ones made by Cellebrite. The Israeli firm recently bragged that it has helped law enforcement retrieve data from the encrypted Signal chat app. Well, Signal founder Moxie Marlinspike had something to say about that. After getting his hands on Cellebrite’s tools, he turned the tables and hacked the hacker.

These phone hacking tools are basically black boxes — no one outside the company is supposed to know how they work or what exploits they use to break smartphone security. Revealing that would make it possible for Apple and Google to patch the targeted exploits, thus rendering the hardware and software versions of Cellebrite’s tools obsolete. Marlinspike did not reveal where he got his Cellebrite materials — he jokes that it fell off of a truck. The bundle included various dongles and a hardware key that enabled the Windows software version of Cellebrite (above). The company sells a standalone hardware kit as well.

According to the Signal blog, this product is supposed to exploit unknown software bugs in smartphones, but it’s crawling with bugs itself. By feeding Cellebrite a few tweaked files, it’s possible to modify the data reported to users. Marlinspike says this hack can even alter the data reported by the system when scanning future devices. This calls into question the reliability of the evidence gathered with Cellebrite technology.

Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software:

"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"https://t.co/DKgGejPu62 pic.twitter.com/X3ghXrgdfo

— Signal (@signalapp) April 21, 2021

To illustrate this, Marlinspike fed Cellebrite a file that opened it up to running arbitrary code. You can do almost anything with that power, but Marlinspike just used it to display a custom message in the software. Going forward, Signal will download some mysterious files to place in app storage. Marlinspike called this “completely unrelated news,” but the intention is clear. These files are probably going to prank anyone who tries to read Signal data on Cellebrite systems.

The technology from Cellebrite and competitors like GrayKey are a favorite of law enforcement in the US, but these devices are also popular with authoritarian regimes in places like Russia, Turkey, and Belarus. This has made them popular targets for hackers and privacy advocates. Marlinspike has committed to responsibly disclosing the vulnerabilities he discovered in Cellebrite’s software, but he’s got a condition: Cellebrite has to do the same with the exploits it uses to hack phones. That doesn’t seem very likely.

Continue reading

Intel’s Raja Koduri to Present at Samsung Foundry’s Upcoming Conference
Intel’s Raja Koduri to Present at Samsung Foundry’s Upcoming Conference

Intel's Raja Koduri will speak at a Samsung foundry event this week — and that's not something that would happen if Intel didn't have something to say.

Samsung May Build $10B Foundry in Austin, Texas
Samsung May Build $10B Foundry in Austin, Texas

Samsung may be planning a new $10B foundry in Austin Texas, with an aggressive plan to challenge TSMC.

OnePlus Founder’s New Startup Bought the Husk of Andy Rubin’s Essential
OnePlus Founder’s New Startup Bought the Husk of Andy Rubin’s Essential

OnePlus's cofounder recently left to start a new venture called Nothing. Currently, Nothing makes nothing, so that's a fitting name. It might make something soon now that it has purchased the husk of Andy Rubin's smartphone startup.

Samsung’s Austin Foundry Is Still Offline, More Than 2 Weeks Later
Samsung’s Austin Foundry Is Still Offline, More Than 2 Weeks Later

Samsung's Austin foundry is still offline, increasing the chance that its shutdown will meaningfully contribute to the semiconductor shortage.