Signal Founder Hacks Cellebrite’s Phone Hacking Tools

Signal Founder Hacks Cellebrite’s Phone Hacking Tools

The secure lock screens on Android and iOS devices are supposed to keep your data secure, but there are still some ways to crack the lock. You just need a capable digital crowbar like the ones made by Cellebrite. The Israeli firm recently bragged that it has helped law enforcement retrieve data from the encrypted Signal chat app. Well, Signal founder Moxie Marlinspike had something to say about that. After getting his hands on Cellebrite’s tools, he turned the tables and hacked the hacker.

These phone hacking tools are basically black boxes — no one outside the company is supposed to know how they work or what exploits they use to break smartphone security. Revealing that would make it possible for Apple and Google to patch the targeted exploits, thus rendering the hardware and software versions of Cellebrite’s tools obsolete. Marlinspike did not reveal where he got his Cellebrite materials — he jokes that it fell off of a truck. The bundle included various dongles and a hardware key that enabled the Windows software version of Cellebrite (above). The company sells a standalone hardware kit as well.

According to the Signal blog, this product is supposed to exploit unknown software bugs in smartphones, but it’s crawling with bugs itself. By feeding Cellebrite a few tweaked files, it’s possible to modify the data reported to users. Marlinspike says this hack can even alter the data reported by the system when scanning future devices. This calls into question the reliability of the evidence gathered with Cellebrite technology.

Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software:

"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"https://t.co/DKgGejPu62 pic.twitter.com/X3ghXrgdfo

— Signal (@signalapp) April 21, 2021

To illustrate this, Marlinspike fed Cellebrite a file that opened it up to running arbitrary code. You can do almost anything with that power, but Marlinspike just used it to display a custom message in the software. Going forward, Signal will download some mysterious files to place in app storage. Marlinspike called this “completely unrelated news,” but the intention is clear. These files are probably going to prank anyone who tries to read Signal data on Cellebrite systems.

The technology from Cellebrite and competitors like GrayKey are a favorite of law enforcement in the US, but these devices are also popular with authoritarian regimes in places like Russia, Turkey, and Belarus. This has made them popular targets for hackers and privacy advocates. Marlinspike has committed to responsibly disclosing the vulnerabilities he discovered in Cellebrite’s software, but he’s got a condition: Cellebrite has to do the same with the exploits it uses to hack phones. That doesn’t seem very likely.

Continue reading

Cyberpunk 2077 Save Files Will Break Forever If You Collect Too Many Items
Cyberpunk 2077 Save Files Will Break Forever If You Collect Too Many Items

Gamers have griped loudly about the bugs and performance issues, and there's a new issue to note today: if you collect too many in-game items, your save file will break forever.

Cryptocurrency Miners Are Reportedly Ruining the Laptop Market, Too
Cryptocurrency Miners Are Reportedly Ruining the Laptop Market, Too

According to a new report, cryptocurrency miners aren't just buying up desktop PC GPUs — they've started hoovering up gaming laptops as well.

At CES 2018, Digital Health Took Center Stage
At CES 2018, Digital Health Took Center Stage

Small and large companies are taking advantage of consumer technology to enable new models and empower people to monitor and manage their health and wellness. Here are our favorites looking to shake up the status quo.

Microsoft Announces New Data Privacy Tools for Windows 10
Microsoft Announces New Data Privacy Tools for Windows 10

Soon you'll be able to see the diagnostic data Microsoft collects from Windows and what it's doing with it.