Jump to content
×
×
  • Create New...

Signal founder: I hacked police phone-cracking tool Cellebrite


Recommended Posts

Equin0x

The CEO of the messaging app Signal claims to have hacked the phone-cracking tools used by police in Britain and around the world to extract information from seized devices.

https://www.theguardian.com/technology/2021/apr/22/signal-founder-i-hacked-police-phone-cracking-tool-cellebrite

If crims can leave code on a phone that could compromise the tools police use to examine them, what implications could this have for digital forensics, reliability of evidence?

Link to post
Share on other sites
Equin0x

@BizzieBeeas you are a fellow Signal user thought you would find this blog post interesting

https://signal.org/blog/cellebrite-vulnerabilities/

The implication at the end seems to be that future versions of Signal will use this as a sort of anti tamper mechanism. What would the legal position on that be? If you have a phone with Signal installed and know it will ruin any Cellebrite machine it's plugged into, if it's seized and you inform them of that, who would be liable if they went ahead and plugged it in?

 

Link to post
Share on other sites
BizzieBee

Hi @Equin0x

A good question. As it stands, and as far as I understand, there is no requirement to disclose this to authorities. If the authorities wish to plug your device in to download your data and it causes damage, that’s their risk and call. 
 

Could Criminal Damage Act fit?:

Section 1(1) Criminal Damage Act 1971 - A person who without lawful excuse destroys or damages any property belonging to another, intending to destroy or damage any such property, or being reckless as to whether any such property would be destroyed or damaged, shall be guilty of an offence.

Did they commit an act that destroys or damages? Did they intend to destroy or damage? Were they reckless? 
I can’t see it. I guess, unless it’s tested at Court with a stated case made, who knows?

Unless there are other unusual offences anyone else here can think of? 

Signal is a good alternative messaging application. There’s been stories of it being ‘hacked’ by Cellebrite in the past, which isn’t strictly true and caused a bit of a stir. The testing was conducted on an UNLOCKED phone. Physical device security is rather different to held data, encrypted or otherwise. Disappearing messages, a good PIN and OS (suggest: Apple, due to tech and privacy policies) will fend-off any hackers - including authorities. (I believe someone paid a company overseas to hack an Apple device recently, but paid a lot of money for it in a high profile case. Only to find there was nothing on it 😂). 
 

I see a lot of phones with e2e encrypted apps on - including Signal. It always makes me smile inside. 

Link to post
Share on other sites
Equin0x
4 minutes ago, BizzieBee said:

Hi @Equin0x

A good question. As it stands, and as far as I understand, there is no requirement to disclose this to authorities. If the authorities wish to plug your device in to download your data and it causes damage, that’s their risk and call. 
 

Could Criminal Damage Act fit?:

Section 1(1) Criminal Damage Act 1971 - A person who without lawful excuse destroys or damages any property belonging to another, intending to destroy or damage any such property, or being reckless as to whether any such property would be destroyed or damaged, shall be guilty of an offence.

Did they commit an act that destroys or damages? Did they intend to destroy or damage? Were they reckless? 
I can’t see it. I guess, unless it’s tested at Court with a stated case made, who knows?

Unless there are other unusual offences anyone else here can think of? 

Signal is a good alternative messaging application. There’s been stories of it being ‘hacked’ by Cellebrite in the past, which isn’t strictly true and caused a bit of a stir. The testing was conducted on an UNLOCKED phone. Physical device security is rather different to held data, encrypted or otherwise. Disappearing messages, a good PIN and OS (suggest: Apple, due to tech and privacy policies) will fend-off any hackers - including authorities. (I believe someone paid a company overseas to hack an Apple device recently, but paid a lot of money for it in a high profile case. Only to find there was nothing on it 😂). 
 

I see a lot of phones with e2e encrypted apps on - including Signal. It always makes me smile inside. 

The "act" that caused the damage would be the police plugging it into the Cellebrite machine, so I'd say they've caused that damage to themselves and the suspect wouldn't be liable. Although I don't really know and am just guessing what the interpretation of the law would be. With legislation always lagging behind technology maybe there will be a new law in 20 years to clarify the position :lol:

  • Like 1
Link to post
Share on other sites
BlueBob

What it shows is that whenever someone says its unbreakable and encrypted, low and behold, someone WILL break the encryption.
 

Link to post
Share on other sites
BizzieBee
21 minutes ago, BlueBob said:

someone WILL break the encryption.

Indeed. That’s why e2e encryption is important, coupled with other security features. Disappearing messages being one of them. WhatsApp, the most widely-used app actually collects a lot of data about you. Messenger even more so! It’s astonishing. That’s why I prefer Signal. 

51 minutes ago, Equin0x said:

With legislation always lagging behind technology maybe there will be a new law in 20 years to clarify the position :lol:

I suspect you may be correct. Unless they change RIPA, too. “Failing to disclose material which may be installed and which may cause XYZ”... but let’s not give them any ideas. That piece of Legislation is dangerous enough as it is. 

Link to post
Share on other sites
Equin0x

Looks like Cellebrite has taken note of the blog post, they've stopped supporting physical extractions on iPhones.

https://9to5mac.com/2021/04/27/cellebrite-physical-analyzer-iphone/

"it appears that it was unable to protect against the method Signal was using to corrupt the Physical Analyzer software, as it told users that the app no longer allows iPhones to be analyzed using the most intrusive module available."

If software can be booby trapped in this fashion and Cellebrite can't find a workaround, it could effectively deny police the ability to examine mobile devices. What implications could this have going forward?

Link to post
Share on other sites
BizzieBee
2 hours ago, Equin0x said:

What implications could this have going forward?

Competition with Cellebrite, and ‘hackers’ employed elsewhere exploiting the opportunity?

I’m not in the technical field, however have seen the wonders of different security systems and rooting files, and types of breaks. iPhones are a lot more challenging to get into. 

Personally, I think it’s a pity this function isn’t written in the OS and has to rely on Signal or any other third party software/app. If someone doesn’t want their personal data revealed, they should have this protection. Especially from authorities.
‘Ethical hacking’ is still hacking. Much like the nonsense ‘Positive discrimination’ is still discrimination.
Wrapping-up immoralities and badging it as legal shouldn’t make it right. 

Link to post
Share on other sites
Equin0x

How does it work in the UK, do forces have an official "tech department" that oversees the examining of digital devices? I'd guess that whoever is in charge of that stuff will send out an email or memo telling officers to temporarily stop all use of Cellebrite tools, until a fix is rolled out.

 

Link to post
Share on other sites
BizzieBee
1 hour ago, Equin0x said:

How does it work in the UK, do forces have an official "tech department" that oversees the examining of digital devices?

Yes, for anything more than rudimentary searching. There are many trained in using the ‘plug & play’ type of machines.

1 hour ago, Equin0x said:

I'd guess that whoever is in charge of that stuff will send out an email or memo telling officers to temporarily stop all use of Cellebrite tools, until a fix is rolled out.

Who knows. It’s Police. So, if it involves any form of logic, just go with the opposite as the outcome. I doubt anyone even knows about it yet. 

Link to post
Share on other sites
Equin0x

Just saw that they publish all warrants or subpoenas on their website for everyone to see.

https://signal.org/bigbrother/

Would they be able to do this if they were based in the UK, or are warrants considered private/sensitive information?

Link to post
Share on other sites
BizzieBee

I don’t think it’s quite as simple as that, as I believe serving a Subpoena would require a local solicitor / attorney and whatnot, along with a form of ‘Mutual Legal Assistance’. 
I believe WhatsApp has some online portal for such requests and holds a lot of data.
 

I’m not sure why anyone would bother with Signal. It offers nothing useful as it doesn’t know anything. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Police Community is a forum that is supported financially through advertisements. It is a breach of our standard use policy to use Adblock plugins/software on our site. 

In order to continue using our site you will need to disable Adblock across our site. Alternatively you can purchase a membership package from our online store to remove adverts as part of the membership subscription. 

https://police.community/remove-adverts/

Thank you for your support.

I have disabled Adblock