Encrypted Chat App Sign Reveals Bugs in Cellebrite Gadgets, Telecom Information, ET Telecom
WASHINGTON: Encrypted chat app Signal suggested in a blog post published Wednesday that products sold to law enforcement agencies by Israeli surveillance provider Cellebrite could be easily sabotaged.
Cellebrite DI Ltd, which specializes in helping law enforcement and intelligence agencies copy call logs, text, photos, and other data from smartphones, has come under repeated fire for historically targeting authoritarian governments, including Russia and China, was sold.
Signal, a privacy-centric app that aims to show how long it takes to protect users’ conversations, clashed with Cellebrite last year when the Israeli company said its equipment was updated to allow law enforcement agencies to receive signal messages from devices in theirs Be able to retrieve ownership.
Signal creator Moxie Marlinspike said in his blog post on Wednesday that he came into possession of a bag of Cellebrite gear and examined the gear inside.
He was “surprised that Cellebrite’s own software security appeared to be neglected,” Marlinspike said, noting that it would be easy to put a specially crafted file on a phone that would interfere with Cellebrite’s functionality.
Cellebrite did not immediately return a message requesting a comment.
Elsewhere on his blog post, Marlinspike claimed that he found fragments of Apple Inc code in Cellebrite’s software, which “could pose a legal risk to Cellebrite and its users” if it were done without permission.
Apple did not immediately respond to a request for comment.
Signal’s allegations come as Cellebrite prepares to go public through a merger with a blank check company, valuing the combined company’s equity at around $ 2.4 billion.