Phone pwn
Michael Butash
michael at butash.net
Sat Dec 24 00:30:14 MST 2016
https://motherboard.vice.com/read/us-state-police-have-spent-millions-on-israeli-phone-cracking-tech-cellebrite
I've known about cellbrite for a bit, seems they've only gotten better (or
worse, relative) as a shill for your secrets to the highest bidder slurping
any/all mobile data for forensic capabilities. Government, military,
police, or criminal, whoever can afford them. You or I with enough enough
cash too.
So what does one do these days aside from accept that their phone can and
will be compromised with enough direct intent to do so? This can/does
happen at some international waypoints I've read agents will "insist" they
take your phone somewhere (with a cellbrite I presume). It seems rather
impossible to bother attempting to secure your data on any phone,
encryption or none.
Google doesn't seem to comment on what cellbrites markets as attacking
"any" android, and sadly better Apples where it's more cat and mouse, but
at least some attempt at denying it exists. Blackberries seem to pride
themselves on secure android, but I wonder if it'd hold up to a cellbrite
ufed.
Is there really a *good* option out there that prevent this? Why is that?
I'd just like to for once be confident in a product that it's not built
inherently with a conveniently exploitable backdoor for .gov where ever you
are, or all of them as probably more likely. The fact cellbrite can simply
leech *any* android, and various apples as a cat and mouse effort is quite
disgusting.
Also, cellbrite's ufed tool seem capable of cloning sims, which means the
protocols in use for now gsm + probably lte are again flawed as allowing
the sim ki (private key of sorts) to be extracted from weaknesses in the
cryptographic storage internal to them (shh). Until around 2003, one could
clone gsm sims pretty trivially, only stronger crypto standards evolved to
protect it further, which I now suspect is broken too given this "tool"
existing at all.
We should crowdfund buying one to play with at an installfest, I see some
on ebay (search "cellbrite ufed"). Ebay also turns up searching it some
interesting sales of documents for test study results too.
-mb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20161224/5befd55a/attachment.html>
More information about the PLUG-discuss
mailing list