Popular iPhone forensic app partially unavailable after Signal blog post: Report

The company's ‘Physical Analyser’ tool that is used to scoop up data from iPhone and Android devices reportedly contained various security flaws that Signal claimed it managed to exploit last week. 

By: HT TECH
| Updated on: Aug 21 2022, 16:46 IST
Signal is probably the only app you should be looking to if you want to ensure your messages stay between you and your friends/family/trusted contacts. 
Signal is probably the only app you should be looking to if you want to ensure your messages stay between you and your friends/family/trusted contacts.  (HT Tech)

Last week, popular encrypted messaging service Signal announced that it had found certain vulnerabilities in a well-known software used to extract information from iPhones. The software manufacturer, Cellebrite, has now reportedly stopped offering its tool for iPhones.

According to a report by 9to5Mac, the Cellebrite Physical Analyser, a tool used by governments and other entities to scan smartphones and collect the data inside in a neat and organised fashion, has updated its software to protect itself from some of the security flaws that Signal identified in great detail along with screenshots and a lot of sarcasm last week.

You may be interested in

7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Also read: Signal app creator alleges security flaws in Cellebrite equipment

Also read
Looking for a smartphone? To check mobile finder click here.

Signal had revealed it obtained one of Cellebrite's Physical Analyzer tool. However, it had not disclosed how it managed to find the device that is usually sold only to governments, instead offering an elaborate story of how it fell off a truck while founder Moxie Marlinspike was out for a walk. After analysing the software, he found multiple security flaws which he documented in a blog post.

However, Signal also hinted in a not-so-subtle manner that it was adding code to its app that would sabotage or render useless any data that was collected by the Cellebrite's Physical analyser software on an iPhone with Signal installed. Since Signal didn't disclose exactly what steps they had taken to achieve this, 9to5Mac suggests that Cellebrite wasn't able to identify and protect its software from being compromised, which is why the tool was being discontinued for iPhones.

“It's possible to execute any code, and a real exploit payload would likely seek to undetectably alter previous reports, compromise the integrity of future reports (perhaps at random!), or exfiltrate data from the Cellebrite machine,” Marlinspike explained while demonstrating how Signal's software exploit worked.

Read more: Researcher claims Mark Zuckerberg uses Signal, app tweets he is ‘leading by example'

The report also states that Cellebrite issued a note saying that updates to Cellebrite UFED 7.44.0.205 and Cellebrite Physical Analyzer 7.44.2 had been released to “address a recently identified security vulnerability” and that the security patch “strengthens the protection” of the solutions. The company also reportedly informs users that s part of the update, the Advanced Logical iOS extraction flow “is now available in Cellebrite UFED only”.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 27 Apr, 23:12 IST
Tags:
NEXT ARTICLE BEGINS