Signal app creator alleges security flaws in Cellebrite equipment

The app's founder also alleged he had found snippets of code from Apple inside Cellebrite's software, something he said "might present a legal risk for Cellebrite and its users" if it was done without authorisation.

By:REUTERS
| Updated on: Aug 21 2022, 16:48 IST
FILE PHOTO: The Signal messaging app logo is seen on a smartphone, in front of the same displayed same logo, in this illustration taken, January 13, 2021.
FILE PHOTO: The Signal messaging app logo is seen on a smartphone, in front of the same displayed same logo, in this illustration taken, January 13, 2021. (REUTERS)

Encrypted chat app Signal suggested in a blog post published on Wednesday that products sold to law enforcement from Israeli surveillance provider Cellebrite can easily be sabotaged.

Cellebrite DI Ltd, which specializes in helping law enforcement and intelligence agencies copy call logs, texts, photos and other data off of smartphones, has repeatedly come under fire for past sales to authoritarian governments, including Russia and China.

You may be interested in

7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
5% OFF
Apple iPhone 15 Plus 256GB
  • Black
  • 6 GB RAM
  • 256 GB Storage
9% OFF
Apple iPhone 15 256GB
  • Black
  • 6 GB RAM
  • 256 GB Storage

Signal, a privacy-focused app eager to show the lengths it goes to protect users' conversations, clashed with Cellebrite last year when the Israeli company said its equipment was upgraded to allow law enforcement to scoop up Signal messages from devices in their possession.

Also read
Looking for a smartphone? To check mobile finder click here.

Also read: Signal jokes about WhatsApp's 'downtime', reports spike in user registrations

Signal creator and CEO Moxie Marlinspike said in his blog post on Wednesday he had come into possession of a bag of Cellebrite equipment and examined the gear inside.

He was "surprised to find that very little care seems to have been given to Cellebrite's own software security," Marlinspike said, noting it would be easy to add a specially crafted file onto a phone that would derail Cellebrite's functionality.

In a statement, Cellebrite did not directly address Marlinspike's claim but said that the company's employees "continually audit and update our software in order to equip our customers with the best digital intelligence solutions available."

Don't miss: Researcher claims Mark Zuckerberg uses Signal, app tweets he is ‘leading by example'

Elsewhere in his blog post, Marlinspike alleged he had found snippets of code from Apple inside Cellebrite's software, something he said "might present a legal risk for Cellebrite and its users" if it was done without authorisation.

Apple did not immediately respond to a request for comment.

Signal's allegations come as Cellebrite prepares to go public through a merger with a blank-check firm, valuing the equity of the combined company at around $2.4 billion.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 22 Apr, 15:31 IST
Tags:
NEXT ARTICLE BEGINS