Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Phone Hackers At Cellebrite Have Had Their Firmware Leaked Online (vice.com)

Posted by BeauHD on from the reverse-engineered dept.

An anonymous reader quotes a report from Motherboard: Cellebrite, an Israeli company that specializes in digital forensics, has dominated the market in helping law enforcement access mobile phones. But one apparent reseller of the company's products is publicly distributing copies of Cellebrite firmware and software for anyone to download. Although Cellebrite keeps it most sensitive capabilities in-house, the leak may still give researchers, or competitors, a chance to figure out how Cellebrite breaks into and analyzes phones by reverse-engineering the files. The apparent reseller distributing the files is McSira Professional Solutions, which, according to its website, "is pleased to serve police, military and security agencies in the E.U. And [sic] in other parts of the world." McSira is hosting software for various versions of Cellebrite's Universal Forensic Extraction Device (UFED), hardware that investigators can use to bypass the security mechanisms of phones, and then extract data from them. McSira allows anyone to download firmware for the UFED Touch, and a PC version called UFED 4PC. It is also hosting pieces of Cellebrite forensic software, such as the UFED Cloud Analyzer. This allows investigators to further scrutinize seized data. McSira is likely offering downloads so customers can update their hardware to the latest version with as little fuss as possible. But it may be possible for researchers to take those files, reverse-engineer them, and gain insight into how Cellebrite's tools work. That may include what sort of exploits Cellebrite uses to bypass the security mechanisms of mobile phones, and weaknesses in the implementation of consumer phones that could be fixed, according to one researcher who has started to examine the files, but was not authorised by his employer to speak to the press about this issue.

12 of 29 comments (clear)

  1. Re:Sent them email by RandomSurfer314 · · Score: 1

    Right, because terrorists customarily reverse engineer custom firmware from surveillance companies for educational purposes.

  2. Re:Sent them email by 110010001000 · · Score: 4, Funny

    You seem to be awfully familiar with what terrorists do. Reported.

  3. Re:Sent them email by 110010001000 · · Score: 1

    So you are saying the terrorists hate our freedoms?

  4. Clickbait? by 1080bogus · · Score: 4, Interesting

    McSira isn't hosting the files as indicated in the story. They merely link to Cellebrite's CDN. Cellebrite is exposing their own firmware, not the reseller.

  5. Re:Sent them email by sjames · · Score: 1

    Too late.

    Once again proving that promises along the lines of "this will only be used for legitimate investigations by law enforcement" are fairly worthless. Neither good intentions, obligations, nor monetary interest will keep this sort of thing secret.

  6. Let me get this straight by Tablizer · · Score: 1

    Hackers hacked by hackers using recursive hacking recursion.

    --
    Table-ized A.I.
  7. Re:Sent them email by RandomSurfer314 · · Score: 1

    Better than you, apparently.

  8. Re:Sent them email by myowntrueself · · Score: 1

    I sent them email pointing this out. They should remove these download links and only provide them to customers. Otherwise the terrorists have won.

    I hope that email was strongly worded!

    --
    In the free world the media isn't government run; the government is media run.
  9. I hope the manufacturers use these by jonwil · · Score: 1

    I hope the manufacturers of the phone hardware being targeted download these firmware files, reverse engineer them and fix whatever exploits the firmware files are taking advantage of.

    The good thing about running a phone (the Nokia N900 Linux-based phone) so obscure even most geeks dont know a lot about it is that no-one is going to bother writing exploits or hacks for it.

  10. Re:We generally try to avoid posting leaks and rum by Trax3001BBS · · Score: 1

    but we made an exception for one so why not two in a row?

    /. is a great place to get files and questionable material, as there's safety in numbers.

    I have a game that my player wears a pirate hat, it was a thepiratebay post on ./ and only that one version has the hat. It's one of a collection of games. I'm still sitting on JSTOR (Thank you Aaron Swartz), one day I'll get around to reading it.

    I've always enjoyed /. for that ability. And yes I went looking for UFED 4PC, even if I never have a use for it.

  11. Re:Where are the firmware file links? by Trax3001BBS · · Score: 1

    I don't see links to 4PC and Touch firmwares above...

    Click on the summery link then use your mouse to scroll the top section, but now one is met with a SALES INQUIRY.
    http://www.cellebrite.com/Mobi...

  12. Re:Where are the firmware file links? by Trax3001BBS · · Score: 1

    I don't see links to 4PC and Touch firmwares above...

    This might be the link http://www.mcsira.com/web/8888... but I'm not going to join a mailing list to download a file, nor click on a flash link.