Leaked Files Reveal Scope of Cellebrite's Smartphone-Cracking Technology (zdnet.com)

← Back to Stories (view on slashdot.org)

Leaked Files Reveal Scope of Cellebrite's Smartphone-Cracking Technology (zdnet.com)

Posted by BeauHD on Friday December 23, 2016 @01:00AM from the behind-the-scenes dept.

An anonymous reader quotes a report from ZDNet: Earlier this year, we were sent a series of large, encrypted files purportedly belonging to a U.S. police department as a result of a leak at a law firm, which was insecurely synchronizing its backup systems across the internet without a password. Among the files was a series of phone dumps created by the police department with specialist equipment, which was created by Cellebrite, an Israeli firm that provides phone-cracking technology. We obtained a number of these so-called extraction reports. One of the more interesting reports by far was from an iPhone 5 running iOS 8. The phone's owner didn't use a passcode, meaning the phone was entirely unencrypted. The phone was plugged into a Cellebrite UFED device, which in this case was a dedicated computer in the police department. The police officer carried out a logical extraction, which downloads what's in the phone's memory at the time. (Motherboard has more on how Cellebrite's extraction process works.) In some cases, it also contained data the user had recently deleted. To our knowledge, there are a few sample reports out there floating on the web, but it's rare to see a real-world example of how much data can be siphoned off from a fairly modern device. We're publishing some snippets from the report, with sensitive or identifiable information redacted.

37 comments

Min score:

Reason:

Sort:

Apple and Google get ALL that data by Anonymous Coward · 2016-12-23 01:15 · Score: 1, Insightful

And you agreed to give it to them.
"Don't be evil" my ass.
If you have a smart phone, any complaints you make about "warrantless wiretaps" or "massive government surveillance" are complaints about getting rained on while you're drowning in the ocean.
1. Re:Apple and Google get ALL that data by wardrich86 · 2016-12-23 01:24 · Score: 1
  
  Google dropped that motto when they blew up into Alphabet. Their new motto is "Do what's right" ...pretty ambiguous if you ask me.
2. Re:Apple and Google get ALL that data by Anonymous Coward · 2016-12-23 01:27 · Score: 1
  
  Google and Apple are only in it for the money. The worst they can do is sell the data they collected. Governments have almost limitless power and can combine data they grabbed from various sources.
3. Re:Apple and Google get ALL that data by Anonymous Coward · 2016-12-23 01:33 · Score: 1
  
  Google and Apple are only in it for the money. The worst they can do is sell the data they collected. Governments have almost limitless power and can combine data they grabbed from various sources.
  And they turn around and sell that data to anyone who meets their price. So Google and Apple are doing government dirty work for money.
  How much more evil can they be?
4. Re:Apple and Google get ALL that data by 110010001000 · 2016-12-23 01:48 · Score: 3, Insightful
  
  +1 insightful. In addition, the mobile service provider has all your texts, calls and location information. You are carrying a mini-data collector everywhere with you. And paying money for it too.
5. Re: Apple and Google get ALL that data by Anonymous Coward · 2016-12-23 03:08 · Score: 1
  
  What the hell are these comments about?
  What does this have to do with Google at all or Apple being evil?
  There's nothing about companies selling your data.
  Also owner of the phone didn't encrypt the data so it's open to anyone with possession of the phone. It's not apple's fault.
  And like what the hell does Google got to do with this?
6. Re: Apple and Google get ALL that data by fbobraga · 2016-12-23 03:27 · Score: 1
  
  There's nothing about companies selling your data.
  
  Also owner of the phone didn't encrypt the data so it's open to anyone with possession of the phone. It's not apple's fault.
  
  And like what the hell does Google got to do with this?
  
  This. (the whole tread was insane!)
Or they can force Apple to give them data by Anonymous Coward · 2016-12-23 01:24 · Score: 0

Sure, Apple makes a public fuss sometimes, but they give data to the government all the time.
1. Re:Or they can force Apple to give them data by JcMorin · 2016-12-23 02:43 · Score: 2
  
  They have little choice but the say loud and clear and fight in court... the reality... they are forced to give the data. Ever heard of secret orders where the company can't even talk about it?
2. Re:Or they can force Apple to give them data by fbobraga · 2016-12-23 03:23 · Score: 1
  
  +1 informative #appleSux
3. Re:Or they can force Apple to give them data by Anonymous Coward · 2016-12-23 03:55 · Score: 1
  
  The key difference between Apple and Google is that Apple is working hard to make sure that it doesn't have the data to give to government authorities when they're asked. They're busy end-to-end encrypting things, and keeping data local to devices, rather than uploading it to their servers.
  The court case they fought was not about handing over data (because trying to fight that is a losing battle), it was about being forced to roll back their attempts to not have any data to give.
I always remind this sentence... by Parker+Lewis · 2016-12-23 01:26 · Score: 2

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" (Benjamin Franklin)
1. Re:I always remind this sentence... by Anonymous Coward · 2016-12-23 01:51 · Score: 0
  
  Franklin never met isis/moscow/4chan or whomever the enemy is today.
2. Re:I always remind this sentence... by 110010001000 · 2016-12-23 01:51 · Score: 3, Insightful
  
  "Those who give up their Privacy by carrying a data collector around in their pocket, to have Convenience, deserve neither Privacy nor Convenience" (Me)
3. Re:I always remind this sentence... by 110010001000 · 2016-12-23 01:59 · Score: 1
  
  Franklin would be at the top of the no-fly list if he were alive today.
4. Re: I always remind this sentence... by Anonymous Coward · 2016-12-23 02:09 · Score: 1
  
  Well duh, he'd be 200+ years old, very suspicious. He also has a problem with getting women drunk and raping them.
5. Re: I always remind this sentence... by 110010001000 · 2016-12-23 02:16 · Score: 1
  
  He probably grabbed em by the pussy too.
6. Re:I always remind this sentence... by GameboyRMH · 2016-12-23 02:20 · Score: 0
  
  Probably not, but as a ponytailed uberhacker he would be getting more than his fair share of NSA surveillance and he would probably be pulled aside in airport security often. Think Moxie Marlinspike, Nadim Kobeissi etc.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
7. Re:I always remind this sentence... by fbobraga · 2016-12-23 03:30 · Score: 1
  
  You don't have an Smartphone?
8. Re:I always remind this sentence... by Anonymous Coward · 2016-12-23 03:31 · Score: 0
  
  The hilarious thing is that when Franklin wrote this, he was defending the Pennsylvania legislature's authority to levy taxes.
9. Re: I always remind this sentence... by Anonymous Coward · 2016-12-23 03:44 · Score: 0
  
  Imagine his wonderful twitter account
  @realbenfranklin already taken
10. Re:I always remind this sentence... by hAckz0r · 2016-12-23 04:22 · Score: 1
  
  Franklin would be at the top of the [British] no-fly list if he were alive today.
  French and American, not so much. United States didn't exist until after he was a dissident, and most Americans would give him a pass on that remark. Besides, how are you going to look him up if he had not been allowed to return back and "discover electricity"? Archibald Spencer might disagree with that so called "discovery" thing, since he had been lecturing on the subject since '43.
11. Re:I always remind this sentence... by Anonymous Coward · 2016-12-23 05:30 · Score: 0
  
  I believe the original quote was from Thomas 'Telco' Jefferson, the nation's 3rd fiber optic layer. I am happy to meet you! You are currently memorialized on the $2 bill. Which, interestingly enough, is the only currency telecommunications companies will not accept when paying your bill. This is because they are trying to rewrite history, and abandon you, the original MR. Telco! My rendition though is true history of course & I acknowledge you!!
  PS: please lay fibre near my house.
12. Re:I always remind this sentence... by Anonymous Coward · 2016-12-23 05:45 · Score: 0
  
  You're an idiot. No amount of "safety" (it's a false safety btw) is worth giving up any amount of liberty or privacy. Our government was created to get out from under a repressive government. Now we are repeating history and the politicians and corporate interests that make money off of the war machine use terrorism to remove privacy and liberty in the name of power and money, er I mean "safety" (you're less safe in this environment than in one where you have privacy and liberty)
  Unfortunately there is no other land which isn't claimed by some government or indigenous people that can be kicked out and taken over to move to like people had 200 years ago. So millions or billions of people will have a couple of hundred years of suffering before they can move off planet and migrate to another place that to get out from under repressive governments. Just to start the cycle over again, that is unless for once in human history we can actually learn from history and keep corporate interests entirely out of our lives.
13. Re:I always remind this sentence... by Anonymous Coward · 2016-12-23 05:53 · Score: 1
  
  No, he was stating that everyone needs guns. Read the fucking original source. The choices were between having the governor (not an elected governor, this was pre-revolution) handle Indian incursions (possibly ineffectively) by giving him more army, the temporary surrendering of liberty for safety, or by distributing arms to irregulars who were defending their land and lives.
14. Re: I always remind this sentence... by Plus1Entropy · 2016-12-23 09:38 · Score: 1
  
  So what you're saying is we should put Trump on the $100 bill?
  
  --
  Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
15. Re: I always remind this sentence... by Anonymous Coward · 2016-12-23 10:17 · Score: 0
  
  Yes, demonstrating the grabbins'
16. Re: I always remind this sentence... by Anonymous Coward · 2016-12-24 03:12 · Score: 0
  
  AFAIK, he only took credit for proving that the electricity in clouds was the same as the electricity researchers already knew how to generate.
The extraction report is not surprising by Anonymous Coward · 2016-12-23 01:27 · Score: 0

The content is pretty much what one would except--nothing there was unexpected.
The only two things that I found interesting was the poor security practices at the law firm and the computer case in the stock photo in the Zdnet article--I'm looking for a case that has 3 to 4 external 5.25" bays, about 18" tall, and has good air flow.
painfullpy lacking on details by nimbius · 2016-12-23 01:56 · Score: 3, Interesting

the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking.

as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.

--
Good people go to bed earlier.
1. Re:painfullpy lacking on details by Registered+Coward+v2 · 2016-12-23 02:05 · Score: 4, Informative
  
  the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking. as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.
  As I understand it, from what I've read, the software essentially does an unencrypted backup of the phone and then analyzes the data to produce the report. It also appears to only work on older iPhones that do not require a pass code to backup; thus rendering it useless on newer models.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
2. Re:painfullpy lacking on details by Shoten · 2016-12-23 02:51 · Score: 4, Informative
  
  the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking.
  as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.
  As I understand it, from what I've read, the software essentially does an unencrypted backup of the phone and then analyzes the data to produce the report. It also appears to only work on older iPhones that do not require a pass code to backup; thus rendering it useless on newer models.
  You hit the nail on the head.
  (Love your account name, by the way...epic!)
  For one thing, there was no passcode on the device. That's the reason for no encryption...all iPhones of this generation were encrypted so that you couldn't pull the data directly from memory storage. But since the phone was never locked, it was trivial to simply ask the phone to divulge all of its contents as a backup, which it did. No hacking, no exploitation...just like opening a shoebox to see what's inside.
  For another, you're right in that later models (if locked) would be harder to get into. Starting with one model later...the iPhone 5s...iPhones have had a separate trusted module known as "Secure Enclave." Basically, Secure Enclave is the vault that stores all the cryptographic material. The iPhone puts the keys to all of its eggs in that one basket, and then secures the bejezus out of that basket. The 5s has the A7 processor...and the A7 was the first processor to use Secure Enclave. The iPhone 5 has the A6.
  
  --
  
  For your security, this post has been encrypted with ROT-13, twice.
3. Re:painfullpy lacking on details by Anonymous Coward · 2016-12-23 03:00 · Score: 0
  
  painfullpy?
  Is that a Python torture script? Wouldn't Perl be better?
4. Re:painfullpy lacking on details by fbobraga · 2016-12-23 03:32 · Score: 1
  
  typos happens, all the time: calm down, sir AC
5. Re:painfullpy lacking on details by Anonymous Coward · 2016-12-23 09:14 · Score: 0
  
  The 5s has the A7 processor...and the A7 was the first processor to use Secure Enclave. The iPhone 5 has the A6.
  Welp, you just convinced me I have to upgrade from my 5 to a 5S.
verizon by Anonymous Coward · 2016-12-23 03:55 · Score: 0

for all you morons who are to stupid and or lazy to
to have a back up of your own phone data and transfer it your self the machines verizon and most wireless carriers use to copy your data are made by cellbrite...
Is it possible? by aklinux · 2016-12-24 11:49 · Score: 1

I wonder if it's possible to have an innocuous, harmless to my phone, file on my phone that does interesting things to Cellebrite