Slashdot Mirror

← Back to Stories (view on slashdot.org)

Leaked Files Reveal Scope of Cellebrite's Smartphone-Cracking Technology (zdnet.com)

Posted by BeauHD on from the behind-the-scenes dept.

An anonymous reader quotes a report from ZDNet: Earlier this year, we were sent a series of large, encrypted files purportedly belonging to a U.S. police department as a result of a leak at a law firm, which was insecurely synchronizing its backup systems across the internet without a password. Among the files was a series of phone dumps created by the police department with specialist equipment, which was created by Cellebrite, an Israeli firm that provides phone-cracking technology. We obtained a number of these so-called extraction reports. One of the more interesting reports by far was from an iPhone 5 running iOS 8. The phone's owner didn't use a passcode, meaning the phone was entirely unencrypted. The phone was plugged into a Cellebrite UFED device, which in this case was a dedicated computer in the police department. The police officer carried out a logical extraction, which downloads what's in the phone's memory at the time. (Motherboard has more on how Cellebrite's extraction process works.) In some cases, it also contained data the user had recently deleted. To our knowledge, there are a few sample reports out there floating on the web, but it's rare to see a real-world example of how much data can be siphoned off from a fairly modern device. We're publishing some snippets from the report, with sensitive or identifiable information redacted.

24 of 37 comments (clear)

  1. Apple and Google get ALL that data by Anonymous Coward · · Score: 1, Insightful

    And you agreed to give it to them.

    "Don't be evil" my ass.

    If you have a smart phone, any complaints you make about "warrantless wiretaps" or "massive government surveillance" are complaints about getting rained on while you're drowning in the ocean.

    1. Re:Apple and Google get ALL that data by wardrich86 · · Score: 1

      Google dropped that motto when they blew up into Alphabet. Their new motto is "Do what's right" ...pretty ambiguous if you ask me.

    2. Re:Apple and Google get ALL that data by Anonymous Coward · · Score: 1

      Google and Apple are only in it for the money. The worst they can do is sell the data they collected. Governments have almost limitless power and can combine data they grabbed from various sources.

    3. Re:Apple and Google get ALL that data by Anonymous Coward · · Score: 1

      Google and Apple are only in it for the money. The worst they can do is sell the data they collected. Governments have almost limitless power and can combine data they grabbed from various sources.

      And they turn around and sell that data to anyone who meets their price. So Google and Apple are doing government dirty work for money.

      How much more evil can they be?

    4. Re:Apple and Google get ALL that data by 110010001000 · · Score: 3, Insightful

      +1 insightful. In addition, the mobile service provider has all your texts, calls and location information. You are carrying a mini-data collector everywhere with you. And paying money for it too.

    5. Re: Apple and Google get ALL that data by Anonymous Coward · · Score: 1

      What the hell are these comments about?

      What does this have to do with Google at all or Apple being evil?

      There's nothing about companies selling your data.

      Also owner of the phone didn't encrypt the data so it's open to anyone with possession of the phone. It's not apple's fault.

      And like what the hell does Google got to do with this?

    6. Re: Apple and Google get ALL that data by fbobraga · · Score: 1

      There's nothing about companies selling your data.

      Also owner of the phone didn't encrypt the data so it's open to anyone with possession of the phone. It's not apple's fault.

      And like what the hell does Google got to do with this?

      This. (the whole tread was insane!)

  2. I always remind this sentence... by Parker+Lewis · · Score: 2

    "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" (Benjamin Franklin)

    1. Re:I always remind this sentence... by 110010001000 · · Score: 3, Insightful

      "Those who give up their Privacy by carrying a data collector around in their pocket, to have Convenience, deserve neither Privacy nor Convenience" (Me)

    2. Re:I always remind this sentence... by 110010001000 · · Score: 1

      Franklin would be at the top of the no-fly list if he were alive today.

    3. Re: I always remind this sentence... by Anonymous Coward · · Score: 1

      Well duh, he'd be 200+ years old, very suspicious. He also has a problem with getting women drunk and raping them.

    4. Re: I always remind this sentence... by 110010001000 · · Score: 1

      He probably grabbed em by the pussy too.

    5. Re:I always remind this sentence... by fbobraga · · Score: 1

      You don't have an Smartphone?

    6. Re:I always remind this sentence... by hAckz0r · · Score: 1

      Franklin would be at the top of the [British] no-fly list if he were alive today.

      French and American, not so much. United States didn't exist until after he was a dissident, and most Americans would give him a pass on that remark. Besides, how are you going to look him up if he had not been allowed to return back and "discover electricity"? Archibald Spencer might disagree with that so called "discovery" thing, since he had been lecturing on the subject since '43.

    7. Re:I always remind this sentence... by Anonymous Coward · · Score: 1

      No, he was stating that everyone needs guns. Read the fucking original source. The choices were between having the governor (not an elected governor, this was pre-revolution) handle Indian incursions (possibly ineffectively) by giving him more army, the temporary surrendering of liberty for safety, or by distributing arms to irregulars who were defending their land and lives.

    8. Re: I always remind this sentence... by Plus1Entropy · · Score: 1

      So what you're saying is we should put Trump on the $100 bill?

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
  3. painfullpy lacking on details by nimbius · · Score: 3, Interesting

    the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking.

    as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.

    --
    Good people go to bed earlier.
    1. Re:painfullpy lacking on details by Registered+Coward+v2 · · Score: 4, Informative

      the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking. as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.

      As I understand it, from what I've read, the software essentially does an unencrypted backup of the phone and then analyzes the data to produce the report. It also appears to only work on older iPhones that do not require a pass code to backup; thus rendering it useless on newer models.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    2. Re:painfullpy lacking on details by Shoten · · Score: 4, Informative

      the article outlines the general process of how a phone is intercepted and the software is applied, but it obviously does not go into details of how the data is found or transferred. my guess is these portable tablets cellbrite has developed contain ADB and developer tools to pull off what to a seasoned slashdotter is just a parlor trick, but to a police department is nothing short of magical CSI hacking.

      as hackers ourselves we need to ask more questions. what is the inner machination of this tablet? how do we defeat it? can it defeat password encryption? how about Signals password-based authentication? Is there a means by which contact lists can be hardened and encrypted? All of these questions are crucial in the next 10 years as most law enforcement does not bother with a warrant when theyre halfway through your roadsite fishing expedition.

      As I understand it, from what I've read, the software essentially does an unencrypted backup of the phone and then analyzes the data to produce the report. It also appears to only work on older iPhones that do not require a pass code to backup; thus rendering it useless on newer models.

      You hit the nail on the head.

      (Love your account name, by the way...epic!)

      For one thing, there was no passcode on the device. That's the reason for no encryption...all iPhones of this generation were encrypted so that you couldn't pull the data directly from memory storage. But since the phone was never locked, it was trivial to simply ask the phone to divulge all of its contents as a backup, which it did. No hacking, no exploitation...just like opening a shoebox to see what's inside.

      For another, you're right in that later models (if locked) would be harder to get into. Starting with one model later...the iPhone 5s...iPhones have had a separate trusted module known as "Secure Enclave." Basically, Secure Enclave is the vault that stores all the cryptographic material. The iPhone puts the keys to all of its eggs in that one basket, and then secures the bejezus out of that basket. The 5s has the A7 processor...and the A7 was the first processor to use Secure Enclave. The iPhone 5 has the A6.

      --

      For your security, this post has been encrypted with ROT-13, twice.
    3. Re:painfullpy lacking on details by fbobraga · · Score: 1

      typos happens, all the time: calm down, sir AC

  4. Re:Or they can force Apple to give them data by JcMorin · · Score: 2

    They have little choice but the say loud and clear and fight in court... the reality... they are forced to give the data. Ever heard of secret orders where the company can't even talk about it?

  5. Re:Or they can force Apple to give them data by fbobraga · · Score: 1

    +1 informative #appleSux

  6. Re:Or they can force Apple to give them data by Anonymous Coward · · Score: 1

    The key difference between Apple and Google is that Apple is working hard to make sure that it doesn't have the data to give to government authorities when they're asked. They're busy end-to-end encrypting things, and keeping data local to devices, rather than uploading it to their servers.

    The court case they fought was not about handing over data (because trying to fight that is a losing battle), it was about being forced to roll back their attempts to not have any data to give.

  7. Is it possible? by aklinux · · Score: 1

    I wonder if it's possible to have an innocuous, harmless to my phone, file on my phone that does interesting things to Cellebrite