The token has been stolen from the Cellebrite mobile phone hacking program used by the police

After the robbery, Cellebrite said it did I realized the way to log in to a secure Signal messaging program, Signal said blog post that it has changed the tables. Developer Moxie Marlinspike says his team found the Cellebrite scam and found several problems. He then said Signal would change the program to reduce any legal attempts at any time.

Cellebrite sells a series of “data analytics tools” called UFED that allow law enforcement officials to access iOS or Android phones and issue newsletters, text messages, photos and much more. The program was used extensively by the FBI for that Unlock the iPhone of the San San Bernardino shooter back in 2016-17, is said to have paid up to $ 900,000 per weapon.

Marlinspike managed to find a Cellebrite UFED, full of software and dongles, a joke that crashed into a car on its way to a hike. (Older types of weapons have appeared on eBay and other pages in the past.)

It also claims to have used old and old DLLs, including FFmpeg and MSI Windows software to launch Apple’s 2012 iTunes iTunes app. “Looking at UFED and Physical Analyzer, however, we were surprised to find that very little care is given to Cellebrites. the owner software security, ”he wrote.

The Signal team found that by combining “custom-made files without damaging any software on the device” created by Cellebrite, it was able to control the number that changes the UFED report. For example, it can insert or delete words, emails, photos, links and much more without leaving any distractions.

In a tweet (above), Signal highlighted this fraud, with UFED ranking a file designed to run numbers and display good news. However, the company said that “spending can pay off attempts to alter past reports, undermine the credibility of future reports, or erase information from Cellebrite machines.” Marlinspike is then able to establish this number within the Signal to destroy future Cellebrite efforts.

Signal released a number of birth tests tested by Cellebrite without giving the company a warning, but said it would change if Cellebrite retaliated. “We are committed to properly disclosing the risks we know to Cellebrite if they do the same for all the risks they incur in terms of their physical and other services to their vendors, here and in the future.”

Cellebrite sells Ars Technica “aims to protect the integrity of our customers’ information, and we continue to monitor and update our software to help our customers with the best digital intelligence solutions available.” What Signal needs to do is doubtless to see more of what has happened, as well as to be confirmed by other security experts.

All sales selected by Engadget are selected by our publishing team, independent of our parent company. Some of our articles include helpful links. If you purchase one of these links, we will be able to make a donation.