[ad_1]
Not so long Years ago, companies who hacked personal devices on behalf of governments did so in secret, closely monitoring even descriptions of their capabilities. It now seems that they proudly tweet about their updated capabilities to hack new iPhones, such as a video game firm offering an extension pack.
On Friday afternoon, the Israeli criminal law firm and law enforcement subcontractor Cellebrite announced publicly ad a new version of his product called universal forensic extraction device or UFED, which he calls UFED Premium. In the marketing of this update, the tool indicates that the tool can now unlock all the cops of iOS devices, including those running iOS 12.3, released just a month ago . According to Cellebrite, UFED Premium can also extract files from many recent Android phones, including the Samsung Galaxy S9. No other law enforcement subcontractor has made such claims about a single product, at least not publicly. This decision marks not only another step in the game of cat and mouse between smartphone makers and government-sponsored companies seeking to defeat their security, but also a more public phase of this security face-off .
"Cellebrite is proud to present #UFED Premium – an exclusive solution for law enforcement to unlock and extract data from all high-end iOS and Android devices," the company said. wrote on his Twitter feed for the UFED product. On a linked web page, he describes the ability of the new UFED tool to retrieve detailed forensic data from any iOS device dating back to iOS 7, and Android devices not only from Samsung but also from Huawei, LG and Xiaomi. Cellebrite calls UFED Premium "the only on-site solution allowing law enforcement to unlock and extract crucial mobile evidence from all high-end iOS and Android devices".
This announcement follows an Apple initiative last fall aimed at adding new security measures that paralyze another unlocking tool for iPhone, the GrayKey devices, sold by the US company Grayshift, to Atlanta, who have become popular among the American forces of order.
An iOS security expert who spoke to WIRED said that Grayshift has since developed tools to unlock at least some versions of iOS 12. However, it's only recently that it has started working on a tool that can unlock Android devices, according to a report from Forbes Cellebrite said his new tool could unlock encrypted phones running Apple or Google operating systems.
"This will allow investigators to access newer and up-to-date devices that they did not have access to before," said Sarah Edwards, forensic scientist in the SANS Safety Training Group. Institute. Neither Cellebrite nor Grayshift have responded to WIRED's request for comments for more information on their latest phone hacking tools.
Cellebrite also likely has the ability to unlock iOS 12.3 devices before the announcement, said Dan Guido, founder of New York-based security firm Trail of Bits and a long-time iOS-based security researcher. "It is understood that this is the trade in which Cellebrite works," he says. "It was only a matter of time until they solved the problem, then told people that they were solving it, what we are seeing now."
"It introduces a whole lot of new risks."
Dan Guido, Trail of the jaws
More surprisingly, Guido and other observers of the arms race on iOS say, this is how Cellebrite publicly trumpets his new tool. Guido suggests that the rising tide of advertising around even more aggressive hackers, such as the NSO group, has been revealed many times during remote hacking of iPhone and Android devices, rather than by the Internet. More common physical access allowed by Cellebrite – could have Cellebrite feel that he is free to talk openly about his relatively tame techniques. "We are in 2019. I am a little surprised that someone has taken so much time to talk openly about this," added Guido.
But competition with Grayshift, a company founded by a former security executive at Apple, whose GrayKey devices have sometimes managed to break iPhones that Cellebrite could not, could also have motivated a more public approach, says Matthew Hickey, founder from the security company Hacker. House that closely monitored Cellebrite's product offerings. "I imagine that they are trying to take a share of the GrayKey market, they are trying to win back some of those customers," he says.
As with GrayKey, the new UFED Premium will be sold as an "on-site" tool, allowing the police to purchase the company's hacking device and use it on its own. This is certainly convenient for law enforcement, but it also increases the risk that Cellebrite will lose control of its advanced unlocking techniques, or that they fall into the hands of criminals or criminals. repressive governments. Hickey notes that he was able to buy old Cellebrite tools on eBay. "This introduces a whole host of new risks," said Guido.
Neither Apple nor Google immediately responded to a request for comment regarding the announcement of the new UFED product by Cellebrite. Apple should at least release a new version of its mobile operating system, iOS 13, in September, with a beta version of next month that should return Grayshift and Cellebrite to the drawing table. The game of cats and mice continues.
More great cable stories
[ad_2]
Source link