the Cellebrite physical analyzer – the most intrusive phone hacking tool the company offers – no longer fully supports iPhones, according to a document shared with us. The company has stopped offering this deep dive into the data stored on iPhones following the discovery and exploitation of a vulnerability by the secure messaging app Signal.
Signal discovered several security vulnerabilities in Cellebrite’s software and was able to find a way to trick iPhones into corrupting scan results using Physical Analyzer …
Cellebrite offers hardware and software designed to allow users to break into and extract data from smartphones. The company’s products are used by law enforcement around the world, including those in some unsavory nation states that may use them to quell political dissidents.
Signal has managed to get its hands on the software suite, including the Physical Analyzer module, which offers the deepest dive into the data stored on a smartphone. The courier company performed its own analysis of the software, uncovering a surprising number of security vulnerabilities.
He was able to exploit one of them to allow any iPhone to corrupt the data on any machine running the software. This would not only make the scan of the connected iPhone unnecessary, but also corrupt the results of past and future scans using the same machine.
All that was needed, Signal said in a blog post, was to place a carefully crafted file on the device. The message stated that the company is now doing this for all Signal users. Indeed, even some non-Signal users have chosen to install the app just to get this protection.
The company chose an ironic tone in making the announcement.
In completely independent news, future versions of Signal will periodically retrieve files to be placed in application storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look good and aesthetics are important in software.
Cellebrite Physical Analyzer Announcement
Cellebrite responded by updating its software to address some of the security holes. However, it appears that he was unable to protect himself against the method Signal used to corrupt Physical Analyzer software, as it told users that the app no longer allowed scanning iPhones to be done. most intrusive module help available.
This message is intended to inform you that new product updates are available for the following solutions:
Cellebrite UFED v220.127.116.11
Cellebrite Physical Analyzer v7.44.2
Cellebrite UFED Cloud v7.44.2
Cellebrite UFED 18.104.22.168 and Cellebrite Physical Analyzer 7.44.2 have been released to address a recently identified security vulnerability. This security patch strengthens the protection of solutions.
As part of the update, the Advanced Logical iOS checkout stream is now only available in Cellebrite UFED.
This is likely a big blow to Cellebrite’s operations, as it describes Physical Analyzer as “the industry standard for examining digital data.”
FTC: We use automatic income generating affiliate links. After.