New App to combat Cellebrite attacking your Phone.

Sep 30 , 2021

New App to combat Cellebrite attacking your Phone.

ECellebrite is a dubious Israeli company whom practises hacking for the highest bidder. These skills get condensed into a little electronic box of tricks called a UFED - Universal Forensic Extraction Device. 

Cellebrites wonder machine helps Law Enforcement Agencies rapidly access mobile phones storage areas, allowing for the rapid identification of the handsets contents. By presenting the users with data in an already organised fashion allows the users more time to study the data & curate evidence. If the handset has a lock on it, Cellebrite will also try to bypass this with one of its many hacks.

Data extracted by Cellebrite is used in many courts across the land & indeed globally. In fact, part of Cellebrites growth allegedly includes  the expansion into countries whereby Law Enforcement regularly commits  Human Rights violations. Countries whereby the accused get a kangaroo court, a pre-decided judgement, a bullet in the back of the head & the family gets billed for the bullet.

So given the seriousness of the outcomes surely Cellebrite makes a UFED that is beyond reproach?

Sadly, no it would seem. Whilst Omerta supports the use of data in the pursuit of justice; that is on the assumption the data extraction is a secure process that is water tight. And water tight Cellebrite is not, according to the creator of Signal Private Messenger, Moxy Marlinspike. 

Cellebrite regularly publishes stories about how they have finally broke Signal, yet when investigated they have done little more than list messages from a phone which is unlocked in the first instance. So no different than if you unlocked your phone and passed it to a colleague to look at.

The problem is that these are headline grabbing  soundbytes finally got back to Signal & in return Moxy 'found' a Cellebrite machine & decided to investigate how this notorious machine worked.

You can read in full about the investigation here; needless to say, the UFED was riddled with exploits which would allow a party to hack the Cellebrite machine. Moxy was able to plant new information on the device, delete evidence, add or remove time stamps & essentially render the device a liability rather than a useful tool. Remember evidence collected from these devices are used in courts around the world yet it would appear the ability to tamper with the evidence it produces is possible & worse still, relatively easy to do.

`Given the nature of this threat, I was delighted this week to discover a new app called LockUp by Matt Bergin of Korelogic. LockUp takes cues from the resident device should it be plugged into a Cellebrite. On confirming a Cellebrite unit is actually connected, the app will initiate a factory reset on the handset.

The app will be a regular feature on all new Omerta phones, deactivated of course, so owners can decide if they want to test out the new feature. Existing Omerta owners can download the app from the link below:

LockUp (Cellebrite UFED self-defence app)https://f-droid.org/packages/io.nekohasekai.lockup