Dec 17 , 2020
This week Israeli company Cellebrite made the audacious claim that they could decrypt Signal Private Messenger.
Cellebrite said that it had developed the Physical Analyzer to access data on Signal, which it said would help its users "uncover digital evidence and create court-ready exhibits".
The post was quickly deleted by Cellebrite & replaced with a much more sanitised post which still alluded to them having broken the worlds best, secure encryption communication tool.
Should I be worried? Can Signal be hacked?
When I read this, my immediate impression was that the story represented the worst kind of reporting - intentionally misleading to cause a knee jerk reacton. Other security researchers such as Etienne Maynier, a security researcher at Amnesty International, stated there was nothing "groundbreaking".
Relax, your are safe - Cellebrite has not hack Signal!
When reviewed from the IT professionals point of view, one can see Cellebrites claims are timid to say the least. On an unlocked phone they can generate a list of Signal messages. That is it - on a device which is unlocked, Cellebrite will generate a report showing Signal messages. This is no different than if you unlock your phone and hand it to someone to review your messages!
Signals creator, Moxie Marlin, tweeted " They could have also just opened the app to look at the messages."
The bottom line is this - when your Omerta phone is locked, Cellebrite cannot by pass this to review Signal. Cellebrite cannot read encrypted messages in transit. With your phone locked your data is secure.
Panic over - there is no need to re-invent your private communication channel!