Report bugs in law enforcement equipment sold by Israeli surveillance firm Cellebrite

The encrypted chat application Signal suggested in a blog post published on Wednesday that the products sold to law enforcement from the Israeli surveillance provider Cellebrite can be easily sabotaged.

Cellebrite DI, which specializes in helping law enforcement and intelligence services copy copies of call logs, text, photos and other data from smartphones, has been repeatedly subjected to previous sales to authoritarian governments, including Russia and China.

Signal, a privacy app eager to show how long it takes to protect users’ conversations, clashed with Cellebrite last year when the Israeli company said its equipment was upgraded to allow law enforcement to remove Signal messages from devices in their possession.

The creator and CEO of the signal, Moxie Marlinspike, said Wednesday in his blog post that he took possession of a bag of Cellebrite equipment and examined the equipment inside.

He was “surprised to find that very little attention seems to have been paid to Cellebrite’s software security,” Marlinspike said, noting that it would be easy to add a special file created on a phone that would derail Cellebrite’s functionality.

In a statement, Cellebrite did not directly address the Marlinspike statement, but said that the company’s employees “continuously audit and update our software to provide customers with the best digital intelligence solutions available.”

Elsewhere in his blog post, Marlinspike claimed to have found code snippets from Apple in the Cellebrite software, something he said “could pose a legal risk to Cellebrite and its users” if be done without permission.

Apple did not immediately respond to a request for comment.

Signal’s allegations come as Cellebrite prepares to go public through a merger with an empty verification firm, valuing the combined company’s equity at about $ 2.4 billion (about $ 17.980 billion).

© Thomson Reuters 2021

Is the old OnePlus 9R wine in a new bottle – or something more? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 11pm), we talk about the new OnePlus Watch. Orbital is available on Apple Podcasts, Google Podcasts, Spotify and wherever you get your podcasts.