{"id":42092,"date":"2021-04-21T15:30:08","date_gmt":"2021-04-21T19:30:08","guid":{"rendered":"http:\/\/pappp.net\/?guid=a2d2af2955ebab7d6f6332446dd7c966"},"modified":"2021-04-21T15:30:08","modified_gmt":"2021-04-21T19:30:08","slug":"in-epic-hack-signal-developer-turns-the-tables-on-forensics-firm-cellebrite","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=42092","title":{"rendered":"In epic hack, Signal developer turns the tables on forensics firm Cellebrite"},"content":{"rendered":"<p class=\"syndicated-attribution\">Source: <a href=\"https:\/\/arstechnica.com\/?p=1759092\">Ars Technica<\/a><\/p>\n<div style=\"background-color : #fff7d5;\n\t\t\tborder-width : 1px; padding : 5px; border-style : dashed; border-color : #e7d796;margin-bottom : 1em; color : #9a8c59;\">Article note: This is beautiful.<\/div><div>\n<figure><img src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/04\/cellebrite-hack-800x353.jpg\" alt=\"In epic hack, Signal developer turns the tables on forensics firm Cellebrite\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/04\/cellebrite-hack.jpg\" rel=\"noopener noreferrer\">Enlarge<\/a> (credit: <a rel=\"noopener noreferrer\" href=\"https:\/\/signal.org\/en\/\">Moxie Marlinspike\/Signal<\/a>)<\/p>  <\/figure><div><a name=\"page-1\"><\/a><\/div>\n<p>For years, Israeli digital forensics firm Cellebrite has helped governments and police around the world break into confiscated mobile phones, mostly by exploiting vulnerabilities that went overlooked by device manufacturers. Now, Moxie Marlinspike&mdash;the brainchild behind the Signal messaging app&mdash;has turned the tables.<\/p>\n<p>On Wednesday, Marlinspike <a href=\"https:\/\/signal.org\/blog\/cellebrite-vulnerabilities\/\" rel=\"noopener noreferrer\">published a post<\/a> that reported vulnerabilities in Cellebrite software that allowed him to execute malicious code on the Windows computer used to analyze a device. The researcher and software engineer exploited the vulnerabilities by loading specially formatted files that can be embedded into any app installed on the device.<\/p>\n<h2>Virtually no limits<\/h2>\n<p>&ldquo;There are virtually no limits on the code that can be executed,&rdquo; Marlinspike wrote.<\/p><\/div><p><a href=\"https:\/\/arstechnica.com\/?p=1759092#p3\" rel=\"noopener noreferrer\">Read 12 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=1759092&amp;comments=1\" rel=\"noopener noreferrer\">Comments<\/a><\/p><div>\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=pl66P-f6Dw0:E3UULyIs_8Y:V_sGLiPBpWU\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=pl66P-f6Dw0:E3UULyIs_8Y:V_sGLiPBpWU\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=pl66P-f6Dw0:E3UULyIs_8Y:F7zBnMyn0Lo\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=pl66P-f6Dw0:E3UULyIs_8Y:F7zBnMyn0Lo\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=pl66P-f6Dw0:E3UULyIs_8Y:qj6IDK7rITs\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=qj6IDK7rITs\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=pl66P-f6Dw0:E3UULyIs_8Y:yIl2AUoC8zA\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=yIl2AUoC8zA\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: Moxie Marlinspike\/Signal)<br \/>\nFor years, Israeli digital forensics firm Cellebrite &#8230;<\/p>\n<p> <a href=\"https:\/\/pappp.net\/?p=42092\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-42092","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/42092","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=42092"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/42092\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=42092"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=42092"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=42092"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}