You guys are living in 2013 or watching too many movies.
No one needs to physically borrow your phone to download all the data anymore. It’s all done remotely, and it’s been that way for several years.
All the people in the legal evidentiary chain of custody are well aware of Cellebrite, and they have been for years. Nothing is being done behind anyone’s back.
I must be missing something as a 20+ year law enforcement veteran and digital forensics examiner with Cellebrite certifications, then! [sarcasm]
There is no remote downloading of device data. You watch too much TV.
Well considering there are already a bunch of lawsuits against NSO the maker of Pegasus, and probably hundreds more to come I guess all those people and companies that were/are infected are all lying. Maybe you are truly just unaware of the capabilities of software these days. But I hope the sue that company out of existence.
Here is a little piece from a article about Pegasus.
"In 2019 WhatsApp revealed that NSO’s software had been used to send malware to more than 1,400 phones by exploiting a zero-day vulnerability. Simply by placing a WhatsApp call to a target device, malicious Pegasus code could be installed on the phone, even if the target never answered the call. More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks."
These are just a few of the NON click attacks that has public awareness. There are more than a few Pegasus clones out there as well.
But my whole point everything with Pegasus is remote and it can download important information all without the user potentially having ever clicked on anything. Pegasus does also have clickable attack vectors as well because zero day non click options are patched fairly quickly once made known to the companies.
Comments
e.g.
U.S. border agents do not need warrants to search digital devices, court rules — https://www.reuters.com/article/us-usa-immigration-privacy-idUSKBN2AA2AL
Or Customs officials have copied Americans’ phone data at massive scale — https://www.washingtonpost.com/technology/2022/09/15/government-surveillance-database-dhs/