They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
So what? If you got skills, and doing it legally I have zero problem with it. Apple has some of the strongest phone security around, but these guys apparently can pinch through it. Good for them. It’ll just mean Apple will be even more determined to increase security.
Ever notice that Android is never brought up in these kind of discussions? Android users should be extremely concerned.
About what? I can't think of one single thing I have of my phone or that I've ever done with my phone that Cellebrite would have the slightest interest in, and I'll wager not anything on yours either. The impact of whatever hack they have discovered to ANYONE here is non-existent IMHO. If tthe day ever comes that you, or even some local policing agency, can access my phone unassisted then perhaps there's reason to sit up and take notice. In truth most of our current phones whether Android iOS are capable of being secured against all but the most talented professional hackers.
If a company like Cellebrite is tasked with breaking into your phone there's a heckuva good and valid reason behind it IMO and I say best of luck.
I think you and I are in agreement Gator. This hack requires physical access to one's phone, and it sounds from prior (rumor) stories that it requires some serious engineering skills on top of that. Be it that the price of admission is not cheap, if someone did something that warrants Cellebrite getting involved, I'm not going to necessarily have any issues with it. That doesn't mean Apple should rest on their laurels. I'm sure someone's mission at Apple is to figure out what Cellebrite is doing and patch that security hole, it it can indeed be patched. Some rumors are that Cellebrite removes the NAND chips, clones them, and begins the brute-force attacks. Serious stuff for serious criminals.
I have yet to read ONE article anywhere about some agency - any agency - raising a stink about breaking into an Android phone. So while I supposed it can be "secured" - whatever the marketing folks at Google like to call it - I seriously doubt any real security is even being used.
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
That’s not accurate. Governments are major employers of hackers to get into all sorts of systems, foreign and domestic.
My point exactly. Governments can hack all they want but me hacking them or anyone else is illegal. Why is that?
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
So what? If you got skills, and doing it legally I have zero problem with it. Apple has some of the strongest phone security around, but these guys apparently can pinch through it. Good for them. It’ll just mean Apple will be even more determined to increase security.
Ever notice that Android is never brought up in these kind of discussions? Android users should be extremely concerned.
About what? I can't think of one single thing I have of my phone or that I've ever done with my phone that Cellebrite would have the slightest interest in, and I'll wager not anything on yours either. The impact of whatever hack they have discovered to ANYONE here is non-existent IMHO. If tthe day ever comes that you, or even some local policing agency, can access my phone unassisted then perhaps there's reason to sit up and take notice. In truth most of our current phones whether Android iOS are capable of being secured against all but the most talented professional hackers.
If a company like Cellebrite is tasked with breaking into your phone there's a heckuva good and valid reason behind it IMO and I say best of luck.
I think you and I are in agreement Gator. This hack requires physical access to one's phone, and it sounds from prior (rumor) stories that it requires some serious engineering skills on top of that. Be it that the price of admission is not cheap, if someone did something that warrants Cellebrite getting involved, I'm not going to necessarily have any issues with it. That doesn't mean Apple should rest on their laurels. I'm sure someone's mission at Apple is to figure out what Cellebrite is doing and patch that security hole, it it can indeed be patched. Some rumors are that Cellebrite removes the NAND chips, clones them, and begins the brute-force attacks. Serious stuff for serious criminals.
I have yet to read ONE article anywhere about some agency - any agency - raising a stink about breaking into an Android phone. So while I supposed it can be "secured" - whatever the marketing folks at Google like to call it - I seriously doubt any real security is even being used.
FWIW I'm not at all concerned that any local agency has the talent to defeat my Android phone's default encryption. They're not going to be able to access my phone any easier than yours IMHO. As I've been reading it Cellebrite's products are needed to access the encrypted data in the more recent Android handsets running Nougat or better.
"The newest Cellebrite product, UFED 6.0, boasts dozens of new and improved features with the ability to extract data from 51 Samsung Android devices including the Galaxy S7 and Galaxy S7 Edge, the latest flagship models for Android’s most popular brand, as well as the new high-end Google Pixel Android devices."
Cellebrite cracked an old iPhone 5c (the LAST iPhone with a 32-bit processor, and WITHOUT a Secure Enclave chip).
If a criminal has an iPhone, they have probably disabled Touch ID or Face ID, since biometrics can be easily tricked. But with an iPhone that can ONLY be unlocked with a complex alpha-numeric passcode, it is impossible for Cellebrite (or anyone else) to break into it.
It’s about time Apple open sources more of their software. They can still fully own their code anyway. Security through obscurity only goes so far.
If it’s open, the community can locate and contribute to finding weaknesses instead of allowing the likes of Cellebrite to find weaknesses they plan to keep secret to the general public.
Then how come there are more security risks/vulnerbilities with Android than iOS? But open!
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
So what? If you got skills, and doing it legally I have zero problem with it. Apple has some of the strongest phone security around, but these guys apparently can pinch through it. Good for them. It’ll just mean Apple will be even more determined to increase security.
Ever notice that Android is never brought up in these kind of discussions? Android users should be extremely concerned.
If a company like Cellebrite is tasked with breaking into your phone there's a heckuva good and valid reason behind it IMO and I say best of luck.
Yeah not really. Even standard criminal cases have piles of phones they want access to. Not every suspect is guilty, but that doesn't mean the police doesn't want to poke around.
Your argument basically boils down to "I've got nothing to hide!" Which is akin to the "First they came..." poem:
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
That’s not accurate. Governments are major employers of hackers to get into all sorts of systems, foreign and domestic.
My point exactly. Governments can hack all they want but me hacking them or anyone else is illegal. Why is that?
You're asking why it's illegal to break the law? Like how you have obey speed limits and can't run stop signs and red lights, or drive on the wrong side of the road, but a fire engine is allowed? Is that the kind of comparison you're making, because I don't see it as being the same.
"There's a public safety imperative here," NO, there is a for-profit imperative here!
Absolutely correct. “Public safety imperative” is simply a smokescreen and means of building themselves up as having some sort of magnanimous, lofty purpose. They’re just selling themselves to the highest bidder. Their philosophy is no different than weapons manufacturers. It’s only a matter of time before this government gets a hold of this tech. Then we’re all fucked.
Black hats have been already doing this for awhile.
You could say that Cellbrite might have connections to the Israeli hackers mentioned in the above article. That could explain how they were able to get into the iPhone 5c for the FBI.
One thing that has never been mentioned is that what information was extracted from that 5c and if it was useful to the investigation. It seems to me if there was pertinent information that would help the investigation, the FBI would have mentioned it and explained that because of that, there needs to be a "backdoor" to iOS.
The one point tinfoil hat people make that is true is, as long as you have something that can connect to the internet, you are vulnerable. It doesn't mean that you have been compromised, just that you are vulnerable.
Educate yourself on how you can keep yourself secure. Start with complex passwords and check everything you own that connects to the internet and make sure there aren't any firmware updates to prevent you from being compromised.
Lastly, stop sharing every F@cking detail about yourself on social media.
And if you truly are out to kill innocents, kidnap my children, or bring mass destruction to my city I hope your phones CAN be hacked, hope with all my heart.
I understand and share your concern, but our law enforcement and intelligence agencies need to be more involved in protecting its citizens instead of doing the bidding of special interests. I don't want to see reactive measures taken when we could have been proactive in PREVENTING those horrible things you have mentioned.
Sure you can make laws to enable your device to be hacked, but depending on who is in power, those laws can be used to single you out on who you vote for, what causes you believe in and what religion you believe in. This is why we have to be careful what laws we make.
This is perfect, in my opinion. The iphone is as secure a device as anyone can hope for, but if a terrorist or a child molester gets caught, there are ways of getting the information off the phone.
I may may be in the minority, but the right to privacy is not absolute. It never has been and I don’t think it should be.
This is perfect, in my opinion. The iphone is as secure a device as anyone can hope for, but if a terrorist or a child molester gets caught, there are ways of getting the information off the phone.
I may may be in the minority, but the right to privacy is not absolute. It never has been and I don’t think it should be.
Any govt, especially tyranical ones agree with you. And no, you are not a minority. There is a lot of people willing to give up their freedoms for the sake of convinience or “safety”. Neither had worked in the past, neither will work in the future.
This is perfect, in my opinion. The iphone is as secure a device as anyone can hope for, but if a terrorist or a child molester gets caught, there are ways of getting the information off the phone.
I may may be in the minority, but the right to privacy is not absolute. It never has been and I don’t think it should be.
You are correct, the right to privacy is not absolute. The challenge is creating the tools to access the information needed without impeding the rights given to you by the Constitution.
Creating laws that address these challenges should be more important than passing laws that protect special interests.
Money talks and our government would rather make laws to make corporations richer then make laws to protect citizens.
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
So what? If you got skills, and doing it legally I have zero problem with it. Apple has some of the strongest phone security around, but these guys apparently can pinch through it. Good for them. It’ll just mean Apple will be even more determined to increase security.
Ever notice that Android is never brought up in these kind of discussions? Android users should be extremely concerned.
About what? I can't think of one single thing I have of my phone or that I've ever done with my phone that Cellebrite would have the slightest interest in, and I'll wager not anything on yours either. The impact of whatever hack they have discovered to ANYONE here is non-existent IMHO. If tthe day ever comes that you, or even some local policing agency, can access my phone unassisted then perhaps there's reason to sit up and take notice. In truth most of our current phones whether Android iOS are capable of being secured against all but the most talented professional hackers.
If a company like Cellebrite is tasked with breaking into your phone there's a heckuva good and valid reason behind it IMO and I say best of luck.
The problem is that those same hacks become available to criminals when they get hacked themselves.
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
So what? If you got skills, and doing it legally I have zero problem with it. Apple has some of the strongest phone security around, but these guys apparently can pinch through it. Good for them. It’ll just mean Apple will be even more determined to increase security.
Ever notice that Android is never brought up in these kind of discussions? Android users should be extremely concerned.
About what? I can't think of one single thing I have of my phone or that I've ever done with my phone that Cellebrite would have the slightest interest in, and I'll wager not anything on yours either. The impact of whatever hack they have discovered to ANYONE here is non-existent IMHO. If tthe day ever comes that you, or even some local policing agency, can access my phone unassisted then perhaps there's reason to sit up and take notice. In truth most of our current phones whether Android iOS are capable of being secured against all but the most talented professional hackers.
If a company like Cellebrite is tasked with breaking into your phone there's a heckuva good and valid reason behind it IMO and I say best of luck.
I think you and I are in agreement Gator. This hack requires physical access to one's phone, and it sounds from prior (rumor) stories that it requires some serious engineering skills on top of that. Be it that the price of admission is not cheap, if someone did something that warrants Cellebrite getting involved, I'm not going to necessarily have any issues with it. That doesn't mean Apple should rest on their laurels. I'm sure someone's mission at Apple is to figure out what Cellebrite is doing and patch that security hole, it it can indeed be patched. Some rumors are that Cellebrite removes the NAND chips, clones them, and begins the brute-force attacks. Serious stuff for serious criminals.
I have yet to read ONE article anywhere about some agency - any agency - raising a stink about breaking into an Android phone. So while I supposed it can be "secured" - whatever the marketing folks at Google like to call it - I seriously doubt any real security is even being used.
FWIW I'm not at all concerned that any local agency has the talent to defeat my Android phone's default encryption. They're not going to be able to access my phone any easier than yours IMHO.
While this may be partially true for newer versions of Android this only represents a small percentage of Android users. There are also several manufacturers that add on features to make it convenient to unlock their phones that greatly reduce security like facial recognition that can be fooled by a photo.
My brother is a Police officer and has mentioned to me on several occasions how much easier he finds it to get in to most Android phones without any special tools/equipment in comparison to even older model iPhones. This is mostly due to the additional features added in by manufacturers to make unlocking the phone more convenient.
If you know what your doing then I'm sure it's possible to ensure your Android phone is fairly secure. However, while your phone may be secure enough for your needs I doubt this is the case for the majority of Android users.
Having said that as you mentioned earlier, if you don't have any reason for law enforcement to try and access your phone you shouldn't have much to worry about.
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
That’s not accurate. Governments are major employers of hackers to get into all sorts of systems, foreign and domestic.
My point exactly. Governments can hack all they want but me hacking them or anyone else is illegal. Why is that?
You're asking why it's illegal to break the law? Like how you have obey speed limits and can't run stop signs and red lights, or drive on the wrong side of the road, but a fire engine is allowed? Is that the kind of comparison you're making, because I don't see it as being the same.
I do try and obey speed limits (many Washingtonians do, not like in California), I stop at all stop signs and red lights and I don't drive on the wrong side of the road. Fire engines are emergency vehicles and they can go anywhere they want to but they aren't affecting my personal devices. That's the big difference. We have given them the right to go where they need to go. We have laws against illegal search and seizure as well as the 5th amendment protecting us from being compelled to be a witness against ourself in criminal cases. I don't remember giving the FBI the right to hack into my personal devices. Of course the FBI was started by the biggest criminal in US history, J. Edgar Hoover, who constantly failed to understand federal laws and the US constitution.
I can't control what the US government does to its citizens, I can only voice my opinion on what ethical things I would like to see them do and not do.
They’re hackers, plain and simple. Talk about double standards. If they were hacking government systems they’d be arrested but since they’re hacking private citizen’s phones, governments won’t touch them. Time for hackers to hack Cellibrite.
That’s not accurate. Governments are major employers of hackers to get into all sorts of systems, foreign and domestic.
My point exactly. Governments can hack all they want but me hacking them or anyone else is illegal. Why is that?
You're asking why it's illegal to break the law? Like how you have obey speed limits and can't run stop signs and red lights, or drive on the wrong side of the road, but a fire engine is allowed? Is that the kind of comparison you're making, because I don't see it as being the same.
Just as a point of interest, an emergency vehicle in the UK is subject to the same laws as anyone else, in the sense that if they run into you and they are going on a red light, they are at fault.
So while they're busy waving the flag of "drugs, child-protection and homocide", they're actually just selling their services to any unscrupulous character who can afford it.
That on its own is enough reason for why Apple must continue to fortify their hardware and software.
Cellebrite cracked an old iPhone 5c (the LAST iPhone with a 32-bit processor, and WITHOUT a Secure Enclave chip).
If a criminal has an iPhone, they have probably disabled Touch ID or Face ID, since biometrics can be easily tricked. But with an iPhone that can ONLY be unlocked with a complex alpha-numeric passcode, it is impossible for Cellebrite (or anyone else) to break into it.
it is impossible for Cellebrite (or anyone else) to break into it in a timely manner and without spending an awful lot of money in the process.
There fixed it for you. nothing in this world is impregnable given enough time and money.
I was just watching the final episode of British TV drama “Liar” last night. The heroine had her copper ex-partner hack into a late model iPhone using some “software that a mate gave him”. LOL.
The danger here is the subversion of a central tenet of our democracy: The reversal of restrictions on search and seizure...
Police are not allowed to enter your personal property without either: Your consent or a search warrant from a court of law. But increasingly police units (local, regional, state and federal) are looking to access personal information on phones with neither consent nor a properly executed search warrant. ... We are entering into dangerous territory here...
Comments
I have yet to read ONE article anywhere about some agency - any agency - raising a stink about breaking into an Android phone. So while I supposed it can be "secured" - whatever the marketing folks at Google like to call it - I seriously doubt any real security is even being used.
"The newest Cellebrite product, UFED 6.0, boasts dozens of new and improved features with the ability to extract data from 51 Samsung Android devices including the Galaxy S7 and Galaxy S7 Edge, the latest flagship models for Android’s most popular brand, as well as the new high-end Google Pixel Android devices."
Cellebrite cracked an old iPhone 5c (the LAST iPhone with a 32-bit processor, and WITHOUT a Secure Enclave chip).
If a criminal has an iPhone, they have probably disabled Touch ID or Face ID, since biometrics can be easily tricked. But with an iPhone that can ONLY be unlocked with a complex alpha-numeric passcode, it is impossible for Cellebrite (or anyone else) to break into it.
Yeah not really. Even standard criminal cases have piles of phones they want access to. Not every suspect is guilty, but that doesn't mean the police doesn't want to poke around. Your argument basically boils down to "I've got nothing to hide!" Which is akin to the "First they came..." poem:
https://en.wikipedia.org/wiki/First_they_came_...
...it's not a good argument.
Sure you can make laws to enable your device to be hacked, but depending on who is in power, those laws can be used to single you out on who you vote for, what causes you believe in and what religion you believe in. This is why we have to be careful what laws we make.
I may may be in the minority, but the right to privacy is not absolute. It never has been and I don’t think it should be.
Creating laws that address these challenges should be more important than passing laws that protect special interests.
Money talks and our government would rather make laws to make corporations richer then make laws to protect citizens.
My brother is a Police officer and has mentioned to me on several occasions how much easier he finds it to get in to most Android phones without any special tools/equipment in comparison to even older model iPhones. This is mostly due to the additional features added in by manufacturers to make unlocking the phone more convenient.
If you know what your doing then I'm sure it's possible to ensure your Android phone is fairly secure. However, while your phone may be secure enough for your needs I doubt this is the case for the majority of Android users.
Having said that as you mentioned earlier, if you don't have any reason for law enforcement to try and access your phone you shouldn't have much to worry about.
I can't control what the US government does to its citizens, I can only voice my opinion on what ethical things I would like to see them do and not do.
https://motherboard.vice.com/en_us/article/aekqjj/cellebrite-sold-phone-hacking-tech-to-repressive-regimes-data-suggests
So while they're busy waving the flag of "drugs, child-protection and homocide", they're actually just selling their services to any unscrupulous character who can afford it.
That on its own is enough reason for why Apple must continue to fortify their hardware and software.
There fixed it for you. nothing in this world is impregnable given enough time and money.
Police are not allowed to enter your personal property without either: Your consent or a search warrant from a court of law. But increasingly police units (local, regional, state and federal) are looking to access personal information on phones with neither consent nor a properly executed search warrant.
... We are entering into dangerous territory here...