Cellebrite removes iPhone data extraction from most capable product
Because of a crippling vulnerability, Cellebrite disabled the iPhone data extraction feature on its Physical Analyzer tool.
Cellebrite Physical Analyzer no longer works with iPhone
Cellebrite is a company that builds forensic devices used by law enforcement and governments. These devices have been deployed around the world to gain access to data stored on iPhones and other smartphones.
After a slew of vulnerabilities was discovered by the CEO of Signal, Cellebrite was forced to remove iPhone data retrieval from its most powerful device. The Physical Analyzer has been called "the industry standard for digital data examination," though now it can no longer access the highly-protected iPhone.
According to 9to5Mac, Cellebrite closed multiple security holes reported by the Signal CEO. However, there is an unpatched vulnerability that iPhone apps could exploit to corrupt the Physical Analyzer.
Cellebrite released the following message with the updates:
Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get the latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.
Cellebrite Physical Analyzer no longer works with iPhone
Cellebrite is a company that builds forensic devices used by law enforcement and governments. These devices have been deployed around the world to gain access to data stored on iPhones and other smartphones.
After a slew of vulnerabilities was discovered by the CEO of Signal, Cellebrite was forced to remove iPhone data retrieval from its most powerful device. The Physical Analyzer has been called "the industry standard for digital data examination," though now it can no longer access the highly-protected iPhone.
According to 9to5Mac, Cellebrite closed multiple security holes reported by the Signal CEO. However, there is an unpatched vulnerability that iPhone apps could exploit to corrupt the Physical Analyzer.
Cellebrite released the following message with the updates:
Since the data obtained from an iPhone could be easily corrupted, Cellebrite had no choice but to remove the functionality until the vulnerability is patched. The change could be damaging to the company since its ability to access iPhone was a significant selling point.This message is to inform you that we have new product updates available for the following solutions:
- Cellebrite UFED v7.44.0.205
- Cellebrite Physical Analyzer v7.44.2
- Cellebrite UFED Cloud v7.44.2
Cellebrite UFED 7.44.0.205 and Cellebrite Physical Analyzer 7.44.2 have been released to address a recently identified security vulnerability. This security patch strengthens the protection of the solutions.
As part of the update, the Advanced Logical iOS extraction flow is now available in Cellebrite UFED only.
Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get the latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.
Comments
I wonder if Apple is going to turn the screws on them using its installer files within their software (as reported by Signal CEO), surely a violation of their terms.
...and every lawyer of everyone ever interrogated/arrested/indicted/convicted on basis of potentially Cellbritally tainted evidence should rush to the relevant courts on behalf of their clients. Won't be easy in certain regimes though...
This is why Linux is so robust, and Cellebrite Physical Analyzer isn't.
the table is turning.
Part of me hopes they do but I also wonder if quashing celebrate would simply end up re-kindling the government push for a backdoor. In some ways the presence of a device like celebrite makes a defecto truce. The biggest problem is the fact that Celebrite appears to have no control over their devices and no way to disable a device that falls into the wrong hands (or falls off of a truck!)