Human Rights Activists Urge Police to Stop Using Cellebrite Tools

Recently, the developers of the secure application Signal reported on the vulnerabilities they discovered in Cellebrite's tools for hacking smartphones. Now Israeli and British activists are demanding that the police stop using these tools.

The flagship product of the Israeli company Cellebrite, which supplies law enforcement agencies with tools for conducting a forensic examination of mobile devices, is the UFED (Universal Forensic Extraction Device) software and hardware complex. The product allows you to extract data from locked phones that are already in the hands of law enforcement agencies.

Signal founder Moxie Marlinspike managed to hack UFED last week, two months after Cellebrite reported hacking the Signal messenger. The Marlinspike exploit allows you to modify the evidence collected with the tool. According to him, since UFED extracts all information from a smartphone, it can also extract malicious code installed on it that can infect the tool itself, which Marlinspike took advantage of.

On Sunday, April 25, Eitay Mack, a human rights activist who specializes in the export of Israeli technology, sent a letter to Israel's Attorney General asking police to stop using Cellebrite products. Letters, also sent to the Israeli police, police investigation units and the military prosecutor's office, call for the suspension of the use of the UFED "pending an investigation into its effectiveness and reliability."

According to the letter, police and internal investigations (controlled by Israel's Ministry of Justice) have been working with Cellebrite since 2016 without a proper bidding process. Mack also urged Israeli authorities to avoid filing evidence collected through Cellebrite equipment.

Simultaneously with Mack, the Open Rights Group, an independent association of Scottish journalists, also voiced a similar request.

“We asked the Scottish police to explain the steps to assess the safety and reliability of such software. We understand that the Scottish Police would not use technology that clearly represents the area of ​​greatest risk, but other government agencies are using it, which is why the Scottish Police use this software. The possibility of extending the term of its use should not be considered. The problem remains unresolved, ”the Open Rights Group said in a statement.

Previous Post Next Post