Tech

In epic hack, Signal developer turns the tables on forensics firm Cellebrite

Posted on Author admin Comments Off on In epic hack, Signal developer turns the tables on forensics firm Cellebrite
In epic hack, Signal developer turns the tables on forensics firm Cellebrite

Enlarge (credit: Moxie Marlinspike/Signal)

For years, Israeli digital forensics firm Cellebrite has helped governments and police around the world break into confiscated mobile phones, mostly by exploiting vulnerabilities that went overlooked by device manufacturers. Now, Moxie Marlinspike—the brainchild behind the Signal messaging app—has turned the tables.

On Wednesday, Marlinspike published a post that reported vulnerabilities in Cellebrite software that allowed him to execute malicious code on the Windows computer used to analyze a device. The researcher and software engineer exploited the vulnerabilities by loading specially formatted files that can be embedded into any app installed on the device.

Virtually no limits

“There are virtually no limits on the code that can be executed,” Marlinspike wrote.

Read 10 remaining paragraphs | Comments

Related Articles
Tech

Loki and Star Wars: The Bad Batch get Disney+ premiere dates

Posted on Author admin

Loki from Loki. [credit: Disney ] Today is a red-letter day for Disney property announcements: release dates have been set for the Disney+ series Loki and Star Wars: The Bad Batch, and the new Spider-Man film has a new name. We’ll start with a href=”https://arstechnica.com/tag/spider-man/”>Spider-Man. Following a marketing stunt in which three different stars of the movie […]
Tech

“Expert” hackers used 11 zerodays to infect Windows, iOS, and Android users

Posted on Author admin

Enlarge (credit: Getty Images) A team of advanced hackers exploited no fewer than 11 zeroday vulnerabilities in a nine-month campaign that used compromised websites to infect fully patched devices running Windows, iOS, and Android, a Google researcher said. Using novel exploitation and obfuscation techniques, a mastery of a wide range of vulnerability types, and a […]
Tech

Boeing still studying Starliner valve issues, with no launch date in sight

Posted on Author admin

Enlarge / Close-up of the Boeing CST-100 Starliner capsule, white room attached, atop the mighty Atlas V launch vehicle at Cape Canaveral’s SLC-41. (credit: Trevor Mahlmann) Nearly six weeks have passed since Boeing said it would de-stack its Starliner spacecraft from an Atlas V rocket and return the vehicle to its factory for “deeper-level” troubleshooting […]