Signal Founder Delivers Dirt on Dodgy Phone Hacking Company Cellebrite's Security Flaws
Facebook exposes two Palestinian espionage campaigns, DOJ forms task force to curtail ransomware campaigns, USPS has a surveillance effort to spy on Americans social media posts, more
Don’t wait for each morning’s issue of Metacurity to stay current on cybersecurity developments. Follow us on Twitter for breaking news throughout the day.
Moxie Marlinspike, the founder of the popular encrypted chat app Signal, revealed details of poor security involved in mobile unlocking company Cellebrite’s devices after getting his hands on such a unit after it“fell off a truck.”
Cellebrite devices lack industry-standard mitigation defenses and feature many opportunities for exploitation, Marlinspike said in a blog post. Cellebrite announced several months ago it had added Signal to its phone-hacking repertoire. Marlinspike joked that future versions of Signal might very well contain files that"are never used for anything inside Signal and never interact with Signal software or data.” (Lorenzo Franceschi-Bicchierai / Motherboard)
Related: Ars Technica, Slashdot, SlashGear, SlashGear » security, Signal, Reddit-hacking, Gizmodo, Cyberscoop, IT News, The Register - Security, ZDNet, Ap…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.