Tag: encryption

Court Docs Show FBI Can Intercept Encrypted Messages From Deep State-Backed ‘Signal’ App

Recent court documents have indicated that the Federal Bureau of Investigation (FBI) possesses a tool allowing them to access encrypted messages on the Signal app.

Signal has rapidly gained in popularity as Silicon Valley monopolists have grown more openly hostile to free speech, but the platform may be vulnerable to backdoors that undermine the privacy protections provided through the encrypted messaging service.

According to documents filed by the Department of Justice and first obtained by Forbes, Signal’s encrypted messages can be intercepted from iPhone devices when those Apple devices are in a mode called  “partial AFU,” which means “after first unlock.”

When phones are in partial AFU mode, Signal messages can be seized by federal authorities and other potentially hostile interests. GrayKey and Cellebrite are the tools typically used by the FBI to gain this sensitive information, an expert has explained.

“It uses some very advanced approach using hardware vulnerabilities,” said Vladimir Katalov, who founded the Russian forensics company ElcomSoft, believing that GrayKey was used by federal authorities to crack Signal.

This vulnerability within the Signal app may not be a design flaw, but rather a deliberate backdoor to allow authorities to access private messages. The app was initially funded with backing from the deep state, after all.

Keep reading

Cellebrite: Israel’s Good Cyber Cop is Big Tech’s Backdoor to Breaching Your Privacy

Privacy and security have long-been one of the top selling points for iOS devices in the interminable marketing fracas between Apple and its competitors, with fancy additions to their suite of protection features like fingerprint scanning and facial recognition. Android devices, by contrast, always seemed to lag behind in the personal encryption space, but have caught up fairly recently in the consumer’s mind, at least.

The cat, as they say, is out of the bag thanks to researchers at Johns Hopkins University, who decided to test the mobile security systems of two of the biggest mobile device makers, Apple and Google. Their findings reveal that the layers of security protecting our data are only skin deep and that much of the encryption structures built into these devices remain unused. “I’ve come out of the project thinking almost nothing is protected,” Matthew Green, the professor who oversaw the study told Wired.

Using the companies’ own data and records spanning over a decade, the team of cryptographers found a plethora of security loopholes that can and are being exploited “by hackers and law enforcement alike.” The latter’s access to our mobile devices is of particular concern, given “the privacy risks involved in unchecked seizure and search.” Significantly, it is not your local police precinct that necessarily has the right tools to extract any readable data from your cell phone or laptop (though that is changing), but rather, these unique abilities are reserved for private cybersecurity companies who offer their services to police and other government entities.

One such firm, Israeli cyber forensics firm Cellebrite, boasts about their ability to “unlock and extract data from all iOS and high-end Android devices,” a service they have been selling to governments around the world and which they have more recently integrated into a product called Universal Forensic Extraction Device or UFED, which has been purchased by multiple law enforcement agencies across the globe, including the Hong Kong Police, which used Cellebrite’s hacking technology to “crack protestors’ smartphones” during the anti-extradition riots of 2019 and the NYPD, which enrolled in Cellebrite’s “UFED Premium program” that same year and gives ‘New York’s finest’ the capability to extract ostensibly private citizens’ data from the department’s own computers and laptops.

Keep reading

CIA secretly owned world’s top encryption supplier, read enemy and ally messages for decades

For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret. That company was secretly run by the CIA, which had the ability to read all those communications for decades.

Keep reading