Cellebrite tells government agencies not to breathe a word about its iPhone cracking machines

Cellebrite tells government agencies not to breathe a word about its iPhone cracking machines
Just typing Cellebrite gives this writer a nostalgic feeling for a couple of reasons. Back in the old days, Verizon customers looking to transfer their contacts list from an old phone to a new phone would hand their new device to a rep who would use a Cellebrite machine to move the list to the new phone. But the Cellebrite machine also figured in a long-running real-life battle between Apple and the DOJ back in December 2015.

In December 2015, Syed Rizwan Farook and his wife Tashfeen Malik killed 14 people and wounded 22 while committing a terror attack in San Bernardino. The pair were killed by the cops and Farook left behind a locked iPhone 5c that intrigued the FBI. Worried that the iPhone contained a list of other possible targets of terrorism and the names and numbers of possible accomplices, the FBI took Apple to court and a federal court judge ruled that Apple had to unlock the device.

Apple was afraid to develop a version of iOS that could unlock all iPhone handsets

Apple refused to do so because it would have required the development of a special version of iOS (dubbed GovtOS) to unlock the terrorist's iPhone. And Apple was afraid that this software could fall into the wrong hands and instantly threaten the security of every iPhone ever made. Reportedly, the FBI spent around $1 million to get Cellebrite to crack the phone and when it did, it found nothing in the device related to terror attacks.

Back then, the daily coverage of the FBI's attempt to open Farook's iPhone 5c gave plenty of exposure to the Israeli-based company. But now, Cellebrite is telling the police and government agencies to keep quiet about the company and its machines. According to TechCrunch, when a government agency does use a Cellebrite machine to unlock a phone, the company demands that the agency keeps its usage of Cellebrite a secret along with the reason why its machine was needed.

In a training video for law enforcement customers made by Cellebrite and obtained by TechCrunch, a top company executive says, "Ultimately, you've extracted the data, it's the data that solves the crime, how you got in, let's try to keep that as hush hush as possible." The executive adds, "We don’t really want any techniques to leak in court through disclosure practices, or you know, ultimately in testimony, when you are sitting in the stand, producing all this evidence and discussing how you got into the phone."

Legal experts are not happy with Cellebrite's behavior because the whole process needs to be transparent so that judges feel comfortable authorizing future searches of phones and allowing any evidence found to be used in court. Experts say that secrecy hurts defendants and the rights of the public.

The Cellebrite executive in the aforementioned video says that by spilling the beans about its technology, government agencies, and law enforcement could ultimately help criminals and hurt law enforcement. "It’s super important to keep all these capabilities as protected as possible because ultimately leakage can be harmful to the entire law enforcement community globally. We want to ensure that widespread knowledge of these capabilities does not spread."

Cellebrite wants government agencies to keep quiet about the use of its machines

More importantly, the executive says, "And if the bad guys find out how we’re getting into a device, or that we’re able to decrypt a particular encrypted messaging app, while they might move on to something much, much more difficult or impossible to overcome, we definitely don’t want that."
Cellebrite spokesman Victor Cooper told TechCrunch that the company "is committed to support ethical law enforcement. Our tools are designed for lawful use, with the utmost respect for the chain of custody and judicial process. We do not advise our customers to act in contravention with any law, legal requirements or other forensics standards." 

Recommended Stories
Cooper continued, "While we continue protecting and expect users of our tools to respect our trade secrets and other proprietary and confidential information, we also permanently continue developing our training and other published materials for the purpose of identifying statements which could be improperly interpreted by listeners, and in this respect, we thank you for bringing this to our attention."

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless