Signal criticises Cellebrite over flaws in security software

By Sam Steers
Cellebrite has received criticism from the mobile messaging app Signal who said it could be “easily hacked...

Signal has criticised the cybersecurity firm Cellebrite over the security of its software, saying that it could be “easily hacked.”

The encrypted messaging service said that it had discovered flaws in the technology, despite Cellebrite claiming that it had “cracked” Signal’s secure messaging last year.

The two organisations have reportedly been involved in a conflict ever since. 

Most recently, Signal’s Chief Executive Officer, Moxie Marlinspike, quipped that he had found Cellebrite’s system after “it fell off a truck” in front of him.  

He said: "By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me.

"Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy... and a bizarrely large number of cable adapters."

He also added that the software was “so flawed, he could easily hack into it.”

In response to Marlinspike’s claims, Cellebrite said in a statement: “We constantly strive to ensure that our products and software meet and exceed the highest standards in the industry so that all data produced with our tools is validated and forensically sound."

The feud began in December last year, causing Signal to publish a blog post on Twitter detailing the claimed issues with Cellebrite’s security. 

In the tweet above the post, Signal said: “Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software.”

Cellebrite said in defense that it "understands that research is the cornerstone of ensuring this validation, making sure that lawfully obtained digital evidence is utilised to pursue justice".

Cellebrite concluded that it “will continue to integrate these standards” into not only their products, but their software and the Cellebrite team as a whole. 

Doing so aims to allow them to “deliver the most effective, secure and user-friendly tools” for their customers.

Share

Featured Articles

TECH LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at some of the highlights of our final day at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

TECH LIVE LONDON: Begins tomorrow at 10am!

Our marquee technology event is nearly here. There's still time to claim your free ticket (worth £295). Look forward to welcoming you to the Tobacco Dock!

Executive Q&A: Marc Lueck, CISO EMEA, Zscaler

Cloud & Cybersecurity

TECH LIVE LONDON: Registering, networking and logistics

Digital Transformation

New speaker from Infosys announced for TECH LIVE LONDON!

Digital Transformation