Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security Apple

Hacker Dumps iOS Cracking Tools Allegedly Stolen From Cellebrite (vice.com) 86

Last year, when Apple refused to unlock the security on an iPhone 5c belonging to the San Bernardino shooter, the FBI turned to an Israeli mobile forensics firm called Cellebrite to find another way into the encrypted iPhone. Now Motherboard reports that a hacker has released files allegedly from Cellebrite that demonstrate how cracking tools couldn't be kept private. From a report: Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools." The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within," the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin. It's not clear when any of this code was used in the UFED. Many of the directory names start with "ufed" followed by a different type of phone, such as BlackBerry or Samsung. In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene -- a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.
This discussion has been archived. No new comments can be posted.

Hacker Dumps iOS Cracking Tools Allegedly Stolen From Cellebrite

Comments Filter:
  • by Anonymous Coward

    Repeat the meme!

    piracy is not theft
    piracy is not theft
    piracy is not theft

    Software cannot be stolen!

    • by Anonymous Coward

      Software can be stolen since you can find it in stores in physical format.

      Of course that's not what the article is talking about.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Arson isn't theft either, but it's possible to set a car on fire. Are you telling me that this means cars cannot be stolen?

    • Repeat the meme!

      piracy is not theft piracy is not theft piracy is not theft

      Software cannot be stolen!

      https://torrentfreak.com/image... [torrentfreak.com]

    • The depravation of property is only one definition of the term "theft"

      You are glomming on to that facet of the definition and pretending that the word has no other meaning.

      Definition of theft

      a. The act of stealing; specifically the felonious taking and removing of personal property with intent to deprive the rightful owner of it
      b. An unlawful taking (as by embezzlement or burglary) of property

      Also, note the wording "intent to deprive" in the first meaning. That doesn't mean you DID actually deprive the rightful owner only that you intended to.

      • by sjames ( 1099 )

        Both of those definitions involve leaving the victim without the property. If I find my way into your private FTP directory and download everything, what do you find missing when you next connect to it?

        In that scenario, what I did is more easily mapped to trespassing than theft.

      • If I make software or something distributed digitally every time someone illegally aquires and uses or distributes a copy that is used I have been deprived a copy I "could" have sold. Their intent was to take and use the copy with out purchasing it. Despite what ever reason they where unwilling to purchase it they did want the copy enough to steal it and use it which means they may have purchased it in the future should circumstances have changed.
           

    • by mccrew ( 62494 )

      Repeat the meme!

      ...

      Repeat until you're blue in the face. Still doesn't make it true.

  • by SeaFox ( 739806 ) on Friday February 03, 2017 @02:10AM (#53793569)

    In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene -- a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

    Remind me again, how much did the FBI pay Celebrite to get into that single iPhone 5c again?

    • by 93 Escort Wagon ( 326346 ) on Friday February 03, 2017 @02:47AM (#53793663)

      One significant difference between the tools jailbreakers use versus Cellebrite's: The recent jailbreaks for iOS require that you run them on an unlocked phone. Additionally, every jailbreak I've used has required me to install an app onto the phone, and then run it from there.

      I would be curious to see exactly how the Cellebrite tools get around this, even on an older iPhone.

      • by tlhIngan ( 30335 )

        One significant difference between the tools jailbreakers use versus Cellebrite's: The recent jailbreaks for iOS require that you run them on an unlocked phone. Additionally, every jailbreak I've used has required me to install an app onto the phone, and then run it from there.

        I would be curious to see exactly how the Cellebrite tools get around this, even on an older iPhone.

        Well, part of the reason for the app is to install the untethered jailbreak. Cellebrite doesn't need untethered jailbreaks - a tethere

  • by Anonymous Coward

    Where is the link to the torrent?

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      You can get it here [magnet].

  • OTOH, it's knowledge, and should be shared for the benefit of all (including Apple, who will doubtless learn from the now available information to craft even better cryptography).

    OTOH, they've intentionally made the private data of many users of this privacy/encryption scheme less secure - not only from the US government and Cellbrite, but now from all who would know what they saw fit to hide, whether nefarious or banal.

    I've already had half a fifth of whiskey tonight . . . Help me out here, Slashdot. A/

    • Private data on a closed source device... You get what you pay for.
    • by GNious ( 953874 )

      I've already had half a fifth of whiskey tonight . . . Help me out here, Slashdot. A/C's need not apply.

      Half of a fifth of a whiskey? so'eh, 1/10th of a whiskey?!?

    • I've already had half a fifth

      So: a tenth. Go metric already! Come to think of it, 750ml bottles are sometimes referred to as a "metric fifth", this is probably the bottle your whiskey came in. Looking at my own bottles of whisky I can't help but noticing that they are all 700ml. What gives? It would not surprise me one bit if our government is behind this, withholding an additional "angels' share" for themselves. Probably for the benefit of Juncker. Hmm. I better have another one.

  • by Anonymous Coward

    Now let's get to work on getting Trump's tax returns.

  • As FBI asked for for signed executable that could have checked serial number of the phone and would have been useless on other phones.

  • Told you so (Score:5, Insightful)

    by kbg ( 241421 ) on Friday February 03, 2017 @04:25AM (#53793885)

    This is exactly what I and everyone else was saying at the time about the FBI case. If an exploit was developed for one phone it would be used for all phones and it would eventually leak out into the Internet. I expect each and everyone who said I was wrong about this issue to make a formal apology.

    • by Anonymous Coward

      Behaves of all of internet.
      We are sorry.
      We should have listened to you.
      Won't happen again.
      A.Non.Ymous

    • Because Apple did not develop a tool for the FBI to tease out the encrypted data from one phone, the FBI basically offered a cash prize for such capability (went shopping for someone who could). This caused multiple companies / hackers to seek out a way to tease out the data. And eventually when one of them succeeded, they had a fiscal incentive to not disclose the vulnerability to Apple (so they could use it again in the future to make more money). Until it eventually leaked out onto the internet.

      If
      • by kbg ( 241421 )

        It wouldn't have mattered if Apple had developed it or not. FBI employees would have had access to the tool and probably common police officers later down the lane. It would just have been a matter of time before it got leaked into the Internet, because it only takes a single mistake or one rogue agent and the cat is out of the bag.

  • "Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite...some of which may have been copied from publicly available phone cracking tools..."

    Well, that's some creative irony labeling a hacker as the thief, since it would appear Cellebrite favors "borrowing" code to create a product to sell to the highest taxpayer-funded bidder...

    • ... it would appear Cellebrite favors "borrowing" code to create a product to sell ...

      If some of this code is GPL'd or similar, there is likely cause to sue, which at the least, should see the (legal) release of all source code. I'm sure even Microsoft, who has acquired Cyanogen, could sue for a monetary sum due to unfair competition and breach of licence.

      It is also possible that the open-source community can ask the judge to subpoena the code of other products from the company for an audit into code that should be similarly released.

  • by Anonymous Coward

    Where is the pastebin link? Why don't we get the primary source for this story? :(

  • by ArchieBunker ( 132337 ) on Friday February 03, 2017 @08:38AM (#53794569) Homepage

    I don't need that god awful piece of shit iTunes to manage content on my phone? I mean the main window has a sync button. I add files to my library and click sync but it never copies the files. Only when you click on the tiny phone button on the toolbar and then look at the storage space breakdown does a second sync button show up. This is what actually copies files to your phone. What the fuck Apple?

    Oh and say I don't like Apple's default media player. In order to use a third party app I have to enable file sharing with that app, and copy my files over to it. That means I need to delete my iTunes library or else everything is copied to the phone TWICE. Again, what the fuck?

    • by SeaFox ( 739806 )

      I don't need that god awful piece of shit iTunes to manage content on my phone? I mean the main window has a sync button. I add files to my library and click sync but it never copies the files. Only when you click on the tiny phone button on the toolbar and then look at the storage space breakdown does a second sync button show up. This is what actually copies files to your phone. What the fuck Apple?

      I feel like you're doing something wrong here. Isn't the default action of iTunes to automatically sync the device when you plug it in? You have to go to the prefs and explicitly disable that function. As far as your music library goes, in it's original configuration, I do not think iTunes is going to sync new files automatically -- unless you have it set to sync your entire library. Few people would be doing that as most have music libraries too large to sync, or large enough they would not want to dedicat

      • I feel like you're doing something wrong here. Isn't the default action of iTunes to automatically sync the device when you plug it in?

        Clicking that main sync button only syncs phone data, not media. Why, I have no idea.

        If you aren't interested in using iTunes as your media player, why are you adding the files to iTunes's music library to start with? Just add them with your third-party player and leave them off iTunes. If the third-party player can't read the phone's iTunes library files, and doesn't have an automated way of loading tracks to the device, it sounds like a lousy player. And going back to my previous paragraph, iTunes adding the music files to your phone and causing things to duplicate is something you've done wrong in your original device configuration.

        I was talking about the media player on the phone. On my PC I use Winamp. iTunes is the only way to copy files to the phone. I don't like the media player on the phone so I downloaded a third party one. The only way it sees files is to enable sharing with iTunes and copy the files in specifically for that app. It won't play what already exists on the phone. That is how Apple locks things down. Yead you

        I use an Android handset myself. But I have my music library in iTunes on Windows (because of my old iPod), and the files are synced to my NAS on an automated schedule (it's running right now, in fact). There on the NAS, the files are accessed for playback through 1) a generic DLNA server, 2) Plex, and 3) Subsonic. I have a third-party Subsonic app on my phone, which is what I use to load/play back my own music library on the device instead of manually copying files. The Subsonic client can natively playback all but one format of music from my synced iTunes library, and that's the old 128 kbps DRM iTunes Music Store files, which I have a handful of. It plays back the CDs I ripped in AAC (.m4a), the WAV files, even the Apple Lossless files, all without transcoding. But I can configure the Subsonic server to transcode the high-bitrate lossless files on-demand for streaming specifically on the phone's player. This way, the download usage/storage for the phone is much lower. I have the phone's client set to only download over wi-fi, but I paid the piddly $12/year fee for Internet access on my Subsonic install. So I can load and playback any file from my Subsonic server from any wi-fi connection. I don't really have to plan what music I want on my phone unless I'm going to go on a walk, since I can get whatever I want otherwise. If I was willing to pay for a cellular data plan even that would not matter. Oh, and the client has a setting to automatically load new files that have appeared in the library since the last sync, without me having to set up a Smart Playlist-style trick.

        I was an Android user

  • by Anonymous Coward

    If someone enters your home or business while you're away, goes through your file cabinet, takes pictures of every document, then leaves without disturbing anything, it's still illegal. The only exception is if your government does it then it's just called surveillance. Double standard hypocrisy. If I remember correctly we had a President that was impeached for ordering exactly that. There should be no legal difference between data on your device, in a briefcase, or in your file cabinet.

  • by Anonymous Coward

    Would have posted the link to actual hacking tools

    The new slashdot just constantly links to vice.com for 60% of it's daily content.

    Imagine if vice.com suddenly went out of business? Slashdot would have no content to post! All they would have is Rothschild Global warming FUD stories to post all day.

  • Link to dumps (Score:4, Informative)

    by Aaron B Lingwood ( 1288412 ) on Saturday February 04, 2017 @05:18AM (#53801453)

    Link to dumps [pastebin.com]

    Release 1 - the supply chain - a backdoor with backdoors.

    In this release find a small sample of the 900GB of mere 'user accounts and basic contact
    information' recently liberated from Cellebrite.

    The exploit techniques that Cellebrite employ are wrapped in various encryption schemes
    in an attempt to protect 'their' intellectual property. The custom routines for
    decrypting this lame ass protection are included in this release along with an
    accompanying sample .eas (DLL designed to target devices and applications) and .epr
    (bootloaders, exploits and shellcode) files.

    The more discerning eye will notice that some of the Apple exploits bear a remarkable
    resemblance to those available to any teenager interested in the jailbreaking scene;
    perhaps not all those tax dollars have been wasted, the Blackberry epr is still worth
    a look at.

    The ripped, decrypted and fully functioning python script set to utilize the exploits
    is also included within.

    Download links:
    https://mega.nz/#!sZUkSbDT!l74... [mega.nz]
    https://mega.nz/#!0d9zBQLI!DdK... [mega.nz]

    Coming soon.....

    Release 2 - watching the watchers - pivot to win.

    In this release find a small sample of files retrieved via the weaponized Cellebrite
    update service deployed on MS Windows based devices and desktops (SYSTEM privs) within
    the customer infrastructure.

    Analysis of the compression and obfuscation employed by Cellebrite on products supplied to
    British MOD juxtaposed with the protection free versions supplied to SOCOM and others is
    also included within.

    @FBI Be careful in what you wish for.

Try `stty 0' -- it works much better.

Working...