UK Markets closed
  • FTSE 100

    7,129.71
    +53.54 (+0.76%)
     
  • FTSE 250

    22,775.28
    +283.92 (+1.26%)
     
  • AIM

    1,262.60
    +9.91 (+0.79%)
     
  • GBP/EUR

    1.1496
    -0.0014 (-0.12%)
     
  • GBP/USD

    1.3990
    +0.0097 (+0.6995%)
     
  • BTC-GBP

    41,398.76
    +1,246.17 (+3.10%)
     
  • CMC Crypto 200

    1,480.07
    +44.28 (+3.08%)
     
  • S&P 500

    4,232.60
    +30.98 (+0.74%)
     
  • DOW

    34,777.76
    +229.23 (+0.66%)
     
  • CRUDE OIL

    64.82
    +0.11 (+0.17%)
     
  • GOLD FUTURES

    1,832.00
    +16.30 (+0.90%)
     
  • NIKKEI 225

    29,357.82
    +26.45 (+0.09%)
     
  • HANG SENG

    28,610.65
    -26.81 (-0.09%)
     
  • DAX

    15,399.65
    +202.91 (+1.34%)
     
  • CAC 40

    6,385.51
    +28.42 (+0.45%)
     

Encrypted chat app Signal alleges flaws in Cellebrite equipment

  • Oops!
    Something went wrong.
    Please try again later.
·2-min read
Photo illustration of Signal messaging app
  • Oops!
    Something went wrong.
    Please try again later.

WASHINGTON (Reuters) -Encrypted chat app Signal suggested in a blog post published on Wednesday that products sold to law enforcement from Israeli surveillance provider Cellebrite can easily be sabotaged.

Cellebrite DI Ltd, which specializes in helping law enforcement and intelligence agencies copy call logs, texts, photos and other data off of smartphones, has repeatedly come under fire for past sales to authoritarian governments, including Russia and China.

Signal, a privacy-focused app eager to show the lengths it goes to protect users' conversations, clashed with Cellebrite last year when the Israeli company said its equipment was upgraded to allow law enforcement to scoop up Signal messages from devices in their possession.

Signal creator and CEO Moxie Marlinspike said in his blog post on Wednesday he had come into possession of a bag of Cellebrite equipment and examined the gear inside.

He was "surprised to find that very little care seems to have been given to Cellebrite's own software security," Marlinspike said, noting it would be easy to add a specially crafted file onto a phone that would derail Cellebrite's functionality.

In a statement, Cellebrite did not directly address Marlinspike's claim but said that the company's employees "continually audit and update our software in order to equip our customers with the best digital intelligence solutions available."

Elsewhere in his blog post, Marlinspike alleged he had found snippets of code from Apple Inc inside Cellebrite's software, something he said "might present a legal risk for Cellebrite and its users" if it was done without authorization.

Apple did not immediately respond to a request for comment.

Signal's allegations come as Cellebrite prepares to go public through a merger with a blank-check firm, valuing the equity of the combined company at around $2.4 billion.

(Reporting by Raphael Satter; Editing by Richard Chang and Edwina Gibbs)