Cellebrite makes software to automate physically extracting and indexing data from mobile devices. They exist within the grey – where enterprise branding joins together with the larcenous to be called “digital intelligence.” Their customer list has included authoritarian regimes in Belarus, Russia, Venezuela, and China; death squads in Bangladesh; military juntas in Myanmar; and those seeking to abuse and oppress in Turkey, UAE, and elsewhere. 

Cellebrite is based in Israel and they have been earning a lot of cash from law enforcement agencies etc. Apple has taken many steps to secure their phones from government agencies and now more has been make available.

Cellebrite has an emulator that attempts to trick a copy of the operating system into believing its still on the handset. They also have tools for analysing physical hardware.

When Cellebrite announced that they added Signal support to their software, all it really meant was that they had added support to Physical Analyzer for the file formats used by Signal. 

Anyone familiar with software security will immediately recognize that the primary task of Cellebrite’s software is to parse “untrusted” data from a wide variety of formats as used by many different apps. Snowden and others have published many comments on Cellebrite.

DLLs loaded in process

It seems rather unlikely that Apple has granted Cellebrite a license to redistribute and incorporate Apple DLLs in its own product, so this might present a substantial legal risk for Cellebrite and its users.

After posting this I called Apple to report Cellebrite as a unlicensed user. I use Apple and they respect a person’s right to privacy. Hardcore Games wants everyone to be safe.

Read Signal’s discovery,