Cellebrite was just put on notice.
The Israel-based company, which makes smartphone-hacking tools beloved by U.S. law enforcement and oppressive regimes around the world, failed to properly secure its own software — potentially compromising the integrity of all data gathered by its customers in the process.
That’s according to a brutal blog post from Signal founder Moxie Marlinspike, published Wednesday on the official Signal blog, which alleges serious security flaws in Cellebrite’s software.
“[We] were surprised to find that very little care seems to have been given to Cellebrite’s own software security,” he writes. “Industry-standard exploit mitigation defenses are missing, and many opportunities for exploitation are present.” Read more…
More about Privacy, Signal, Cellebrite, Tech, and Cybersecurity