Follow

Celebrate pissed somebody off.

Say what you will about signal but Moxie knows how to make a drop.

signal.org/blog/cellebrite-vul

@drwho next time he skates by tell him “The_gibson says Hack the Planet!”

I am adding a toot here to agree with some other takes regarding this. It is very irresponsible of signal to use their user base to do this.

Although, I’m not sure how else they would have accomplished exposing CB’s vulns without benefitting CB. It doesn’t justify the decision.

@thegibson I shall do so. I need to ask him when the next time he's doing a New York Skate through downtown SF will be.

@thegibson "By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me."

Unbelievable indeed.

@thegibson
Unless it is just an idle threat. They could claim that they are deploying it on random installs of signal; and celibrite then needs to somehow prove, for EVERY instance their tools are used in a criminal case, that there was never any tampering of reports.

Effectively, the threat itself could be a viable attack against celibrite

@rgegriff @thegibson My biggest gripe with this: What I installed on my phone was billed as a secure messenger, not an exploit payload distribution tool that might randomly recruite my phone to crack other devices. Who knows what situation I will be in when it triggers?

Highly unrealistic hypothetical example: "So... you are traveling to a computer conference and your phone we just randomly 'checked' froze our spying device? You are not boarding that flight, mister."

@TheGibson it can be argued that signal is protecting their userbase by adding a file that deletes the signal database from the cellebrite extracted files using random vulnerabilities in cellebrite software.

I have no idea about the legality of this tbh.

@TheGibson idk, I don’t personally see an issue with distributing innocuous files that just mess with snooping. Maybe an opt out, but tbh I *want* them to put whatever that is on my device, and I don’t even regularly use signal

@TheGibson I have my complaints about Signal, but damn this is some great stuff haha Props where it's due

@thegibson "By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite. Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy (tells you something about their customers I guess!), and a bizarrely large number of cable adapters."

lmao, whole article is worth it for that one paragraph

@thegibson "Fell from a truck" this is the sassiest post I've ever read. 😂

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.