Cellebrite describes itself as a digital intelligence company, but this obscure description does not convey a particularly clear picture. In short, digital intelligence is the code of a hacker’s device; if the customer has a legal basis, Cellebrite can help the government and law enforcement agencies access the smartphone and laptop belonging to the person under investigation.
In recent years, this Israeli company has received a lot of criticism from privacy activists who believe their actions are morally wrong. Others attacked the company without disclosing any active vulnerabilities used to invade the device. However, Cellebrite insists that the advantages of their technology outweigh the disadvantages. He also pointed to contradictions in the arguments of the resentment; according to marketing director Mark Gambill, there was little criticism of the actual execution of the search warrant.
So why apply different rules in the digital realm? Cellebrite has approximately 6,700 customers worldwide, most of which (approximately 5,000) are from the public sector. In this context, business services mainly include three aspects: data collection, analysis, and auditing.
As Gambill explained, criminals are very tech-savvy and, as expected, they are usually reluctant to volunteer their unlocked equipment. With legal permission, Cellebrite’s Universal Forensic Extraction Device (UFED) can be used to extract data stored on smartphones, computers, smartwatches, and other devices, sometimes taking advantage of active security vulnerabilities in the operating system.
At the end of last year, Cellebrite became the enemy of the Signal messaging company. The company recently announced support for the Signal file type and published a report saying that it broke the platform’s famous encryption, but was later refuted and labeled as “notorious”. A few months later, Signal CEO Moxie Marlinspike released his own report highlighting vulnerabilities in Cellebrite’s hardware.
In the same publication, he stated that the company “exists in the gray of corporate brands encountering thieves.” The zone is called “digital intelligence”. He also joked that he is “prepared to responsibly disclose to Cellebrite specific vulnerabilities we know if they do the same for any vulnerabilities and other services that they physically retrieve for their respective providers now and then.”
When being asked about the ethics of preserving vulnerabilities that may be exploited by third-party attackers, Gambill gave us an indirect answer. He described the company’s relationship with Apple and other device manufacturers as “cooperation”, a combination of cooperation and competition.