From TFA, but I switched the paragraph order for this TLDR;
"Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone."
"The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies."
> “To be honest, had it not been for the recent stance taken by Western governments no one would have known but us,” the hacker told Motherboard. The hacker expressed disdain for recent changes in surveillance legislation.
What specific changes are they referring to?
> The hacker, however, remained vague as to the true extent of what they had done to Cellebrite's systems.
This part of the article where they cite the hacker's answer to this question is a totally useless part of the article IMO.
Didn't read the article, curious how you steal 900GB of data, what kind of internet speed do you have? No one noticed this much data being pulled? I don't personally track my server's bandwidth usage. Guess it's time to read.
I could download that in about 3 hours at home with fiber internet, not that big of a window.
At work we use google cloud storage, so if someone had gained access and were downloading stuff we would have absolutely no idea, no without already setup alerts.
It's not hard to get an anonymous server with a good downlink (you can also distribute it across many machines). What make things complicated is that you must assume that there are admins on the victims side and you don't want to get noticed. I guess the attackers either inspect the network to assess them, or they just start slow and if nobody notices the upstream for days or even weeks, they can crank up the speed.
Cellebrite's sysadmins didn't do their job, that's for sure.
dhimes|9 years ago
"Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone."
"The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies."
wyldfire|9 years ago
What specific changes are they referring to?
> The hacker, however, remained vague as to the true extent of what they had done to Cellebrite's systems.
This part of the article where they cite the hacker's answer to this question is a totally useless part of the article IMO.
ethbro|9 years ago
ge96|9 years ago
monsieurbanana|9 years ago
At work we use google cloud storage, so if someone had gained access and were downloading stuff we would have absolutely no idea, no without already setup alerts.
nom|9 years ago
Cellebrite's sysadmins didn't do their job, that's for sure.
ethbro|9 years ago
cryptozeus|9 years ago
ergot|9 years ago
https://cellevault.cellebrite.com/cas/login?service=https://...
spectaclepiece|9 years ago
cryptozeus|9 years ago