Cellebrite is an Israeli cybersecurity firm that’s been recognized as a world leader in mobile forensics. Mobile forensics is the process of retrieving data stored on a mobile device, regardless of who is doing it. Their clients include police as well as private investigators, intelligence agencies and authoritarian governments. Cellebrite’s software has been linked to both the torture of political dissidents in Bahrain and the murder of Washington Post reporter Jamal Khashoggi. Cellebrite has products that not only recover data, but exploit unknown “0day” vulnerabilities to hack into locked devices. In recent years, their software has expanded it’s reach to cloud storage services such as iCloud or Google Drive.
In 2019, we worked closely with our partner COTECH to test our software against Cellebrite’s equipment. COTECH worked with the “Task Force Cybercrime”, the digital forensics team of the German national police. Their mobile forensics technicians performed extensive tests on the Armadillo Phone 1 in their lab in Munich, under COTECH’s supervision. They found Cellebrite’s software essentially ineffective against Armadillo. COTECH’s email provided a brief synopsis:
“Good news: Armadillo is secure.”
Digging through the PDF, we found some more glowing quotes:
“In a second test, the Armadillo phone was provided with an unlocked screen. This scenario conforms with real conditions (e.g. avoiding repressions from authorities at border crossing). The lab employee tried starting the developer mode of Android. The Armadillo OS prevented that. They informed us that they have never seen this being blocked before. This is the second barrier that prevented an investigation. Conclusively, the easy countermeasures of having a lock screen and disabled developer mode already prevented the investigators of gaining access to the phone’s data”
We have since tested Armadillo Phone 1 and 2 against Cellebrite’s products numerous times with other partners, and found the attacks similarly impotent.
You can download a PDF copy or view the audit below.
Published on: Jun 3rd, 2019