Installation et configuration de GrapheneOS

https://1312blogs.org/arg/installation-et-configuration-de-grapheneos

GrapheneOS install and hardening

https://1312blogs.org/arg/grapheneos-install-and-hardening

#Cellebrite Android Zero-Day not 1 but 3 #ZeroDay by Amnesty International’s Security Lab and Google’s Threat Analysis Group

.. published POC exploit code for Android zero-day exploit chain to unlock the device of a student #activist in the country and attempt to install #spyware

.. all within #Linux kernel USB subsystems leveraged by Android, were marked as “under limited, targeted exploitation” in Google’s February 2025 Android security bulletin
https://securityonline.info/cellebrite-android-zero-day-exploit-poc-released-cve-2024-53104/

Google dicht Android-zeroday die door Servische autoriteiten misbruikt wordt

Google heeft in zijn beveiligingsupdate van april patches uitgebracht voor twee zerodays die actief misbruikt worden. Eén daarvan is onderdeel van een exploit-keten die de Servische inlichtingendienst zou misbruiken.
https://tweakers.net/nieuws/233766/google-dicht-android-zeroday-die-door-servische-autoriteiten-misbruikt-wordt.html

#Google #Android #Cellebrite

Android has patched 2 zero-days in this month's Android Security Bulletin

One of the fixes is a patch for a #Cellebrite exploit used by Serbian authorities to unlock the phones of journalists and anti-government protesters

The exploit and the hacks were first detailed in an @amnestytech report in February

There are no details on the 2. zero-day, which impacts the Android kernel USB-audio driver code
https://source.android.com/docs/security/bulletin/2025-04-01

@andreas_heitmann @ct_Magazin

Naja, die Hardware ist halt unsicher

https://discuss.grapheneos.org/d/16642

Nichts spektakuläres, die Handys erfüllen einfach die Anforderungen für #GrapheneOS nicht

https://grapheneos.org/faq#future-devices

Fehlende Sicherheitschips usw machen solche Handys vulnerabel für #Cellebrite und andere Spionagesoftware. Ist nur für wenige relevant, habe auch nichts zur 3. Generation gelesen

Digital Prison
Serbian authoritarians deploy #surveillance technology and digital repression tactics as instruments of wider state control directed against civil society. NSO Group’s #Pegasus #spyware with Android #NoviSpy & #Cellebrite UFED mobile forensics tools against environmental activists and protest organisers.
https://www.amnesty.org/en/documents/eur70/8813/2024/en/

> Pixel devices remain quite a solid choice if kept updated. While it seems that for the standard Google ROM there are working exploits available to perform the FFS extraction in AFU state, on the contrary GrapheneOS additional hardening and protections are effective, and have been so since 2022 [1].

[1]: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix

#Cellebrite #GrapheneOS #GooglePixel #Encryption #DataPrivacy #Android

Thanks for the find [1], @privacyguides !

Seems that using #GrapheneOS isn't a bad idea.

> #Cellebrite, as far as we know, publishes a support matrix for Android-based and iOS-based devices monthly or at least multiple times a year. The latest version available at time of writing is version 7.73.1 released on February 2025.

Secondary source: Osservatorio Nessuno [2]

[1]: https://discuss.privacyguides.net/t/updated-cellebrite-google-pixel-matrix-leak-february-2025/25911/4
[2]: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix

#Cellebrite #GrapheneOS #Android #Encryption #E2EE #DataPrivacy

Kommissarin Computer gegen Daniela Klette: Der Einsatz von Künstlicher Intelligenz in RAF-Ermittlungen wirft Fragen auf, weil die Software zu den Hochrisiko-KI-Systemen gehört. Für die Nutzung fehle eine rechtliche Grundlage, sagen Anwälte: www.nd-aktuell.de/artikel/1189... #Pathfinder #Cellebrite

Kommissarin Computer gegen Dan...

Cellebrite używa AI do podsumowywania zebranych danych

Cellebrite to znana firma, która produkuje narzędzia do “analizy kryminalistycznej” (czyli eksploituje telefony aby uzyskać dostęp do danych użytkownika). Z jej usług korzystają służby na całym świecie. O Cellebrite jest znowu głośno w związku z raportem Amensty International dotyczącym szpiegowaniu studenta w Serbii (ma to związek z licznymi protestami w...

#WBiegu #Ai #Awareness #Cellebrite #Smartfon

https://sekurak.pl/cellebrite-uzywa-ai-do-podsumowywania-zebranych-danych/

https://www.occrp.org/en/news/amid-protests-georgia-plans-purchase-of-israeli-data-extraction-tech

#Georgia published procurement data showing that the Ministry of Internal Affairs plans to renew existing licenses for #Cellebrite ’s mobile #forensic products, and purchase new ones, in a package worth $2.4M.

enables law enforcement to gain access and extract data from the phones…@amnesty_digital_de recently published evidence that Serbia deployed the technology against #journalists and #humanrightsactivists while…besieged by mass #protests.

@psuPete Recommends – Weekly highlights on cyber security issues, 3/8/25 https://www.bespacific.com/pete-recommends-weekly-highlights-on-cyber-security-issues-march-8-2025/
Four highlights from this week: 89% of enterprise #AI usage is invisible to the organization; The Digital Packrat Manifesto; #Cellebrite Is Using AI to Summarize #Chat Logs and #Audio from Seized #MobilePhones; and #Flock Threatens #OpenSource Developer #Mapping Its #Surveillance Cameras. #privacy #cybercrime

Эксплойт нулевого дня Cellebrite использовался для взлома телефона сербского студента-активиста.

Детальный разбор взлома пользовательского устройства с помощью Cellebrite через уязвимость в USB-драйверах Android.

#exploit #zeroday #hacking #android #cellebrite #serbia

https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/

Epizodu smo snimili dan nakon što je Apple, u kalendarskoj zimi, saopštenjima organizovao prolećni događaj. Dobili smo novi, manje skupi iPhone, nove iPad uređaje, Macove i čip.

[…]

https://sutra.rs/podcast/appleovo-prolece-nijesedesilo-epizoda-055/

#Apple #AppleSilicon #Cellebrite #Framework #iPad #iPhone #Mac

#Cellebrite Is Using #AI to Summarize Chat Logs and Audio from Seized Mobile Phones

https://www.404media.co/cellebrite-is-using-ai-to-summarize-chat-logs-and-audio-from-seized-mobile-phones/

#cybersecurity

Headline: #Cellebrite Is Using AI to Summarize Chat Logs and Audio from Seized Mobile Phones

Subtitle: The proliferation of #AI through law enforcement tools already has civil liberties experts concerned. “When you have results from an AI, they are not transparent. Often you cannot trace back where a conclusion came from, or what information it is based on. AIs hallucinate," one said.

Source: https://www.404media.co/cellebrite-is-using-ai-to-summarize-chat-logs-and-audio-from-seized-mobile-phones/

#Privacy #LawEnforcement

#Cellebrite Is Using AI to Summarize Chat Logs & Audio from Seized Mobile Phones

Cellebrite the company which makes near ubiquitous phone #hacking & #forensics tech used by police officers…has introduced AI capabilities into its products, including summarizing chat logs/audio messages from #seized mobile phones

The introduction of #AI into a tool that essentially governs how #evidence against criminal defendants is analyzed already has #CivilLiberties experts concerned

https://www.404media.co/cellebrite-is-using-ai-to-summarize-chat-logs-and-audio-from-seized-mobile-phones/