wordpress blog stats
Connect with us

Hi, what are you looking for?

Daily Digest of Tech Policy News and Updates (April 22, 2021)

Bringing you quick updates on the tech space, policy making and digital rights from India and across the globe.

Signal creator claims Cellebrite can be easily sabotaged

Moxie Marlinspike, the the creator of messaging app Signal, has written a long blogpost calling out various vulnerabilities in Cellebrite’s devices. Cellebrite, an Israeli firm, is (in)famous for providing various spyware software products and services which are being used by law enforcement agencies across the world, including in India. Cellebrite devices have been used to unlock iPhones. Marlinspike, in the blogpost, claims to have found a Cellebrite equipment fall off a truck.

“We were surprised to find that very little care seems to have been given to Cellebrite’s own software security. Industry-standard exploit mitigation defenses are missing, and many opportunities for exploitation are present,” he wrote. Marlinspike said that the way Cellebrite’s products, by virtue of their design, had many vulnerabilities that could allow attackers to tamper them by using an “innocuous file”.

“Any app could contain such a file, and until Cellebrite is able to accurately repair all vulnerabilities in its software with extremely high confidence, the only remedy a Cellebrite user has is to not scan devices,” he said.

It is hard to say what exactly prompted Signal’s show of force against Cellebrite. However, if the blog post is any indication, the trigger could have been Cellebrite announcing a few months ago that it could break into Signal’s security protocols as well. Signal subsequently rubbished the claim, saying that Cellebrite only added support to its Physical Analyzer device for file formats used by Signal, nothing more.

Advertisement. Scroll to continue reading.

Read: Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app’s perspective [Signal blog]


Top Stories From MediaNama


ICYMI: NAMA Event Announcement

MediaNama invites you to apply to attend an online discussion on how the IT Rules 2021 will impact Intermediaries. Our subscribers get priority invites for our events and need not apply. Here’s the agenda and reading list. Subscribe here to support our work.

  • Date: April 23 (Friday), 2021
  • Time: 2:00 pm IST onwards

Spotify, Match and Tile criticise Apple for anti-competition moves

Spotify and Tinder-parent company Match accused Apple of abusing its dominance in the mobile app store market. In a senate hearing on Wednesday, executives from the companies testified before the United States Senate’s antitrust committee. Horacio Gutierrez, Spotify’s chief legal officer said, “Apple abuses its dominant position as a gatekeeper of the App Store to insulate itself from competition and disadvantage rival services like Spotify.”

Jared Sine, Match’s chief legal officer, said Match was afraid of retaliation of companies like Apple and Google. “We’re all afraid, is the reality, Senator.” Tile’s general counsel Kirsten Daru said Apple had refused to give Tile access to a chip in iPhones in order to give a leg up to Apple’s own competing product AirTags (launched earlier this week).

Read: Apple Accused of ‘Power Grab’ in Senate App Store Hearing [Bloomberg]

Ex-Google employees launch neobank Fi

Bengaluru-based neobank Fi announced the launch of its services on Thursday. The company was founded by ex-Google employees Sujith Narayanan and Sumit Gwalani. The neobank — digital banks that don’t have physical branches — will focus on salaried employees. The company has partnered with Federal Bank to allow users to open savings bank account and get debit cards in, supposedly, less than three minutes.

TikTok faces lawsuit in UK over use of children’s data

TikTok is being sued for damages worth billions of pounds in the United Kingdom over allegations that it had illegally harvested private data of children. Anne Longfield, a former England Children’s Commissioner, brought the forward in a London court on behalf of children aged under 13 and under 16 in the European Economic Area.

The lawsuit alleges that TikTok and its parent company ByteDance had violated UK and EU’s data protection rules, deceiving parents about how exposed their children’s private information was. The case potentially reportedly affects more than 3.5 million children in the UK alone.

Advertisement. Scroll to continue reading.

Read: TikTok faces UK lawsuit over alleged kids’ data breach [AFP]

 

 

You May Also Like

News

Bringing you quick updates on the tech space, policy-making and digital rights from India and across the globe.  E-commerce services face hurdles in Assam,...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ