undefined | Better HN

0 pointsZak5y ago0 comments

The vulnerability claimed here doesn't necessarily crash the computer running the software. It runs arbitrary code, and said code is able to modify the data Cellebrite extracts. It is not clear whether it is possible to detect whether data collected in the past is compromised.

There may be mitigations, but without knowing the full details of the exploit, it sounds a lot like reasonable doubt to me. A good lawyer would spin it exactly that way, putting any cases without sufficient corroborating evidence in jeopardy.

0 comments

wglb5y ago

If the data is off on another server, it seems unlikely that past cases can be compromised.

There are a whole set of rules about challenging evidence, including electronic evidence. Keep in mind that the other side gets a crack at it also. It is unlikely that the whole case would be thrown out because of a corrupted file. Reasonable doubt is not part of the forensic process--this is what a jury needs to consider to render a verdict.

As pointed out elsewhere, many uses of this tool are extrajudicial.

holtalanm5y ago

> If the data is off on another server, it seems unlikely that past cases can be compromised.

That isn't the point being made here. The data could have been compromised at the point of when it was gathered, not any time later.

j / k navigate · click thread line to collapse