[cryptography] Fwd: Re: Commercialized Attack Hardware on SmartPhones
jacob at appelbaum.net
Sun Mar 2 12:23:07 EST 2014
Have you seen the cellebrite gear and their forensics tools?
My understanding is that their UFED gear attempts to exploit various
bugs in phones.
Here is one of their people talking about exploiting 0day bugs to gain
access to Android phones:
Also I'd encourage you to see these documents as well:
They also appear to host events to discuss their bootloader
There are lots of other vendors that are similar. I've also had people
approach me about Cold Boot attack weaponizing - I always decline.
However - some of those people are certainly offering "boutique"
Here is a good overview:
https://csg.utdallas.edu/ wp-content/ uploads/ 2013/ 02/
This is perhaps the most interesting document - it shows the phone by
phone, model by model capabilities for UFED Ultimate as of ~2013
(~3036 phone models):
It lists the OS, the apps that they target, if they can reconstruct
the full system, and so on:
Vendor Model Physical Extraction Bypass Lock File System
Extraction Password Extract Platform File system
Reconstruction SMS Contacts Call
log MMS Bluetooth locations Notes Bookmarks Email Accounts cookies Dictionary Viber facebook FaceBook
Messanger WhatsApp Google Plus Skype Google
Talk twitter PingChat Gesture
Decoding calendar BBM Tasks Chat Passwords Web
History MotionX VoiceMail Application Usage WiFi Installed
Applications Garmin TextNow TigerText Fring twitterrific TextFree Yahoo
Messenger foursquare Ping Chat Waze dropbox User Code
All the best,
On 3/2/14, Tom Ritter <tom at ritter.vg> wrote:
>> ---------- Forwarded message ----------
>> From: "shawn wilson"
>> How about a dictionary and rules. Even if you choose an alphanumeric
> "strong" pass, you're kinda limited to the phone's keyboard - you're not
> going to want to switch case or between letters and special too often.
> Also, IIRC Android limits length to 15 chars. I also don't think the screen
> lock can be different than the boot pass (so everything I said above should
> hold true).
>> Basically what I'm saying is use hashcat.
> In regular use I agree completely. But in my threat model (what I'm
> preparing for) is 'prepared use' - you're knowingly crossing a border or
> attending a protest, want/need your phone, and are willing to have a
> painful password for a short bit.
More information about the cryptography