FORUMS
Remove All Ads from XDA

Custom rom/mod to block CelleBrite UFED from accessing any info from EVO

177 posts
Thanks Meter: 23
 
By spyngamerman, Senior Member on 20th April 2011, 11:02 PM
Post Reply Email Thread
http://www.thenewspaper.com/news/34/3458.asp

http://www.cellebrite.com/forensic-p...sical-pro.html


regardless of my reasons behind this this makes all phones inherently tappable if stolen etc or from other corporate espionage attempts

this is a serious flaw and i would like to see if its possible for you custom rom bakers to cook us up some protection

if they want my info they should subpoena my records from sprint or Google not be able to brute force into any and every phone with a device

i and many other would be more then happy to donate for such a solution especially if it wasn't dependent upon only 1 rom

seen this but doesn't yet support the evo

http://www.whispersys.com/whispercore.html
The Following 2 Users Say Thank You to spyngamerman For This Useful Post: [ View ] Gift spyngamerman Ad-Free
 
 
21st April 2011, 03:47 AM |#2  
mcmasterp's Avatar
Senior Member
Thanks Meter: 6
 
More
+1 to this for my hd2 too please! or just android
The Following User Says Thank You to mcmasterp For This Useful Post: [ View ] Gift mcmasterp Ad-Free
2nd June 2011, 02:11 AM |#3  
Junior Member
Thanks Meter: 0
 
More
I'll throw in
We should start a Kickstarter for this or something. Either way, count me in to contribute $150+
2nd June 2011, 02:26 AM |#4  
Senior Member
Flag United States
Thanks Meter: 191
 
Donate to Me
More
I could foresee a specific app that launches when plugged into a computer.

If the phone fails to receive user authorization or is plugged into a blacklisted device (say, CelleBrite UFED), then the phone is locked down/wiped.

And/or spoof information, a fake system dump.
The Following User Says Thank You to tropicalbrit For This Useful Post: [ View ] Gift tropicalbrit Ad-Free
2nd June 2011, 02:34 AM |#5  
OP Senior Member
Thanks Meter: 23
 
More
Quote:
Originally Posted by tropicalbrit

I could foresee a specific app that launches when plugged into a computer.

If the phone fails to receive user authorization or is plugged into a blacklisted device (say, CelleBrite UFED), then the phone is locked down/wiped.

And/or spoof information, a fake system dump.

excellent thinking glad im not the only paranoid one at this point :P
2nd June 2011, 02:43 AM |#6  
{ParanoiA}'s Avatar
Senior Member
Flag Ocean View, NJ
Thanks Meter: 175
 
More
or make it so ur phone gives it a virus or borks the device somehow
2nd June 2011, 03:07 AM |#7  
Senior Member
Flag United States
Thanks Meter: 191
 
Donate to Me
More
Quote:
Originally Posted by {ParanoiA}

or make it so ur phone gives it a virus or borks the device somehow

Wouldn't want to screw up the device, they ain't cheap. A bit too aggressive
8th April 2012, 03:43 PM |#8  
Junior Member
Thanks Meter: 1
 
More
Bumping for continued interest.
The Following User Says Thank You to jverity For This Useful Post: [ View ] Gift jverity Ad-Free
9th April 2012, 07:04 AM |#9  
OP Senior Member
Thanks Meter: 23
 
More
im not sure if the fulldisk encryption option in android negates this or not but i believe with ICS if u have full disk encryption enabled should negate what this can do correct me if im wrong
12th January 2013, 05:19 AM |#10  
Senior Member
Thanks Meter: 17
 
More
Quote:
Originally Posted by spyngamerman

im not sure if the fulldisk encryption option in android negates this or not but i believe with ICS if u have full disk encryption enabled should negate what this can do correct me if im wrong

Only if you can manage to power off your device before the cops take it from you. Otherwise, the data partition is already mounted, and they can suck it down into their UFED via the ADB interface.

A question, though: if you have USB debugging disabled, then ADB isn't available over USB, so could the UFED still access your data? The cops would need to turn on USB debugging, wouldn't they? And if you have a pattern/passcode lock, they wouldn't be able to get into the settings to do it.

Anyway, encrypting your data partition and powering off your phone before the cops get to it is the safest option. Use a really long passphrase, though, because they could still grab an image of your encrypted data partition and take it to a lab where they could try to brute-force the passphrase.
10th May 2015, 04:16 AM |#11  
OP Senior Member
Thanks Meter: 23
 
More
Quote:
Originally Posted by whitslack

Only if you can manage to power off your device before the cops take it from you. Otherwise, the data partition is already mounted, and they can suck it down into their UFED via the ADB interface.

A question, though: if you have USB debugging disabled, then ADB isn't available over USB, so could the UFED still access your data? The cops would need to turn on USB debugging, wouldn't they? And if you have a pattern/passcode lock, they wouldn't be able to get into the settings to do it.

Anyway, encrypting your data partition and powering off your phone before the cops get to it is the safest option. Use a really long passphrase, though, because they could still grab an image of your encrypted data partition and take it to a lab where they could try to brute-force the passphrase.

yes good points

the simplest method i find to protect against this is use Full disc encryption for starters

then use cryptfs to set a long ass password for preboot and keep a short pin for lockscreen that's reasonable and have a nice shortcut for immediate poweroff on lockscreen if concerned about this and then powering off is easy/fast

and ofc keep usb debugging off unless needed

if your really adventurous you can also use yubikey key second slot for partial password for the preboot if you have a microsd adapter for it and your device supports it preboot via OTG etc as input

then
type in a brainpassyouknow+yubikeyslot2

and its 2 factor auth and secure as **** long ass random password combining something you know and something you have
The Following User Says Thank You to spyngamerman For This Useful Post: [ View ] Gift spyngamerman Ad-Free
Post Reply Subscribe to Thread

Tags
cellebrite, cellebrite ufed

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes