Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Amnesty International said that Google has been repaired unknown defects in Android, which allowed the authorities to cancel the lock of phones using forensic tools.
Friday, Amnesty International published a report In detail, a series of three The weaknesses of the zero day It was developed by Cellebrite that the phone does not enjoy, which was found by its researchers after investigating the hacker of the student’s protester in Serbia. The defects are found in the basic Linux USB nucleus, which means that “weakness is not limited to a specific device or seller and can affect more than a billion Android devices”, according to the report.
Zero days are errors in products that when they are found unknown to the program or hardware makers. The zero days allow criminal and government amusers to storm the systems in a more effective way because there is no correction suitable for them yet.
In this case, Amnesty said that it had first found traces of one of the defects in the middle of 2014.
During the investigation of the activist’s phone, amnesty researchers found that the exploitation of USB, which allowed the Serbian authorities, using Celbrite tools, to cancel the activist’s phone.
When it was reached for the comment, Cellebrite, Victor Cooper, referred to statement The company was published earlier this week.
In December, Amnesty stated that it had found two cases Where the Serbian authorities used Celbrite tools to lock activist and journalists, then installed Android spyware known as Novisby. Earlier this week, Advertise Cellebrite It prevented its Serbian customers from using its technology after the abuse of the treatment revealed by the pardon.
“After reviewing the allegations made by the Amnesty International report in December 2024, Celbrite has taken accurate steps to investigate each claim according to our morals and integrity policies. We have found it appropriate to stop using our products by the customers concerned at this time.”
Contact us
Do you have more information about government spyware and their makers? From a non-action device, you can connect to Lorenzo Franceschi-Bicchierai securely to indicate +1 917 257 1382, or via Telegram and Keybaserenzofb, or Email. You can also call the techcrunch via Securedrop.
In the new report, Amnesty said that it was contacted in January to analyze a young activist arrested by the Serbian Security Information Agency (Security and Information Agency Or bia) at the end of last year.
“The circumstances of his detention, and the behavior of BIA officers, are strongly corresponding to the operation method that was used against the demonstrators and documenting us in our report in December. He confirmed the realization of the forensic medicine of the agency that was conducted in January, the use of Cellebrite on the student’s activist’s phone.”
As in other cases, the authorities used the Cellebrite device to cancel the Samsung A32 phone for the activist “without his knowledge or approval, and outside the legally approved investigation,” according to the amnesty.
“The routine use apparently for Cellebrite programs against people to exercise their rights to freedom of expression and peaceful assembly cannot be a legitimate goal,” he wrote.
Bill Marxak, the first researcher at Citizen Lab, a digital rights organization that is achieved in spyware, Books on x Activists, journalists and members of civil society “who may have their phones that have been seized by the authorities (protest, borders, etc.) should consider switching to iPhone”, because of these weak gaps.
In reference to Cellebrite tools, I tell Donncha ó cearbhaill, head of the amnesty security laboratory, Techcrunch that “providing these long -term tools makes me fear that we are scratching the surface of damage from these products.”
Google did not immediately respond to a request for comment.
