Signal vs. Cellebrite: Restricting Expanding Search Powers - Anonymous
Cellebrite is a digital forensics company. Among the products they produce are two pieces of software, the Universal Forensic Extraction Device (“the UFED) and Physical Analyser. The two software work in tandem with one another. The UFED creates a backup copy of whatever files are on the digital device it is fed, and Physical Analyzer makes the data browsable by sorting and displaying the data. Together, this software is capable of extracting data ranging from encrypted conversations from your Pokémon GO user data. Cellebrite’s products are only available for purchase by law enforcement, intelligence agencies, military, and similar societal security groups. The Royal Canadian Mounted Police (“the RCMP”) has been using Cellebrite for years to access encrypted cell phones and other password-protected devices.
The states ability to obtain text messages
R v TELUS Communications Co(“Telus”), a decision by the Supreme Court of Canada (“the Court”), discusses the matter of privacy in messaging which uses services provided by phone service providers. Telus demonstrates that the state can gain access to files stored by a cell phone service provider through production orders or through an act of volition by the service provider. In R v Jones, the Court had made a minor distinction between historical and future text messages, such that reasonable expectations of privacy in respect of the former would be lesser than those in respect of the latter. As such, it is easier for the state to receive approval to obtain private, past messages. Frankly, this distinction between law enforcement being able to receive authorization to obtain historical text messages but not to intercept future text messages is, in most cases, a trifling one. Future text messages become past text messages quite quickly.
Messaging and data transfer that occurs through means not supported by service providers are a different story. The state’s ability to access private records is not so clear when the data being sought is not held or transferred via a service provider. R v Vice Media Canada shows one scenario in which data not stored by a service provider may be compelled. In Vice Media Canada (“Vice”), a Vice journalist had communicated via Kik Messenger with a Canadian ISIS member. The state produced a production order compelling their communications be brought forth, which Vice challenged. The Court supported the production order, and the communications were to be brought forward. Vice deals with a corporation and communications that were made by and in support of that corporation. It is unclear from Vice whether the same production order could be made applicable to private citizens, but it is not unreasonable to assume that it would.
Ultimately, there are means by which the state can access your private information constitutionally. This is where software such as Signal becomes of interest. Signal is open-source software that provides access to end-to-end encrypted messaging. Edward Snowden is a big proponent. On December 10, 2020, Cellebrite put out a release entitled “Cellebrite’s New Solution for Decrypting the Signal App”. The release stated that Cellebrite had found a way to break Signal’s encryption technology, allowing even more access to private records that the state opts to peruse. On April 21, 2021, Signal put out a press statement. The statement had a number of interesting claims and demonstrative photos and videos. Signal had gotten a hold of a copy of Cellebrite’s software and the hardware used to implement it. Signal then found a number of holes and illegalities in the software. Signal found that it was possible “to execute arbitrary code on a Cellebrite machine… by including a specially formatted but otherwise innocuous file in any app on a device that is subsequently plugged into Cellebrite and scanned. There are virtually no limits on the code that can be executed”. In other words, if an app had such an “arbitrary code” within it and that app was on a cellphone that was scanned by Cellebrite software, the “arbitrary code” within the app would execute and could essentially do anything the programmer wanted to do to the Cellebrite software and the machine running it. Signal stated that such an “arbitrary code” being triggered could be used to “undetectably alter previous reports, compromise the integrity of future reports… or exfiltrate data from the Cellebrite Machine”. Lastly, it is possible to “execute code that modifies not just the Cellebrite report being created in [the current] scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices” in a multitude of ways.
Signal ended the statement by saying that new files that “never interreact with Signal software or data, but they look nice” have been added to the Signal app. This is a not-so-subtle way of saying that cellphones with the Signal app, whether the app itself is scanned or not, would render Cellebrite software permanently useless as well as render previous reports useless. Cellebrite’s December 10 press release has been taken down so people cannot access it. Funnily enough, you can still access it via the Internet Archive.
In the advent of police search and seizures of cellphones, production orders, and the general diminishing of privacy, one true Robin Hood app has taken it upon themselves to directly challenge the leading technology forensics company in the world. Those who wish to have their phones secure from third party decryption can simply download Signal to their phone. This advent does not prevent police incursions into luring or entrapment of people online, but, for the most part, people communicating with strangers in such a way as to warrant entrapment are probably doing things that are sketchy at best. Regardless, protection of privacy and expression are important principles protected by the Canadian Charter of Rights and Freedoms, and there is a general tailspin into securitization that is increasingly inhibiting these rights. The drive towards securitization is spurred on by the state, and the protections afforded by the state in response are encouraged by the populace, being guided in their opinion by the state itself. At some point there must be checks in place that slow the development of government surveillance software and afford some sort of expectation of privacy that is actually reasonable.
It will be interesting to see if there are any cases brought forth challenging the use of Signal in the future. Challenges on grounds that Signal is hindering police work seem reasonably foreseeable. As always, there is the other side of the argument, in this case that Signal has given an effective means of burying evidence to criminals who really should see prosecution. There are plenty of cases that support this argument. One example is Aaron Driver’s encrypted messages hiding the extent of his bomb plot, resulting in a shootout and partial detonation of a bomb. The validity of the argument on grounds of ensuring public safety is obvious. On the other side of the argument, however, remains the access to privacy and the ability to communicate free from state interference. Blackstone’s Ratio comes to mind here; “It is better that ten guilty persons escape than that one innocent suffer.”