- LockUp is a new app that aims at stopping cracking into phones.
- The maker of the app wants to stop the misuse of forensics software.
- Cellebrite is the leading company that supplies such tools to global governments.
It is very likely that your phone will be the first thing the police will take into their custody should you find yourself caught in an unwelcome situation. Police in several countries have gained access to some advanced tools that help them pry into a locked smartphone for data. While tech companies do not advocate cracking tools, the need for them has led to the growth of digital forensics to understand more about a convict. But given the nature of technology, it may be prone to tampering. And to do away with it potentially, a researcher has developed an app that obstructs the use of such tools and deletes data on your phone.
LockUp is a new app that Matt Bergin, a senior researcher with security firm KoreLogic, has developed. Bergin showed off his work at last week's Black Hat Asia cybersecurity conference. The programme inside the new app is meant to thwart digital forensics apps such as Cellebrite from gaining access to a locked smartphone and snooping on the data saved into it. Bergin, however, has said that LockUp is not meant to become a hurdle in legal proceedings, including the use of data extraction tools, against a criminal. "The idea behind LockUp isn't so much to create a safe haven for criminals," the researcher told Gizmodo.
Bergin explained that the idea behind LockUp is to unearth and prove that forensics software that police are using to extract data from super-secure devices such as an iPhone is not that secure itself. The researcher has claimed that even Cellebrite, which is one of the widely-used tools for data extraction, is full of issues. And much like Cellebrite, there are several other types of forensics software that can be tricked into doing something "that you might not expect it to be able to do."
Cellebrite was at the centre of the study that led to the creation of the LockUp app. This Israeli software has often faced criticism for its high level of snooping on secure mobile platforms. Bergin's analysis of the Cellebrite app is very similar to the blog post that Signal CEO Moxie Marlinspike wrote last month. Marlinspike vividly explained how the data that Cellebrite's tools extract can be manipulated, leading to the fudging of evidence. Cellebrite is the biggest supplier of forensics software to the governments of different countries, and since the data from their tools is deemed reliable in court cases, the authenticity of the data raises some big questions.
And while there may still be a long time before Cellebrite intends to come up with a solution to evidence tampering, LockUp is shouldering the responsibility to quash any such attempts, software such as one by Cellebrite may be able to do. According to Bergin, LockUp gets attentive whenever a new programme is downloaded to a user's phone. The app then begins to scour the entire ecosystem for hashes, suspicious files, and the "certificate metadata associated with the application." And in case the search results in nothing, LockUp will perform a programmatic factory reset of the phone in an attempt to weed out this application. This is similar to how your iPhone deletes all the data from your phone after several failed attempts at unlocking are made, given the settings for this functionality are turned on.
Bergin's new app LockUp, however, is not readily available to download from Google Play Store. It is all just a set of codes right now that Berging has uploaded to Github. So, in case you know about app development, you can use the codes and pack them into an APK file that can also be published on Google Play Store for Android phones. But Bergin thinks his new app should have a far greater purpose. The forensics software making companies, such as Cellebrite, should adopt testing procedures before finalising their data extraction tools because the data they fetch can be used in courts. Cellebrite and some other companies that are into making digital forensics software do not follow any regulations or security standards because there are none. LockUp wants to be an alternative to them, at least.