Oz sports’ pee-samplers outed buying Cellebrite phone-crack kit
Fill the jar and hand over your iPhone, sir
Australia is ramping up its use of phone-cracking technology to crack serious criminals: its peak sports anti-doping body has taken a Cellbrite licence.
ASADA, the Australian Sports Anti-Doping Authority, announced the near-AU$13,000 licence at the government's tender site in April.
The announcement says ASADA is using the company's UFED (Universal Forensic Extraction Device) 4PC Ultimate system, which the company says “performs physical, logical, file system and password extraction of all data (even if deleted) from the widest range of devices including legacy and feature phones, smartphones, portable GPS devices, tablets and phones manufactured with Chinese chipsets.”
Congressional group asks FBI boss Wray to explain Apple lawsuitREAD MORE
In law enforcement environments, phone cracking in Australia occurs under warrant (or with the owner's permission, which would be an unusual case since if owners are giving permission, they could simply unlock the phones themselves).
That's why ASADA's decision to grab a cracker could raise eyebrows: its role is checking sportspeople's urine for drug traces, and while trafficking is a serious crime, police pursue pushers, not ASADA.
The body told the ABC, which first noticed the tender, that its purchase was in line with government procurement guidelines.
+Comment: Australia's government has joined the USA and the UK in searching for ways to legislate its way around encryption, while enthusiastically adopting technology that does just that.
Two years ago, it might have been reasonable to doubt Cellebrite's claims for its products, but governments continue to buy its products. The federal government's tender site identifies the Department of Defence, the Australian Securities and Investments Commission, the Department of Home Affairs, the Department of Human Services, the Australian Federal Police, the Department of Jobs and Small Business, and the Australian Taxation Office as customers.
In America in April, ten members of Congress asked FBI boss Christopher Wray to explain why, with tools like Cellebrite and GrayKey, the FBI couldn't unlock 7,800 phones in its possession (one reason, we learned this week, was that most of the 7,800 phones didn't exist - or rather, existed multiple times).
The enthusiasm for Cellebrite devices here also justifies fears of scope-creep, raised mostly in the context of the country's data-retention regime, but strongly in evidence in the list of Cellebrite customers above.
Rather than being used to investigate the most serious crimes, it looks like world+dog is finding justifications to get into the business of busting into smartphones.
That leaves little room for confidence that other kinds of encryption backdoors would be confined to the “terrorism and child exploitation' investigations trotted out by anybody who resents encryption. ®
Sponsored: Becoming a Pragmatic Security Leader