Can the Palestinians use it? .. An Android phone application that deletes all its owner’s data when it falls into the police's hands

These days, if you are arrested and charged with a crime, the first thing the police will likely do is take a look at the contents of your phone. The Digital Forensic Department has become the police favorite to secure conviction, or at least gain a broader understanding of the suspect.

However, the tools used to hack phones and extract data are not perfect, and ongoing research indicates that the evidence provided by this administration can be tampered with in some cases.

To draw attention to these issues, a security researcher recently created an app designed to thwart this particular type of intrusion.

The program aims to disrupt the work of Cellebrite, the well-known law enforcement digital forensic company, which has recently come under fire for critical vulnerabilities in its UFED data-mining product (UFED).

The app is called LockUp, and it is designed by Matt Bergen, a senior researcher at the US security firm KoreLogic, and has spent the past two years studying Celebright products.

Bergen made his debut at the Black Hat Asia conference last week (the annual cybersecurity conference held in several cities around the world), and presented it alongside his security research at the company.

In a phone call to Gizmodo, Bergen said the idea of ​​Lock Up is not so much to create a safe haven for criminals as to show potential technical problems with some of the law enforcement's most important data-mining devices.

"Really, I wrote Look Up to support the research that I was doing, and to prove the point that forensic programs are not immune to problems ... I wanted to make it clear that Celebright cannot face all the problems the same way, as there are ways to deceive the forensic program to do so." Of something that no one might be expected to be able to do. "

Bergen's analysis looks quite similar to what is stated in a blog written by Moxie Marlinspike, CEO of the encrypted chat app Signal.

Marlinspike showed how data extracted across corporate devices can be easily tampered with;

This could spoil the evidence.

Since court cases around the world have relied on this technology, the idea that data can be tampered with easily raises a lot of legal issues.

Lock App monitors new app permissions whenever a new program is downloaded to the user's phone (Shutterstock)

How Lock Up protects phone owners?

The way LockApp works is very interesting, as it basically monitors new app permissions whenever a new program is downloaded to the user's phone.

"We are looking at certain things that the new applications require, such as files and certificate metadata associated with the app. If LockApp finds anything it knows, it will reset the target device," Bergen said.

In layman's terms, the app is designed to scan for any new programs being downloaded, and if it identifies any code associated with Celebright, it will activate the self-destruct option, and it automatically starts wiping the entire data.

If you think that this application looks attractive, know that you cannot actually download it from the "Google Play" store or any third-party marketplace;

Because Lock Up is not an app in the strictest sense;

It is just code sentences.

Bergen put his "app" on Github, and hypothetically, if someone had the time and resources, they could take the code and reassemble it into a practical and marketable application;

But that was not the aim of the research.

"The end result that I want to see from all my research is the adoption of new testing procedures that must be performed before forensic tools are used in our courts," Bergen said.

This implies that there are currently no regulations that meet sufficiently high security standards.

This does not mean that the tools sold by digital security and forensic companies should not be used;

But as long as their products are in circulation, the results they produce should be accurate and safe, Bergen says.