Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
The Little-Known Firm Helping the FBI Crack iPhones (bloomberg.com)
138 points by adventured on March 31, 2016 | hide | past | favorite | 42 comments


Cellebrite is an Israeli company, not Japanese. They are owned by a Japanese parent company, but I'd argue that is not the same.

Volkswagen owning 100% of Lamborghini does not make the latter a german car manufacturer.


Yeah, I'd say that this is actually a piece intended to try to prevent any political fallout with a close ally of the US (Israel) at the expense of the nuclear whipping boy (Japan).


I'd say this is mainly financial news, where the ownership and stock market representation is actually relevant. But it's a very weak piece to learn much about Cellebrite, and makes it sound like they build pinball machines and games before hacking iPhones.


It sounds like Cellebrite employees are largely ex unit 8200 members (Israel's SIGNIT program).[1] The article really doesn't seem to talk about Cellebrite's history much at all.

[1]http://www.pbs.org/newshour/bb/fbi-cracks-the-locked-iphone-... (he says unit 822 :/, doh)


Any tech company in israel is largely ex unit 8200 members, along with other military tech units such as Mamram, Lotem, Matzov, Ofek and more.

The Israeli military enlists every 18 year old in the country, and if you've studied computers in high-school or at home as a hobby, you're more than likely to spend 3-6 years in a technological unit.


Is 8200 really considered to be just a "technological unit?" They're one of the most advanced military SIGINT organizations on earth, aren't they?


Israeli company helping the FBI investigate a terrorist's phone. Why would this cause political fallout? That's exactly what allies are supposed to do for each other.


I'd say that in many ways Japan is more important an ally than Israel.


Far more importantly, strategically. But Japan has a fairly firm and stable political position compared to Israel. So it does not weigh on either side.


Israel's political position is not under serious threat except maybe the governance of the occupied territories. I suppose they have more vocal allies in the US Congress.


Israel's unknown unknowns make it far more precarious.

The wrong suicide strike at the wrong religious site... and 190 million Arab Muslims are now faced off against a:

• nuclear-armed nation

• populated largely by the survivors of genocide and their descendants

• with one of the most advanced militaries in the world,

• squeezed into a space no bigger than New Jersey

• surrounded by enemies on all sides.

If that's not a recipe for regional chaos.... I really don't know what is.

Which is probably why their lobbying of the United States (and Russia as well) is so sophisticated.


Can you produce any evidence to support your theory?


The headline is evidence for his theory. It's just not particularly strong.


Ok, we've made the title just say "Firm".


> "... built its business on pinball game machines and stumbled into the mobile phone security business almost by accident." (first paragraph)

Pinball? In Japan? this isn't going to be pinball.

> "has been building pinball-like game machines found in Japan’s pachinko parlors since the 1970s" (third paragraph).

So it isn't pinball at all, it's pachinko. I know this is almost besides the point, but do Bloomberg really have such a low opinion of it's readers they think it's impossible to explain? To me at least it reads like:

"Tiger Woods, who rose to fame playing a football-like game across golf courses in America..."


A bit unfair since "pinball machine" used to refer to exactly what a pachinko machine is for a couple of hundred years before the "modern pinball" arrived.

(https://en.wikipedia.org/wiki/Pinball has the first bagatelle spring plunger around 1750 and flippers around 1947)


IMO it's a difference worth mentioning when pachinko is a big enough addiction there to make $187B in 2014 (vs US casinos $65.6B) and cause child deaths (while I was there, maybe is better now)

https://news.google.com/newspapers?nid=1370&dat=19960702&id=...

I get a different sense of lucre when I hear "left the pinball industry for better margins" (pocket change gaming) vs left the gambling industry (life savings gaming)


The revenues from Pachinko are complex and should not be directly compared to a trackable traceable business.

Pachinko is the primary method for the Yakuza to launder money, there's a reason there's one on every corner. Cash for tickets, tickets for cash/prizes. Clean money.

The addicts are a bonus.


While pachinko is huge in Japan, pinball is also very popular. Source: My Uncle worked for Williams pinball, and Japan is where they made most of their money.


Would love to see a non-anecdotal source on this, as my understanding is that pinball sales in the US absolutley dwarfs totals for the rest of the world. Not saying Williams didn't do lots of other sales in Japan, but pinball-as-in-two-ish-flippers pinball sales should be highest in the US.


source to my point:

>Yuske believes that Japan’s love of video games is part of the reason why pinball has had trouble taking hold—why the game is more of a foreign curiosity for most than a cultural mainstay.

http://motherboard.vice.com/read/the-silver-ball-planet-insi...


It was huge in the past but nowadays shows signs of a dying industry.

http://thisishansu.com/language/en/pachinko-gambling-busines...


It's kind of fair that they assume people might not know what pachinko is, but I'd say "slot machine" would be a far better comparison than "pinball machine".


It turns out Pachinko and Pinball are derived form the same ancestor. A surprisingly good history of it is here: http://elblancosretroworld.blogspot.com/2013/10/revenge-of-g...


Because worldwide recognition of golf is on a par with pachinko?


So basically the NSA/CIA develop the tech, license it to a contractor, who the FBI can then hire. Got it. I bet they know who to use it on before they even need to through Parallel Construction too. This is what the future looks like.


That's just speculation.


There are many outside the NSA capable of developing brute force security bypass for the right price.


Thought exercise/serious question- could the DMCA be used to compel cellbrite to disclose the methodology to apple so that it can be patched?


It’s a fairly straightforward method for a researcher to identify what has been changed, and from that reverse-engineer what the flaw was and then build a tool to exploit that flaw

I'd say this is a bit of an oversimplification.


Given Apple's almost unlimited cash they could always make companies like this an offer no intelligent person could turn down (especially if public) and have them explain what they do.


Apple should stop being stubborn and start offering up a bug bounty program and start paying out big $$.


When you mix with operative/intelligence crowd - the work is incredibly fun, the access you have to all kinds of info (and people and gear) is unprecedented and the generous compensation is a nice side effect.

Apple can top the compensation, but not the first two parts.


Those who know don't say, those who say don't know.


I wonder, is Apple hiring such companies to poke holes at its OS before it gets out of beta, or even after it's launched? Because if not, maybe they should.


Yes, they are.

http://www.engadget.com/2016/02/03/apple-legbacore-thunderst...

"All was quiet after the researchers' announcement, and for good reason: Apple purchased their security firm -- LegbaCore -- just two months after news of Thunderstrike 2 broke. According to the company's founder Xeno Kovah, the team is going to be working on "low-level security" at Apple, which we'll take as shorthand for making sure that OS X's firmware is less susceptible to attacks in the future."


They don't need to. It seems to be widely accepted that they most likely used NVRAM cloning.


Misleading title - it's a Japanese owned Israeli company.


I wonder if their approach only works on iphone5 and not the 6? I thought I read somewhere the 6 has more advanced security features?


We will really only know if they release what they did. My assumption is that it will not work with iPhone 5S and later.


anyone have links or info. on how they actually got past the security measures?


0-day exploits changing hands for cash is hardly new. Stuxnet alone had 4 according to Symantec.

Israeli army units and companies founded by ex-army elite are highly involved in discovering/buying 0days, iOS or anywhere else




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: