@wolf480pl very good question, there are investigations going on that have indicated that the NSA may have collaborated (or exploited) Sun Microsystems along with Microsoft to ensure they had exploit material available for their operations. This vulnerability is not one of those and apparently just slipped the net and went unnoticed except by attackers who kept it a private exploit for well over 6 years.
@thegibson @dazinism @z @bill Thanks for the kind words! I agree with what many others are saying here in thread, there was a catalogue of security vulnerabilities and it's not just isolated to Cellebrite products (although the Moxie bug certainly gives legal weight to the data integrity of any case that used Cellebrite software). Those products are expensive, supplied to LE and thus don't get the same set of eyes on them as more widely distributed software. They are all awful with lots of bugs.
AMAZING! A Chinese team have rolled checkra1n jailbreak and combined with filesystem hacks to remove iCloud activation locks. $140. :)
@requiem set's a legal precedent that America can remotely login to French computers and erase evidence of Chinese hacking attacks, without any care for lawful retention in the European Union or anywhere for that matter. America was always going to enforce a government backed "hack back" movement which is why the people need to campaign for their cyber 2nd amendment rights to also use "hack back" as a deterrent to government tyranny.
Co-Founder https://hacker.house - cyber security assurance services & hacker training, author ISBN9781119561453, a book about professional hacking. Sysop of UNIX Hacker's Fraternity (uHF) BBS ~ https://hackerfraternity.org
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!