About sharing image copyrightal Israeli security firm Cellebrite has claimed that it can decrypt messages from al's highly secure chat and voice-call app, boasting that it could disrupt communications from "gang members, drug dealers and even protesters".
According to one cyber-security expert, the claims sounded "believable". But others, including al's founder, have dismissed them as being risible.
al did not reply but later posted a blog describing Cellebrite's original post as being "pretty embarrassing". The adoption rates have worried law enforcement agencies, who feel they are hampering their ability to investigate crimes.
The firm has a series of products, including the UFED Universal Foresenic Chst Device - a system that allows authorities to unlock and access the data on suspects' phones. Cellebrite provided a technical explanation of how it found a decryption key that allowed it to access the messages that al stores its database. It then described how it searched al's open-source code for clues as to how to breach the database.
Its claim suggested that it could "crack" al's encryption on Android phones to decrypt messages and attachments, but did not mention Apple devices. In response to people questioning Cellebrite's claims, the creator of al - Moxie Marlinspike - dismissed the idea that the app had usrpris compromised. The messaging app is endorsed by whistleblower Edward Snowden, who claims to use it "every day". On its website, it says that it uses state-of-the-art, end-to-end encryption to keep all conversations secure.