Shahar Tal – Director of the Research Group at Cellebrite – has built an extensive and impressive career within the realm of R&D. Hailing from an elite military background, Shahar in his current role oversees Cellebrite’s research efforts to provide extraction-enabling solutions – for all devices of interest, including the most complex and challenging.
Read up on his career highlights, opinions on Cellebrite’s future in digital forensics as well as advice to newbies entering this technological sphere.
Have a question for Shahar? Leave us a comment below!
Shahar, you are the Director of the Research Group at Cellebrite. Tell us a bit about your role. What does a day in your life look like?
In my role, I am responsible for Cellebrite’s research efforts to provide extraction-enabling solutions for all devices of interest. This core role within the company helps define what our products and services can do. Our unmatched research is one of our strongest differentiators, creating high expectations among our customers and colleagues. My job is to ensure that we continue developing unique capabilities to match these expectations. Luckily, I have several research teams made up of top talent that are dedicated to the task in each different research domain. They deserve a lot of the credit for the technical breakthroughs achieved at Cellebrite.
What does a typical day at the office look like?
Hectic – with dozens of ongoing research projects in various stages! One moment, you may hear cheers and excitement from one of the rooms, where researchers successfully discovered a new extraction method for a previously unsolved device; the next moment, you take part in a critical design review for the next UFED version, while simultaneously reviewing open issues and feature requests for five other projects. After lunch, I usually interview several candidates to join the research team, and then round-up the team for a weekly follow-up of progress and status.
The most gratifying moments are when we receive customer feedback – that praise both our technology and efforts, which enable them to solve a critical case, that may happen to appear all over the news that week. This feedback is significantly rewarding, and contributes to the drive and motivation behind our work every day.
Can you tell us a little bit about what first sparked your interest in digital forensics?
I am still a newcomer to the digital forensics field, and I learn from the experts and my peers at Cellebrite every day. Coming from a research background, my introduction and continued involvement in the digital forensics arena are incredibly interesting. I think it is crucial for a researcher to understand the needs and concerns of the end user, and that is why I personally follow and often respond in community forums and mailing lists.
Shahar, you hail from a military background. I can imagine that this is quite different from work in the private sector. Can tell us how working in the private sector compares with the military life?
I have a history in elite army R&D units, and in many ways these years have provided the best training possible – by shaping the nature of my work and sharpening my skill sets. Working under tight schedules in an environment where product performance and reliability are absolutely critical, helps you sharpen your instincts and prioritize tasks accordingly. I am also delighted to have had the opportunity to work with some of the best talents in the world on extremely challenging projects.
When comparing, I find that the private sector brings many new aspects into play – where cooperation and outbound communication are legitimate and important facets of your role. I enjoy taking part in and interacting with the research community; I regularly attend and sometimes speak at conferences around the world. I welcome potential collaboration opportunities and keep an eye out for new developments in the field.
This year has been a big year for Cellebrite’s technologies. Which current trends in forensic computing particularly interests you, and what new challenges do you foresee in the future?
I believe the challenges of encryption are strongly influencing the forensic landscape already, and will continue to do so in the coming years. Full Disk Encryption has easily been the most significant mobile forensics game-changer since last year, in effect rendering chip-off/JTAG/ISP methods useless in all new devices. This landscape shift leaves on-device unlocking capabilities as the only alternative. Fortunately, this is where Cellebrite, as the forensics research leaders, have excelled throughout the years.
I also expect that we will continue to see device manufacturers implementing more layers, mechanisms and obstacles, further challenging evidence extraction. We see this today and witness the difficulty and resources invested per solution – which is increasing steadily.
And, moving forward – what does the future hold for Cellebrite? What can we expect to see over the next year or so?
Cellebrite is making great strides in providing a complete digital intelligence portfolio. Our dominant extraction capabilities are only where it begins, and I think many law-enforcement and intelligence investigative practitioners will be excited about what’s coming next.
I expect to see us maintain our leadership in device unlocking services – being the first to provide the technology to unlock a newly released device, while simultaneously seeing our analytics platforms integrate into many agencies’ processes and infrastructure.
I think that we definitely have the ability to change people’s perspectives when it comes to mobile forensics. That is, to make people realize that a locked device is not a dead-end road, and that they can turn to Cellebrite – who can help them recover the most available data possible from locked as well as encrypted iOS and Android devices.
As you stated, you are a newbie of sorts to digital forensics. Do you have any advice for individuals who are just starting out in their digital forensics career?
Be prepared for a rapid rate of change, and understand extraction challenges. Digital forensics is no longer restricted to decoding and analysis of data – examiners and responders from the lab to the field should have a deep understanding of what is possible to extract and under what conditions. Stay involved, read about technology and security research news, be prepared to learn something every day – this will give you an edge in a field where you can never learn enough.
Finally, when you’re not working, what do you like to do in your spare time?
I enjoy spending time with my family, reading books and playing puzzle games with my young daughter. I am a serious basketball fan and a less-serious, mediocre player – on good days. My favorite team since childhood is Hapoel Jerusalem… and occasionally you may find me waking up at 03:00 AM to watch NBA matches.
Click here to learn how Cellebrite’s mobile forensic solutions meet your investigation needs.
Follow Shahar on Twitter: @jifa