The bad guys are dead, so other than possible associations, why do they care what's on the phone? Morbid curiosity? They still don't need the phone to find associates - it's called good old fashioned detective work, an art that law enforcement seems to be increasingly incapable of doing these days.
Can biometric sensors work as necrometric sensors?
The iphone fingerprint sensor can be defeated by modelling a print off the device itself.
Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.
The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere.
If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).
I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.
Before everyone carried mobile phones, how did the law enforcement agencies go about solving crimes? Would it be possible to go back to doing it that way?
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
That's fine but there is also the Fifth Amendment that protects a person against being compelled to be a witness against himself or herself in a criminal case. I see their phone as being included in that protection...
The US Supreme Court has ruled that corporations are people, but not that computing devices are.
So providing the passcode (or biometry needed to unlock it) isn't self-incriminating, it is simply handing over the key to your house before they simply break down the door.
Funny how the FBI message is about how hard it is for them to get into a terrorists phone and yet not a word about how easy it was for a terrorist to obtain the weapons with which to commit the act of terror.
Before everyone carried mobile phones, how did the law enforcement agencies go about solving crimes? Would it be possible to go back to doing it that way?
It is not a matter of going back. They use every tool at their disposal. Before mobile phones there were no text messages to search.
First, the FBI assumes there is information they need on these phones and this is the issue with court orders they no long have to prove the information they seek actually exist, they just say they need to look to see if it does exist.
Base on some of the information which leak out like the computer they used were clean of any incriminating information, but why do you need incrimination information when you already know they did it. They also said they could not find the HDD of one of the computers which lead the FBI to believe they dispose of it. If they were this smart they probably cleared their phones of any information as well or dispose of the phones which had any information.
I think the police would have to first prove what they are looking for in fact exist before any court order is issue to gain access to information.
As someone already said, the FBI are idiots to making publicly known they are not able to gain access. This is not going to help their case pointing this out, The government will be hard press to change the rules since companies like Google and Apple will make sure the general public knows the government is trying to under mind your privacy.
BTW, if you encrypt you computer files and email with PGP the government can not break into that information either and that program has been around a long time.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
The trouble is, how would you know those pictures are on the device without getting into it first? If they KNOW they are there (i.e. they have proof) and the defendant blocks access then there are laws to charge him/her for that offence. If they don't KNOW the photos are on the device, what right have they to force it to be unlocked to check? I'm sure entire cases and prosecutions don't hinge on access to one device, there must be other evidence and facts surely.
This is the exact point, It like the government knowing the criminal buried information in the woods somewhere in the world which contains the incriminating information they need to file charges. So they get a court order to compel the criminal to tell them where to dig. It is going to happen, but the government gets all upset they do not have the ultimate power can not force anyone to do what they want.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
There's a difference in type of crime, yes, but to open the door for one you open the door for everyone. A security system that's a little bit insecure is like being (since you like analogies) a little bit pregnant. Sorry, but you're either secure, or you're not. There's no middle ground.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
Your claimed back door in the 4th didn't force homebuilders or owners to build structures with doors and windows that could be entered by anyone except the owner...
And if you have enough grounds to suspect the pedophile to obtain a court order to require Apple to unlock the phone, you have enough grounds to subpoena the information on the phone from its owner (unlock it please). If they don't then they're in contempt.
This is not actually the case. The suspect is not required to provide the passcode to investigators pleading their Fifth Amendment right, however, in one case in Virgina their court ruled that the suspect can be forced to unlock the device using TouchID.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
So before cellphones, how in the world did law enforcement do their job???? Oh, that's right, they used the resources they had! We spend BILLIONS of dollars every year on national security - let them do their jobs with what they already have. It's that simple. We DO NOT need to give them access to our information whenever they ask for it. We should be able to fully and securely protect our personal information. And please quit using the scare tactic of finding pedophiles as the reason law enforcement should have total access to our data. We do not live, thankfully, in an "any means necessary" society. If that's what you want, I'd be happy to point you to a couple places in other parts of the world that should meet your criteria.
The iphone fingerprint sensor can be defeated by modelling a print off the device itself.
Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.
The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere.
If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).
I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.
No, it doesn't take days. A university researcher demonstrated doing it using a fingerprint lifted from the actual phone and it took a a few hours. The capabilities available to security services for 'national security' cases go way beyond that, besides they had the corpse and didn't need to lift a print of anywhere. It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.
If needed the authorities can take a HD that has been broken into pieces and stick them in a magnetic force microscope and read the bits back off, even if it was 'erased' several times before being broken up.
If they 'really' wanted the data they could just unsolder the flash chips and read out their contents directly. If he actually had encrypted the whole thing it might take an extra hour or so for the NSA. THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.
I think this FBI person needs to talk to the right people.
Why do they think they are entitled to this? Because they label them terrorists? Even criminals have rights. It's all that keeps them from framing anyone they desire.
I don't give a shit what you want FBI. Solve your crimes another way.
Probably it was fairly easy to get a warrant for a search given the two people were sort of a slam dunk as having committed those murders. The gunfight recorded on video would have been probable cause for a search warrant up the wazoo. Then there's the bomb parts and bombs....
VERY 4th Amendment. "Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
ETA: "If the people are dead where that doesn't work, well problem is solved anyway, they're dead"
The flaw in that is assuming the dead acted solely alone and that's probably rarely the case: they got the weapons from somewhere (and some one) they got the bomb parts and explosives and knowledge how to assemble them from some one and somewhere etc. All of which is STILL out there even when the immediate perpetrators (or perhaps only the ones that are known?) are dead.
cnocbui said: ...besides they had the corpse and didn't need to lift a print of anywhere. It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.
You'd probably get lucky with right and left thumb and index fingers. Unless you knew which of the two dead terrorists the phone belonged to, you might have scan eight fingers. If it doesn't work after five tries though, you are left with only the passcode as a means of unlocking it.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
So before cellphones, how in the world did law enforcement do their job???? Oh, that's right, they used the resources they had! We spend BILLIONS of dollars every year on national security - let them do their jobs with what they already have. It's that simple. We DO NOT need to give them access to our information whenever they ask for it. We should be able to fully and securely protect our personal information. And please quit using the scare tactic of finding pedophiles as the reason law enforcement should have total access to our data. We do not live, thankfully, in an "any means necessary" society. If that's what you want, I'd be happy to point you to a couple places in other parts of the world that should meet your criteria.
This type of encryption is relatively new. This is the first time they have no way of accessing the information they need.
Comments
Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.
The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere.
If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).
I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.
The US Supreme Court has ruled that corporations are people, but not that computing devices are.
So providing the passcode (or biometry needed to unlock it) isn't self-incriminating, it is simply handing over the key to your house before they simply break down the door.
Mm. Good point.
First, the FBI assumes there is information they need on these phones and this is the issue with court orders they no long have to prove the information they seek actually exist, they just say they need to look to see if it does exist.
Base on some of the information which leak out like the computer they used were clean of any incriminating information, but why do you need incrimination information when you already know they did it. They also said they could not find the HDD of one of the computers which lead the FBI to believe they dispose of it. If they were this smart they probably cleared their phones of any information as well or dispose of the phones which had any information.
I think the police would have to first prove what they are looking for in fact exist before any court order is issue to gain access to information.
As someone already said, the FBI are idiots to making publicly known they are not able to gain access. This is not going to help their case pointing this out, The government will be hard press to change the rules since companies like Google and Apple will make sure the general public knows the government is trying to under mind your privacy.
BTW, if you encrypt you computer files and email with PGP the government can not break into that information either and that program has been around a long time.
This is the exact point, It like the government knowing the criminal buried information in the woods somewhere in the world which contains the incriminating information they need to file charges. So they get a court order to compel the criminal to tell them where to dig. It is going to happen, but the government gets all upset they do not have the ultimate power can not force anyone to do what they want.
http://www.macrumors.com/2014/10/31/fingerprints-not-protected-by-fifth-amendment/
If needed the authorities can take a HD that has been broken into pieces and stick them in a magnetic force microscope and read the bits back off, even if it was 'erased' several times before being broken up.
If they 'really' wanted the data they could just unsolder the flash chips and read out their contents directly. If he actually had encrypted the whole thing it might take an extra hour or so for the NSA. THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.
I think this FBI person needs to talk to the right people.
VERY 4th Amendment.
"Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
ETA: "If the people are dead where that doesn't work, well problem is solved anyway, they're dead"
The flaw in that is assuming the dead acted solely alone and that's probably rarely the case: they got the weapons from somewhere (and some one) they got the bomb parts and explosives and knowledge how to assemble them from some one and somewhere etc. All of which is STILL out there even when the immediate perpetrators (or perhaps only the ones that are known?) are dead.