FBI complains it can't break encryption on phone used by San Bernardino terrorists

24

Comments

  • Reply 21 of 76
    The bad guys are dead, so other than possible associations, why do they care what's on the phone? Morbid curiosity? They still don't need the phone to find associates - it's called good old fashioned detective work, an art that law enforcement seems to be increasingly incapable of doing these days.
    dysamoria
  • Reply 22 of 76
    volcanvolcan Posts: 1,799member
    mytdave said:
    - it's called good old fashioned detective work, an art that law enforcement seems to be increasingly incapable of doing these days.
    Complete rubbish. You have no idea what you are talking about.
  • Reply 23 of 76
    Rayz2016Rayz2016 Posts: 6,957member
    cnocbui said:
    Can biometric sensors work as necrometric sensors?
    The iphone fingerprint sensor can be defeated by modelling a print off the device itself.  

    Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.

    The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere. 

    If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).

    I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.


  • Reply 24 of 76
    Rayz2016Rayz2016 Posts: 6,957member
    Before everyone carried mobile phones, how did the law enforcement agencies go about solving crimes? Would it be possible to go back to doing it that way?
    edited February 2016 dysamoriayoyo2222
  • Reply 25 of 76
    sandorsandor Posts: 665member
    rob53 said:
    lkrupp said:
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    That's fine but there is also the Fifth Amendment that protects a person against being compelled to be a witness against himself or herself in a criminal case. I see their phone as being included in that protection...

    The US Supreme Court has ruled that corporations are people, but not that computing devices are. 

    So providing the passcode (or biometry needed to unlock it) isn't self-incriminating, it is simply handing over the key to your house before they simply break down the door.
  • Reply 26 of 76
    Rayz2016Rayz2016 Posts: 6,957member
    cnocbui said:
    Funny how the FBI message is about how hard it is for them to get into a terrorists phone and yet not a word about how easy it was for a terrorist to obtain the weapons with which to commit the act of terror.

    Mm. Good point.
    teaearlegreyhot
  • Reply 27 of 76
    volcanvolcan Posts: 1,799member
    Rayz2016 said:
    Before everyone carried mobile phones, how did the law enforcement agencies go about solving crimes? Would it be possible to go back to doing it that way?
    It is not a matter of going back. They use every tool at their disposal. Before mobile phones there were no text messages to search.
  • Reply 28 of 76
    jbdragon said: they're dead. No trial needed for them. 
    I don't support backdoors, but I think your comment is also pretty shortsighted.
    edited February 2016
  • Reply 29 of 76
    maestro64maestro64 Posts: 5,043member

    First, the FBI assumes there is information they need on these phones and this is the issue with court orders they no long have to prove the information they seek actually exist, they just say they need to look to see if it does exist.

    Base on some of the information which leak out like the computer they used were clean of any incriminating information, but why do you need incrimination information when you already know they did it. They also said they could not find the HDD of one of the computers which lead the FBI to believe they dispose of it. If they were this smart they probably cleared their phones of any information as well or dispose of the phones which had any information.

    I think the police would have to first prove what they are looking for in fact exist before any court order is issue to gain access to information.

    As someone already said, the FBI are idiots to making publicly known they are not able to gain access. This is not going to help their case pointing this out, The government will be hard press to change the rules since companies like Google and Apple will make sure the general public knows the government is trying to under mind your privacy.

    BTW, if you encrypt you computer files and email with PGP the government can not break into that information either and that program has been around a long time.


  • Reply 30 of 76
    maestro64maestro64 Posts: 5,043member
    adm1 said:
    lkrupp said:
    For encryption to protect anyone, it must protect everyone.
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    The trouble is, how would you know those pictures are on the device without getting into it first? If they KNOW they are there (i.e. they have proof) and the defendant blocks access then there are laws to charge him/her for that offence. If they don't KNOW the photos are on the device, what right have they to force it to be unlocked to check? I'm sure entire cases and prosecutions don't hinge on access to one device, there must be other evidence and facts surely.

    This is the exact point, It like the government knowing the criminal buried information in the woods somewhere in the world which contains the incriminating information they need to file charges. So they get a court order to compel the criminal to tell them where to dig. It is going to happen, but the government gets all upset they do not have the ultimate power can not force anyone to do what they want.
  • Reply 31 of 76
    lkrupp said:
    For encryption to protect anyone, it must protect everyone.
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    There's a difference in type of crime, yes, but to open the door for one you open the door for everyone. A security system that's a little bit insecure is like being (since you like analogies) a little bit pregnant. Sorry, but you're either secure, or you're not. There's no middle ground.
    edited February 2016 dysamoria
  • Reply 32 of 76
    bigpicsbigpics Posts: 1,397member
    lkrupp said:
    For encryption to protect anyone, it must protect everyone.
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    Your claimed back door in the 4th didn't force homebuilders or owners to build structures with doors and windows that could be entered by anyone except the owner...
    tallest skil
  • Reply 33 of 76
    volcanvolcan Posts: 1,799member
    hmlongco said:

    And if you have enough grounds to suspect the pedophile to obtain a court order to require Apple to unlock the phone, you have enough grounds to subpoena the information on the phone from its owner (unlock it please). If they don't then they're in contempt. 
    This is not actually the case. The suspect is not required to provide the passcode to investigators pleading their Fifth Amendment right, however, in one case in Virgina their court ruled that the suspect can be forced to unlock the device using TouchID.

    http://www.macrumors.com/2014/10/31/fingerprints-not-protected-by-fifth-amendment/



    edited February 2016 dysamoria
  • Reply 34 of 76
    freerangefreerange Posts: 1,597member
    lkrupp said:
    For encryption to protect anyone, it must protect everyone.
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    So before cellphones, how in the world did law enforcement do their job???? Oh, that's right, they used the resources they had! We spend BILLIONS of dollars every year on national security - let them do their jobs with what they already have. It's that simple. We DO NOT need to give them access to our information whenever they ask for it. We should be able to fully and securely protect our personal information. And please quit using the scare tactic of finding pedophiles as the reason law enforcement should have total access to our data. We do not live, thankfully, in an "any means necessary" society. If that's what you want, I'd be happy to point you to a couple places in other parts of the world that should meet your criteria.
    dysamoriatallest skil
  • Reply 35 of 76
    cnocbuicnocbui Posts: 3,613member
    Rayz2016 said:
    cnocbui said:
    The iphone fingerprint sensor can be defeated by modelling a print off the device itself.  

    Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.

    The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere. 

    If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).

    I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.


    No, it doesn't take days.  A university researcher demonstrated doing it using a fingerprint lifted from the actual phone and it took a a few hours.  The capabilities available to security services for 'national security' cases go way beyond that, besides they had the corpse and didn't need to lift a print of anywhere.  It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.

    If needed the authorities can take a HD that has been broken into pieces and stick them in a magnetic force microscope and read the bits back off, even if it was 'erased' several times before being broken up.

    If they 'really' wanted the data they could just unsolder the flash chips and read out their contents directly.  If he actually had encrypted the whole thing it might take an extra hour or so for the NSA.  THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.

    I think this FBI person needs to talk to the right people.
    dysamoria
  • Reply 36 of 76
    jfc1138jfc1138 Posts: 3,090member
    pmz said:
    Why do they think they are entitled to this? Because they label them terrorists? Even criminals have rights. It's all that keeps them from framing anyone they desire.

    I don't give a shit what you want FBI. Solve your crimes another way.
    Probably it was fairly easy to get a warrant for a search given the two people were sort of a slam dunk as having committed those murders. The gunfight recorded on video would have been probable cause for a search warrant up the wazoo. Then there's the bomb parts and bombs....

    VERY 4th Amendment.
    "Amendment IV

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."


    ETA: "If the people are dead where that doesn't work, well problem is solved anyway, they're dead"


    The flaw in that is assuming the dead acted solely alone and that's probably rarely the case: they got the weapons from somewhere (and some one) they got the bomb parts and explosives and knowledge how to assemble them from some one and somewhere etc. All of which is STILL out there even when the immediate perpetrators (or perhaps only the ones that are known?) are dead.

    edited February 2016
  • Reply 37 of 76
    cnocbui said:
    THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.

    Have you a link to this claim?
  • Reply 38 of 76
    volcanvolcan Posts: 1,799member
    cnocbui said:
    ...besides they had the corpse and didn't need to lift a print of anywhere.  It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.
    You'd probably get lucky with right and left thumb and index fingers. Unless you knew which of the two dead terrorists the phone belonged to, you might have scan eight fingers. If it doesn't work after five tries though, you are left with only the passcode as a means of unlocking it.
  • Reply 39 of 76
    cnocbuicnocbui Posts: 3,613member
    bsimpsen said:
    cnocbui said:
    THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.

    Have you a link to this claim?
    Page 6: https://www.nsa.gov/ia/_files/government/MDG/NSA_CSS_Storage_Device_Declassification_Manual.pdf

  • Reply 40 of 76
    dasanman69dasanman69 Posts: 13,002member
    freerange said:
    lkrupp said:
    Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
    So before cellphones, how in the world did law enforcement do their job???? Oh, that's right, they used the resources they had! We spend BILLIONS of dollars every year on national security - let them do their jobs with what they already have. It's that simple. We DO NOT need to give them access to our information whenever they ask for it. We should be able to fully and securely protect our personal information. And please quit using the scare tactic of finding pedophiles as the reason law enforcement should have total access to our data. We do not live, thankfully, in an "any means necessary" society. If that's what you want, I'd be happy to point you to a couple places in other parts of the world that should meet your criteria.
    This type of encryption is relatively new. This is the first time they have no way of accessing the information they need. 
Sign In or Register to comment.