“Cops Say Encryption Hinders Investigations. These Documents Say Otherwise.”

Despite much whining on the part of law enforcement about the alleged perils to public order posed by encryption, it’s no secret that cops can often bypass measures intended to protect privacy. Now, documents obtained by Vice‘s Motherboard describe just how police agencies use one tool to extract data from Apple devices. It’s more evidence that officials aren’t stymied by encryption half as often as they claim, but just want to paw through our information without effort or expense.

“‘How to unlock and EXTRACT DATA from Apple Mobile Devices with GrayKey,’ the instructions, seemingly written by the San Diego Police Department, read,” Vice‘s Joseph Cox reveals of the documentation obtained with a public records request. “The instructions describe the various conditions it claims allow a GrayKey connection: the device being turned off (known as Before First Unlock, or BFU); the phone is turned on (After First Unlock, or AFU); the device having a damaged display, and when the phone has low battery,” he adds.

https://ift.tt/3vZYS2o

| Permalink

via CrimProf Blog https://ift.tt/31qUjQa

June 28, 2021 at 08:36PM

The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones It’s Already Hacking Into

Federal law enforcement has been asking for a backdoor to read Americans’ encrypted communications for years now. FBI Director Christopher Wray did it again last week in testimony to the Senate Judiciary Committee. As usual, the FBI’s complaints involved end-to-end encryption employed by popular messaging platforms, as well as the at-rest encryption of digital devices, which Wray described as offering “user-only access.”

The FBI wants these terms to sound scary, but they actually describe security best practices. End-to-end encryption is what allows users to exchange messages without having them intercepted and read by repressive governments, corporations, and other bad actors. And “user-only access” is actually a perfect encapsulation of how device encryption should work; otherwise, anyone who got their hands on your phone or laptop—a thief, an abusive partner, or an employer—could access its most sensitive data. When you intentionally weaken these systems, it hurts our security and privacy, because there’s no magical kind of access that only works for the good guys. If Wray gets his special pass to listen in on our conversations and access our devices, corporations, criminals, and authoritarians will be able to get the same access.

It’s remarkable that Wray keeps getting invited to Congress to sing the same song. Notably, Wray was invited there to talk, in part, about the January 6th insurrection, a serious domestic attack in which the attackers—far from being concerned about secrecy—proudly broadcast many of their crimes, resulting in hundreds of arrests.

It’s also remarkable what Wray, once more, chose to leave out of this narrative. While Wray continues to express frustration about what his agents can’t get access to, he fails to brief Senators about the shocking frequency with which his agency already accesses Americans’ smartphones. Nevertheless, the scope of police snooping on Americans’ mobile phones is becoming clear, and it’s not just the FBI who is doing it. Instead of inviting Wray up to Capitol Hill to ask for special ways to invade our privacy and security, Senators should be asking Wray about the private data his agents are already trawling through.

Police Have An Incredible Number of Ways to Break Into Encrypted Phones

In all 50 states, police are breaking into phones on a vast scale. An October report from the non-profit Upturn, “Mass Extraction,” has revealed details of how invasive and widespread police hacking of our phones has become. Police can easily purchase forensic tools that extract data from nearly every popular phone. In March 2016, Cellebrite, a popular forensic tool company, supported “logical extractions” for 8,393 different devices, and “physical extractions,” which involves copying all the data on a phone bit-by-bit, for 4,254 devices. Cellebrite can bypass lock screens on about 1,500 different devices.

How do they bypass encryption? Often, they just guess the password. In 2018, Prof. Matthew Green estimated it would take no more than 22 hours for forensic tools to break into some older iPhones with a 6-digit passcode simply by continuously guessing passwords (i.e. “brute-force” entry). A 4-digit passcode would fail in about 13 minutes.

That brute force guessing was enabled by a hardware flaw that has been fixed since 2018, and the rate of password guessing is much more limited now. But even as smartphone companies like Apple improve their security, device hacking remains very much a cat-and-mouse game. As recently as September 2020, Cellebrite marketing materials boasted its tools can break into iPhone devices up to “the latest iPhone 11/ 11 Pro / Max running the latest iOS versions up to the latest 13.4.1”

Even when passwords can’t be broken, vendors like Cellebrite offer “advanced services” that can unlock even the newest iOS and Samsung devices. Upturn research suggests the base price on such services is $1,950, but it can be cheaper in bulk.

Buying electronic break-in technology on a wholesale basis represents the best deal for police departments around the U.S., and they avail themselves of these bargains regularly. In 2018, the Seattle Police Department purchased 20 such “actions” from Cellebrite for $33,000, allowing them to extract phone data within weeks or even days. Law enforcement agencies that want to unlock phones en masse can bring Cellebrite’s “advanced unlocking” in-house, for prices that range from $75,000 to $150,000.

That means for most police departments, breaking into phones isn’t just convenient, it’s relatively inexpensive. Even a mid-sized police department like Virginia Beach, VA has a police budget of more than $100 million; New York City’s police budget is over $5 billion. The FBI’s 2020 budget request is about $9 billion.

When the FBI says it’s “going dark” because it can’t beat encryption, what it’s really asking for is a method of breaking in that’s cheaper, easier, and more reliable than the methods they already have. The only way to fully meet the FBI’s demands would be to require a backdoor in all platforms, applications, and devices. Especially at a time when police abuses nationwide have come into new focus, this type of complaint should be a non-starter with elected officials. Instead, they should be questioning how and why police are already dodging encryption. These techniques aren’t just being used against criminals.

Phone Searches By Police Are Widespread and Commonplace

Upturn has documented more than 2,000 agencies across the U.S. that have purchased products or services from mobile device forensic tool vendors, including every one of the 50 largest police departments, and at least 25 of the 50 largest sheriffs’ offices.

Law enforcement officials like Wray want to convince us that encryption needs to be bypassed or broken for threats like terrorism or crimes against children, but in fact, Upturn’s public records requests show that police use forensic tools to search phones for everyday low-level crimes. Even when police don’t need to bypass encryption—such as when they convince someone to “consent” to the search of a phone and unlock it—these invasive police phone searches are used “as an all-purpose investigative tool, for an astonishingly broad array of offenses, often without a warrant,” as Upturn put it.

The 44 law enforcement agencies who provided records to Upturn revealed at least 50,000 extractions of cell phones between 2015 and 2019. And there’s no question that this number is a “severe undercount,” counting only 44 agencies, when at least 2,000 agencies have the tools. Many of the largest police departments, including New York, Chicago, Washington D.C., Baltimore, and Boston, either denied Upturn’s record requests or did not respond.

“Law enforcement… use these tools to investigate cases involving graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, public intoxication, and the full gamut of drug-related offenses,” Upturn reports. In Suffolk County, NY, 20 percent of the phones searched by police were for narcotics cases. Authorities in Santa Clara County, CA, San Bernardino County, CA, and Fort Worth, TX all reported that drug crimes were among the most common reasons for cell phone data extractions. Here are just a few examples of the everyday offenses in which Upturn found police searched phones:

  • In one case, police officers sought to search two phones for evidence of drug sales after a $220 undercover marijuana bust.
  • Police stopped a vehicle for a “left lane violation,” then “due to nervousness and inconsistent stories, a free air sniff was conducted by a … K9 with positive alert to narcotics.” The officers found bags of marijuana in the car, then seized eight phones from the car’s occupants, and sought to extract data from them for “evidence of drug transactions.”
  • Officers looking for a juvenile who allegedly violated terms of his electronic monitoring found him after a “short foot pursuit” in which the youngster threw his phone to the ground. Officers sought to search the phone for evidence of “escape in the second degree.”

And these searches often take place without judicial warrants, despite the U.S. Supreme Court’s clear ruling in Riley v. California that a warrant is required to search a cell phone. That’s because police frequently abuse rules around so-called consent searches. These types of searches are widespread, but they’re hardly consensual. In January, we wrote about how these so-called “consent searches” are extraordinary violations of our privacy.

Forensic searches of cell phones are increasingly common. The Las Vegas police, for instance, examined 260% more cell phones in 2018-2019 compared with 2015-2016.

The searches are often overbroad, as well. It’s not uncommon for data unrelated to the initial suspicions to be copied, kept, and used for other purposes later. For instance, police can deem unrelated data to be “gang related,” and keep it in a “gang database,” which have often vague standards. Being placed in such a database can easily affect peoples’ future employment options. Many police departments don’t have any policies in place about when forensic phone-searching tools can be used.

It’s Time for Oversight On Police Phone Searches

Rather than listening to a litany of requests for special access to personal data from federal agencies like the FBI, Congress should assert oversight over the inappropriate types of access that are already taking place.

The first step is to start keeping track of what’s happening. Congress should require that federal law enforcement agencies create detailed audit logs and screen recordings of digital searches. And we agree with Upturn that agencies nationwide should collect and publish aggregated information about how many phones were searched, and whether those searches involved warrants (with published warrant numbers), or so-called consent searches. Agencies should also disclose what tools were used for data extraction and analysis.

Congress should also consider placing sharp limits on when consent searches can take place at all. In our January blog post, we suggest that such searches be banned entirely in high-coercion settings like traffic stops, and suggest some specific limits that should be set in less-coercive settings.

via EFF.org Updates https://ift.tt/US8QQS

March 8, 2021 at 12:56PM

The Snowden Legacy, part one: What’s changed, really?

Enlarge / Remember this guy? (credit: Pardon Snowden) 

Digital privacy has come a long way since June 2013. In the five years since documents provided by Edward Snowden became the basis for a series of revelations that tore away a veil of secrecy around broad surveillance programs run by the National Security Agency, there have been shifts in both technology and policy that have changed the center of gravity for personal electronic privacy in the United States and around the world. Sadly, not all of the changes have been positive. And Snowden’s true legacy is a lot more complicated than his admirers (or his critics) will admit. Starting with that first article published by the Guardian that revealed a National Security Agency program gathering millions of phone records from Verizon—which gave the agency access to metadata about phone calls placed by or received by everyone in America—the Snowden leaks exposed the inner workings of the NSA’s biggest signals intelligence programs. Coming to light next was the PRISM program, which allowed the NSA, via the FBI, to gain access directly to customer data from nine Internet companies without notifying the customers. And then came Boundless Informant, a tool for visualizing the amount of signals intelligence being collected from each country in the world. By the time the Snowden cache had been largely mined out, hundreds of files—ranging from PowerPoint presentations to dumps of Internal Wikis and Web discussion boards—had been reviewed and revealed by journalists. “Thanks to Snowden’s disclosures, people worldwide were able to engage in an extraordinary and unprecedented debate about government surveillance,” the American Civil Liberties Union declared on the fifth anniversary of the Guardian article. 
Read more… 

Mueller checks witnesses’ phones for secure messaging apps, per report

Enlarge (credit: Jaap Arriens/NurPhoto via Getty Images) 

Special Counsel Robert Mueller has reportedly asked witnesses in the ongoing investigation of Russian meddling in the 2016 presidential election to hand in their phones to “inspect their encrypted messaging programs and potentially view conversations between associates linked to President Donald Trump.” 

On Monday, Mueller’s office formally accused Paul Manafort of felony witness tampering by using Telegram and WhatsApp, two well-known secure messaging apps. Manafort, who previously served as Trump’s campaign manager during the 2016 presidential race, pleaded not guilty to money laundering, among other charges. Authorities were able to obtain these messages by getting a warrant for Manafort’s iCloud account and also by getting unencrypted messages themselves from the recipients of some of those messages. 

According to CNBC, since April, the Office of the Special Counsel has been looking at witnesses’ phones for evidence of the use of not only those two apps, but also Confide, Signal, and Dust, which operate in a similar fashion. 

Read more…