FBI Tries To Force Google To Unlock User's Android Phone 385
Trailrunner7 writes "Those multi-gesture passcode locks on Android phones that give users (and their spouses) fits apparently present quite a challenge for the FBI as well. Frustrated by a swipe passcode on the seized phone of an alleged gang leader, FBI officials have requested a search warrant that would force Google to 'provide law enforcement with any and all means of gaining access, including login and password information, password reset, and/or manufacturer default code ("PUK"), in order to obtain the complete contents of the memory of cellular telephone.' The request is part of a case involving an alleged gang leader and human trafficker named Dante Dears in California. Dears served several years in prison for his role in founding a gang in California called PhD, and upon his release he went back to his activities with the gang, according to the FBI's affidavit."
Plausible deniability... (Score:4, Insightful)
is becoming ever more important. In fact, it will soon replace the constitution as the thing you can always depend upon.
H.
Re:Plausible deniability... (Score:5, Insightful)
I'm not sure you're arguing against the correct aspect of his post. He's stating the facts of the statistics - he even mentions himself that those are the statistics. It *is* a fact that for a random robbery, it's 8 times more likely to have been committed by a black than a white. (And likewise, the individual mentioned is more *likely* to be black than white purely on a statistical basis). What's wrong with his post is that he doesn't take into account causation, and the causation is not that they're black, but other socio-economic factors, of which race is merely a correlation. That's not to say each individual isn't responsible for his crimes, but that race isn't the determining factor of why the crime occurrs.
For about a year at one point, I lived in a small island chain populated almost entirely by blacks - around 60,000 to 200 whites. However, the only murder in the last 20 years, had been committed by a white. Is it because he was white? No. And the statistics OP used to make his case are equally flawed simply in that respect.
Re:Plausible deniability... (Score:5, Interesting)
That's all well and nice, but people act on indicators not causation. To take an example I'm a male and most rapists are male and most rape victims are female. So if I happen to be walking in the same direction as a woman late at night she's got far more reason to fear that I'll drag her into the bushes and rape her than I got reason to fear that she'll drag me into the bushes and rape me. None of this has of course anything do to with causation, unless you're the kind who thinks women are "asking for it". Is it sexist or just good threat assessment? Now repeat the same with a potential mugger and a potential mugging victim, are you then a racist if you fear the black guy more than the white guy?
Of course we're all individuals, and I'm not guilty of anything because someone else who shares some physical or other characteristic with me commit crimes but you can't tell that from looking at me. Prejudice you can cure through knowledge, but what of statistical "truths"? Say you have two possible hires, practically identical resumes and interviews but you know one belongs to a group you know that's generally known to worker harder and complain less, which do you pick? Here in Norway we've had companies now pretty plainly state that they prefer Swedes for bars and restaurants and Poles for construction and industry and somehow that's not discrimination based on nationality - I guess it helps we're all white. But if someone were to say something of Somalis or Iraqis or Afghans, they'd be burned at the stake as racists.
In short my impression is that you get plenty discrimination, but only certain groups in certain situations gets to call foul and say it's racism. We're all equals but as usual some are more equal than others, the rest of us are just supposed to take it when we're being discriminated against. Why am I supposed to take blanket statements about us when I can't make the same kind of blanket statements about others? Same with our department of equality, you'd have to search long and hard to find a case where men were discriminated rather than women, sexism is another one-way street. But if you point that out it's STFU you're a white male, you got nothing to complain about - as if that wasn't the most racist, sexist remark of them all.
Comment removed (Score:5, Insightful)
Re:Plausible deniability... (Score:5, Insightful)
That sort of culture isn't just part of one group, though.
I recall my Scottish grandmother showing similar contempt for her children when they made moves to improve themselves. It became a life long resentment that destroyed the relationships and the hatred was never healed. Another example from a previous generation, a son and his wife who left Pakistan for the UK, to find better opportunities, was spat at by his mother and she said she hoped they all died on the voyage.
Modern life demands that individuals leave their family and community loyalty behind and go where the opportunities are.
Those who don't shift into that modern mindset will remain poor.
If that sort of attitude sounds hard to believe, you have to bear in mind at that time in Scotland, it was considered wise to have all your teeth pulled when you were a teenager so you wouldn't face medical bills later on. When people are very poor all they have is family loyalty. So what makes you strong is also what holds you back in modern life.
Comment removed (Score:4, Informative)
Re:Plausible deniability... (Score:4, Insightful)
I understand your point completely, and its why I always try to warn people to avoid statistics in virtually any decision making, especially where scale is important. I was merely pointing out the thing to argue with him over is not the statistics, as statistics can be used to prove or disprove, anything. Like in your example, where there's a 1:2 probability of me seeing a dinosaur in my backyard. Of course if you expand this, the probability of one being found in each ADDITIONAL backyard tested reduces to almost zero. But at that stage both you at the start and the second individual at the end, are statistically correct.
Although, your dinosaur method could be shown to be fundamentally flawed as you need a baseline from which to start, One I like to throw around because it shows the importance of scale and parameters is "For each person you see today, they are more likely to be asian than any other race," and "If you see twenty people today, the probability that none of them are Asian is less than 1%". Yet of course, in many places and countries around the world you can go weeks and not see a single Asian. (BTW, I'm not commenting on Asians, just on how localization affects statistics).
What I was trying to say was don't argue the statistics - it's fighting a losing battle if you're speaking to anyone who doesn't understand probability but knows how to quote numbers. Instead, attack the methedology of their conclusions. The key sentence in his post to attack would be "Blacks are much more likely to be violent and criminal." This is a correlation != causation example. :)
Re:Plausible deniability... (Score:5, Insightful)
1. Who is black? Most blacks have a large part of their genetics made up of Caucasian genes. Look at our president. I'm white, my son is adopted from the heart of Africa, 100% African genes. Is he black? Certainly... but how does he fall into these statistics? He's going to have the up-bringing of any white-middle class child.
2. Who's collecting these statistics? The judicial system? The judicial system has been proven prejudice by hundreds of studies over the years. They convict more minorities of crimes, they give them longer sentences, they charge them with more infractions. They pull over a white kid with a pocket knife and they call his parents, they get a black kid with the same knife and he's getting charged with a felony. Are blacks really twice as likely to commit a crime with a knife? Or are they just twice as likely to get convicted?
3. The AC poster is clearly a troll and probably doesn't even believe in what he's saying. So there's that.
Re:Plausible deniability... (Score:4, Insightful)
True...but I think a lot of this, in this day in age, is a problem the black community has with their value system. You don't see blacks (largely) trying to promote someone getting an education, and trying to get a job and have good family life.
The careers they often glorify are:
1. Athlete
2. Rapper / Thug
Well, #1, just doesn't happen to the majority of people, and well, #2 doesn't happen that often either, and strangely enough, #2 has glorified connections with music to gang life...and that's another dead end street.
What can be done about it? You can't legislate it...it has to come from the black community themselves. I've heard leaders, and successful black people extoll the same....Bill Cosby for example, stands up and has said it like it is, for blacks to take responsibility for their own lives and success, for fathers to be responsible to their children.
Sadly, often, other blacks put them down for telling the truth that many out there see.
Back when I was in school...I saw this in action. I saw fellow black students, who WERE head of the class, involved in the school (student govt., student body president), in the honors classes.....yet, they were openly put down by the majority of blacks in the school....actually telling him to "stop acting white". I mean....with that kind of attitude and culture that perpetuates itself....sure, you see blacks stay in poverty. You also see the ones that DO get an education and work and succeed...move the fuck out of the black community, so that their kids don't get caught up in that 'culture', which often leads nowhere, and at its worst...prison and/or death.
Sure, there is still racism. For that matter, you see it on BOTH sides of the black and white line....lots of hatred towards whites from blacks, I see that too. But it isn't the impediment to success that it was decades ago. Somehow, the culture of victimhood for blacks, needs to be tossed out and have a culture of success and hard work and family values embraced.
But, like I said before, you can't legislate that. It somehow has to be generated from within....but only the black community can do that themselves, and well.....that certainly doesn't seem to be working, at least from someone like myself looking in from the outside.
Re: (Score:3)
Talk about thread drift... but
Cayenne8 - I would disagree with your assessment somewhat about the "community taking care of it internally" --- and while I absolutely agree with Mr. Cosby about individuals taking personal responsibility for their lives, you have to take into account the 300 years of American history that have played into what we see today.
1) "Level Playing Field" -- Generation "Y" (people born roughly after 1990) is really the first generation of Black children who have opportunity that was
Re: (Score:3)
Regardless of the bad analogy, you've modified the original statement from "in a random robbery, it's 8 times more likely that the crime has been committed by a black than a white" into "black people are 8 times more likely to commit robbery." That's an important difference because black people in and of themselves are no more likely to commit robbery, but there are more black people in the socioeconomic conditions that increase the likelihood of criminality. The second phrasing implies some form of causali
Re: (Score:3, Informative)
Re: (Score:3)
Granted, the benefit/crime ratio is pretty low for <insert race here>, but it is still much higher than the benefit/crime ratio of <insert race here>.
Almost. Really trolling eh?
ACs were not born ACs. The became ACs on their own willful actions. One of the reason is to hide themselves. Therefore, the mere fact that they post as AC *does* say something about them.
Their race does not.
Ars Technica Lnk (Score:5, Informative)
http://arstechnica.com/tech-policy/news/2012/03/fbi-stumped-by-pimps-androids-pattern-lock-serves-warrant-on-google.ars [arstechnica.com]
The one thing I found amusing about the whole thing is that PhD supposedly stood for "Pimpin' Hoes Daily". Then I read this:
Major league asshole. I hope he gets the book thrown at him.
Re:Ars Technica Lnk (Score:5, Interesting)
Re:Ars Technica Lnk (Score:5, Informative)
Re:Ars Technica Lnk (Score:5, Interesting)
Re: (Score:3, Informative)
Resetting the gmail password won't help if the phone is locked. The phone still needs the old password to unlock it.
Re: (Score:2, Informative)
To use google (ldap) directory sync with google apps, you need to use unsalted SHA1, or cleartext passwords in the directory you wish to sync.
So, maybe? maybe not.
BTW, windows does _not_ use salted passwords, that is why it is so fast/easy to crack windows passwords-- since you _can_ use precomputed hashes in a rainbow table, unlike pretty much any other OS.
Also, windows has an option to use reversible passwords in AD.
Re:Ars Technica Lnk (Score:5, Informative)
To use google (ldap) directory sync with google apps, you need to use unsalted SHA1, or cleartext passwords in the directory you wish to sync.
That doesn't mean Google stores unsalted hashes or cleartext, it just means that whatever Google stores is computable from those.
(Disclaimer: I work for Google, on security stuff, but I don't know anything about how user passwords are stored. I will say that storing unsalted hashes or cleartext would be very out of character for Google. Google tends towards great caution when it comes to security, and employs a lot of serious security experts and cryptographers.)
Re:Ars Technica Lnk (Score:5, Insightful)
Well, first of all, it's a rubber stamped warrant. Literally.
Second, Google is unlikely to have some of the information requested; the PUK of the SIM would be known by the SIM manufacturer, not the maker of the phone's operating system. Same goes for text messaging; it goes through the carrier, not Google.
Third, the records are unlikely to be physically at Google Legal Investigations Support.
Fourth, some of the "items requested" amount to a fishing expedition -- so much for "particular" descriptions of the places to be searched or items seized.
Re:Ars Technica Lnk (Score:5, Informative)
It should not be that much of a problem for Google then.
There lawyers could just have fun with it. A nice lunch with some IT guys and a hour or so later you have a well written response with supporting documentation on why the FBI are complete technology retards.
They could have a few pages on how PUK and SIM actually work, and even being helpful, list contact information for the manufacturers.
Judge would just love reading that the FBI was wasting the courts time because they could not even figure out who to serve a warrant to. :)
Re:Ars Technica Lnk (Score:5, Informative)
The PUK is also unnecessary since it's only used to unlock the phone's SIM card (and hence it's contacts.) If you fail too many times it self-destructs.
The Wireless provider knows the PUK as it's based on the serial number of the sim card, so Google certainly wouldn't have it.
Text messages are bit of a "maybe yes", while they are transmitted through the carrier, for billing purposes, the carrier has no way of reading them unless they've been stored. Having worked for AT&T, their customer service software, and all the support software doesn't let you read text messages, but it does let you send text messages anonymously to phones. If you're a technical staffer who can manually provision phones, you may have access to the SMS in-transit, but I don't think they're stored unless the FBI has been requiring it.
The actual storage of SMS messages are on the phone/SIM if not deleted. It largely depends on what the phone's software is setup to do. On early Motorola and Nokia phones, all the contacts were stored on the SIM card, but on later models (post 2005) they are stored in the phone memory by default.
So there's no need to get the SIM card PUK, It's just the easiest way to bypass the PIN password. If you remove the sim card and replace it with another one without a PIN, it will give you access to the phone and all it's data anyway. Depending on the device, you may have better luck simply syncing the device to a computer.
As for what you can do with a stolen/lost phone, not a hell of a lot. If you're looking to wipe it so you can keep it, it's much easier to do that, than to use it for identity theft. As a golden rule, I never "save my password" on any device. I'd rather a lost device be wiped than someone using the data for nefarious purposes.
Re: (Score:3)
Its a bit more complicated than that with SMS. SMS isn't a point-to-point protocol, if the reciever isn't available, it stores somewhere and waits its turn. Its then up to the implementation as to whether its filed away in some database or deleted. SMS's are tiny little messages so its not certain that it would be delted. On the other hand theres no overwhelming reason not to delete either , unless some sort of data retention mandate is in place.
I do not believe any of the current generation of smart-phones
Re: (Score:2)
The defendant will always claim a warrant was "rubber stamped."
But at least it's some sort of oversight on the process, and beats the heck out of the "security first" fanatics who keep wanting to remove the "obstruction" of a warrant completely.
Re:Ars Technica Lnk (Score:4, Insightful)
I can not believe you are modded up.
A) They have cause. AS in peple testifing against him, accusing him.
B) They know he did business on his phone
D) It's not a fishing hunt. It is a normal, reasonable and valid request.
The only question is 'Do they need permission for a wiretap'?
Re: (Score:3, Interesting)
Re:Ars Technica Lnk (Score:4, Informative)
Also, note that under the Constitution, parolees are afforded less civil liberties in return for early release. Parole officers can do a lot of stuff that would normally require a warrant. Certainly, prisoners don't have a right against search and seizure of their cells. Therefore, parolees aren't protected against illegal search and seizure of their personal property. In this case, the government has all sorts of strong corroborating evidence in support of their warrant.
Thus, I'm not too worried about this. It isn't a warrantless search against some innocent guy. It's a well-supported motion against a guy who is on parole for doing lots of shitty things, which means that he was jailed, then released conditionally on him not continuing his asshat activities, and it seems that he has violated the terms of his parole.
Re:Ars Technica Lnk (Score:5, Insightful)
First of all, the Constitution doesn't allow warrants which don't particularly describe places to be searched and things to be seized, no matter how egregious the circumstances. The Supreme Court has ruled that the judges do have to exercise judgement when approving them (though this is honored more in the breach than the observance).
Second, law enforcement is very good at painting defendants in a bad light. Look up the Kevin Mitnick case; whatever Mitnick did, it is NOT true that he could have started a nuclear war by whistling into a pay phone. In this case, they use "human trafficking" as a scare term; it appears he's actually a run of the mill pimp.
Re:Ars Technica Lnk (Score:5, Insightful)
So you think "run of the mill pimps" somehow deserve a pass on human trafficking? Is that because they're too numerous to arrest? They have too much evidence against cops, judges, and politicians? Or is it because they just traffic in "hoes", not "people"?
The Ars article mentions a woman who he locked in the trunk of a car to prevent her escape. In what corner of the world do you live in where would that be dismissed as "run of the mill"? What kinds of people are willing to accept that behavior? Is it because she's not your daughter or sister, so it's OK that a pimp keeps her on the streets?
I agree that law enforcement often overstates their case, and try to throw a dozen charges at someone in hopes that one might stick. But this is the signed statement of an agent who interviewed a witnesses who directly observed the convicted parolee texting women who then appeared and delivered money to him throughout the evening. That's plenty of evidence to at least ask a judge to issue a search warrant for the phone. The judge could say no, of course, but this affidavit doesn't seem out of line for such requests.
He's already violating the terms of his parole agreement by not divulging his password to the FBI. The guy could certainly rot in jail for the rest of his sentence, with no more effort on anyone's part. But if additional crimes have been committed, they should be tried as well.
Re: (Score:3)
If anyone in the government actually cared about the welfare of these women, they'd be pushing for legalized and regulated prostitution. This is nothing but a bunch of boys feeling big by playing with guns Both sides are reprehensible.
Re:Ars Technica Lnk (Score:4, Insightful)
In this case, they use "human trafficking" as a scare term; it appears he's actually a run of the mill pimp.
What is it that you suppose a pimp does, exactly?
Re:Ars Technica Lnk (Score:5, Insightful)
Exactly! This is how law enforcement is supposed to act. They have a suspect, they provide reasons to a judge, get a warrant and Google opens the device. If you're involved in crime don't keep anything incriminating on your phone. I mean really, these are the kinds of assholes law enforcement should be locking up.
Re: (Score:3)
"Asshole"? Really? My limited understanding is that he is an innocent person until found otherwise, no?
It is all too easy to cast allegations around. At this stage he is not an "asshole" but instead a wholly innocent person accused of serious crimes.
Re:Ars Technica Lnk (Score:4, Informative)
"Asshole"? Really? My limited understanding is that he is an innocent person until found otherwise, no?
No. He's either guilty or not. He cannot be innocent today and then guilty tomorrow for something he did last week.
The legal system is required to treat him as not until proven otherwise. That, however, does NOT mean that the legal system cannot get a search warrant to obtain evidence that can be used in a court to allow the court to make that determination, so even the claim "innocent until proven guilty" doesn't apply here.
As for how the rest of the world treats him, we have no limits on calling him guilty because we aren't the legal system.
Re:Ars Technica Lnk (Score:4, Insightful)
You certainly do have limits in most countries. Calling someone guilty of a crime in public may very well be libel or slander. If the person is declared innocent in a trial your assertion that they are guilty could land you in hot water.
I haven't even RTFA so I have absolutely no clue one way or another. But it isn't unheard of for the press to take a juicy story and run with it, leaving just enough unsaid to protect them from a lawsuit (sometimes they don't even do that). Judging people based solely on reports in the newspaper is quite unfair and legally dangerous.
Of course, I am not a lawyer and this is not legal advice.
Re:Ars Technica Lnk (Score:5, Insightful)
He's already guilty of the crimes he committed before, and he has not yet completed his sentence for those crimes. He's on parole after being released early from prison. Actually, he's on parole for a second time, after having violated the terms of his parole earlier and going back to prison for an additional year and a hafl.
One of the terms of his parole is that he must not have a mobile phone. Another one of the terms is that any passwords, encryption, to any information whatsoever that he has, he will immediately provide the means to access that data upon demand of his parole officer. He denied to his parole officer that he had a mobile phone, but his parole officer found it and seized it. The parole officer had every right to do so under the terms of his parole. He's also refused to provide the account and password information to access it, even though he agreed to provide it as a condition of his early release. So he's already in violation of two of the terms of his parole, and for that alone he gets to go back to prison. There is no additional trial needed -- he has already been found guilty of his original crimes. The terms of parole have nothing to do with "innocent until proven guilty." That bit of justice ended with his verdict. He is guilty.
As far as these new allegations and crimes go, he needs to stand trial for them. But he's already a convicted felon who was let loose from prison too early, twice. "Wholly innocent" is not a factual statement one uses to describe this felon.
Re: (Score:3)
"Asshole"? Really? My limited understanding is that he is an innocent person until found otherwise, no?
It is all too easy to cast allegations around. At this stage he is not an "asshole" but instead a wholly innocent person accused of serious crimes.
Why can't he be both. Based on his history, he sure sounds like an asshole.
Asshole is not a legal standing. Whether he is guilty or not guilty of the crimes he's accused of is another matter entirely.
Re: (Score:2)
It's a slippery slope, regardless. We're encouraged to trust Google with our data, and yet it's "ok" if the government gets to walk all over that trust. It's sloppy thinking, and I don't like it.
don't keep anything incriminating.... (Score:3)
on your phone, in your house, on your computer, on physical media, on your person, in your car, in your work place....damn it...where should we keep our incriminating stuff?
Re:Ars Technica Lnk (Score:5, Informative)
It doesn't look like the warrant was issued yet. The judge may turn it down, or severely limit its scope (only require Google to provide the passgesture, if they have it).
Re: (Score:3, Interesting)
Yes, but the problem I see is: they already had him behind bars. He was released, and he went back to being a parasitic sack of shit. This is a failure of the penal system to rehabilitate convicts, a failure of the legal system to legalize prostition, creating this black market where thugs thrive, and finally a failure of the economy for creating an environment where crime pays way better than any proper career this Dears twit could ever possibly sustain. Heck, $500 a night is more than I make as an I.T.
Re:Ars Technica Lnk (Score:5, Insightful)
Silly me - here I was thinking it was a failure of Mr. Dears to behave in a socially responsible adult manner, instead of engaging in petty crime and preying on the weak.
Society doesn't owe him a $500 a night job. Society doesn't owe him a cushy life free of any bad luck.
Re:Ars Technica Lnk (Score:5, Insightful)
Silly me - here I was thinking it was a failure of Mr. Dears to behave in a socially responsible adult manner, instead of engaging in petty crime and preying on the weak.
Silly you indeed. We are society so we can change it. We are not Dears so we can't change him. That you equate fixing systemic problems with giving criminals "a cushy life" indicates that you don't really give a damn about society.
Re:Ars Technica Lnk (Score:5, Insightful)
I can't name the society you're after, but I can make a couple ofr suggestions -
Stop criminalising things that people want to pay for.
Obviously this doesn't extend as a blanket rule. I'm sure some people would like to pay for murder, and we don't want to legalise taht. But in terms of drugs and prostitution we have a situation in which large numbers of otherwise law-abiding citizens are conspiring with the criminals to get money to them for goods or services. The result is that you get a mess of violent gangs with a lot of funding, you get low-quality drugs, you get human trafficking and abused women.
Legalise and regulate both and you eliminate a lot of this crap because you take away the black market aspect that keeps the cash flowing to criminal organisations. You won't end up with a perfect utopia by any means, but you will end up with a lot less people acting as willing accomplices to criminal arseholes.
Re: (Score:2)
Re:Ars Technica Lnk (Score:4, Insightful)
It's not the goal because nobody ever thinks of the long term effects of the system we have versus the system we could have.
And we, as a society, pay through the nose for it. If you think corrections costs too much, look in the mirror.
--
BMO
Re: (Score:3)
a society based on money may need crime to strip people of excess money and keep them thinking about getting to the end of the month
The primary reason for not fighting the crime is that the crime is a necessary boogeyman. The populace needs to be scared into obedience. The government can't openly say that if you don't vote for more taxes we will kill you. However the government can say - and does say - that if you don't vote for more taxes then the police forces will be reduced and if you get killed by a
Re: (Score:2, Interesting)
Actually, yes, it is. The whole point of the prison system as it stands today is to rehabilitate criminals and release them back into society as free men. If that weren't the case, they'd never be released, and we would probably just kill them instead to save money.
As for actually rehabilitating people, it's pretty obvious the system has failed miserably. But hey, that's just what the government does. War on drugs, war on terror, apparent war on the economy; total failure has never stopped them before and i
Re:Ars Technica Lnk (Score:5, Interesting)
One question: are your private prison operators paid on a per capita basis per incarcerated person, or on a performance basis per rehabilitated person? Ours are paid per rehabilitated person. Et tu?
Re: (Score:3)
They're paid by unit of work done by the prisoners as well as per capita. Very lucrative business having slaves where the upkeep is paid for by the tax payers and the profits of the labor go to the stock holders.
http://www.globalresearch.ca/index.php?context=va&aid=8289 [globalresearch.ca]
Re: (Score:3)
The whole point of the prison system as it stands today is to rehabilitate criminals and release them back into society as free men.
If that is the case, then why is it that so many states have laws that prevent felons from voting even after they have served their sentence and been released [procon.org]?
If the purpose of prison is rehabilitation, not revenge, why is nothing done to prevent inmates raping other inmates? I don't mean a token gesture, either, I mean a commitment to ending it.
If the purpose of prison is reha
Re: (Score:2, Insightful)
Right - because if prostitution were legal, non thugs would be signing up all over the place to run brothels, just like strip clubs.
I hear you on legalizing, but really, it would still be run by thugs. its prostitution. it's never going to be legitimate even if its not illegal.
Re: (Score:3)
Re:Ars Technica Lnk (Score:5, Insightful)
Legalizing prostitution increases profits (not having to pay a pimp), allowing women or men to "vet" their dates in advance(the high-class prostitutes are frequently grad students who target single and successful dorks like you for $400 per session) and eliminates violence and urban blight by shifting the acts to private residences.
But like the lazy, brutish, and entirely misguided crackdowns on Marijuana; legalized prostitution ain't gonna fly in Ammurika anytime soon, especially with loonies like Santorum seriously considered candidates for president.
Re: (Score:3)
Despite prostitution being legal in Amsterdam, this [wikipedia.org] indicates that they have a rather large problem with human trafficking.
How do you explain this?
Re: (Score:3)
Nevada (in the US) and many cities in Europe have legal prostitution run by "non-thugs". It is legitimate.
Re:Ars Technica Lnk (Score:4, Interesting)
And both are eroding a little more of my faith in humanity.
FBI, instead of trying to get a skeleton key to all our phones, including me who has never made a woman sell herself for money, how about you just pass a law that people convicted of pimping can't have phones? No objections from me on that one... anyone else?
Re:Ars Technica Lnk (Score:4, Interesting)
So not only does he deal in human sex slavery, he also is acting as a catalyst for the FBI to erode our right to privacy a little bit more.
Like they need an excuse.
FBI, instead of trying to get a skeleton key to all our phones, including me who has never made a woman sell herself for money, how about you just pass a law that people convicted of pimping can't have phones? No objections from me on that one... anyone else?
Yean I object. A phone is pretty much a requirement for anyone to find legitimate work. What you propose will make it just that much harder for criminals become former criminals - the only ones who would obey such a law are the very people you would want to have a phone.
As part of a case, okay sure, why not (Score:5, Insightful)
Re:As part of a case, okay sure, why not (Score:4, Insightful)
Yeah, seems reasonable to me.
Your cellphone is not some magical box of protected data. If you've been committing crimes, and you get arrested for it, everything you've ever recorded is going to get looked at during that case. That includes the contents of your cellphone, and the police have the legal right to force entry to just about anything once they have probable cause.
I mean, it's not like they randomly pulled this guy out of line at an airport and demanded he unlock his phone. They've got witness testimony, previous convictions, and I'm assuming some more concrete evidence that he is a criminal. They're just trying to figure out if he's done anything ELSE, and corroborate their evidence wherever possible.
This should be interesting (Score:5, Funny)
Hashes (Score:4, Informative)
Re:Hashes (Score:5, Interesting)
If this is the 9-dot pattern they are talking about, even a hash would be easy to brute force,. the worst case being 9!, but the average case being 4-6! as these are the sizes commonly chosen for phones.
However, the limitation could be the delay/lock after some unsuccessful tries. If they need to see that phone's memory, they need to maybe use a 0-day exploit that google knows of, but has not yet been fixed for that phone?
Re:Hashes (Score:4, Insightful)
if it is the nexus S there's an easy way to unlock the bootloader without wiping the device (found on xda). for the see previous paragraph.
Re:Hashes (Score:5, Informative)
That's exactly what happened [arstechnica.com]:
Thought there was a cop device to just read phones (Score:3)
Re:Thought there was a cop device to just read pho (Score:4, Interesting)
Assuming you can get all that through the usb port. Having dealt with the FBI they are in general technology challenged. My favorite was the computer forensics expert they could not get a .tgz open.
Re: (Score:3)
You know the FBI on your tv shows aren't real, right?
Re: (Score:2)
Brute force? (Score:5, Informative)
I'm surprised the FBI can't just dump the flash and brute force it. There are only about 100,000 possible patterns.
Re:Brute force? (Score:4, Insightful)
Re: (Score:3)
Numeric lock codes can be used to encrypt; there's no reason the pattern locks couldn't be used that way as well, though I haven't tried it.
If it's not encrypted, I'm REALLY surprised the FBI can't figure it out. Flash chips are very easy to dump.
Re: (Score:2)
My Android (a Motorola Droid X2) uses encryption based on the screen lock pattern. At least I assume it's based on the lock pattern, since you need to use a lock pattern for encryption to be enabled.
Re:Brute force? (Score:4, Insightful)
Last time I checked credit cards stored important information in plaintext.
Re:Brute force? (Score:5, Interesting)
Which has always been a problem, and which is why we should be getting things right with smart phones.
Google Wallet stores the credit card number and other sensitive information in the "secure element", a special-purpose high-security chip that is separate from the main system, with its own CPU, it's own OS and it's own storage. The secure element (SE) is actually a smart card chip, which has the benefit of almost 30 years of evolution, as attacks were created and countermeasures added. Nothing is 100% secure, but smart cards are pretty darned good.
Among other things, they wrap the storage in cladding layers which are physically bonded and chemically similar, so peeling or dissolving the cladding to be able to get to the EEPROM is extremely difficult, and highly likely to destroy the EEPROM. They're also careful to expose no leads which can be used to directly manipulate the memory, etc.
There have been some minor weaknesses found in Google Wallet, which Google has fixed or is fixing, but nothing that would expose the credit card number, because it's locked securely in the SE. We are getting things right with smart phones; at least Google is. I imagine ISIS is also.
(Disclaimer: I work for Google, and have even done some work around Google Wallet, though that's not my primary job. However, everything I stated above is public knowledge, filtered through 10+ years of experience working with smart cards and SEs while at IBM.)
Re: (Score:2)
Not allways that easy, not all phones have jtag headers or even a way to get to the exposed leads. Chip lapping seems rather excessive.
Passwords are stupid (Score:2)
Passwords are a stupid way of securing a device. The "password" on the device should be a passphrase for a key on the phone's encryption system. Both Apple and Google are making the same security mistake. iTunes could be a million times safer if they used public key authentication instead of their awful password system.
Re: (Score:3)
Yeah. I should have to provide a fresh DNA sample to unlock my phone. Giggity.
Why don't they ask Apple - they own swipe 2 unlock (Score:5, Funny)
Why don't they ask Apple - they own swipe to unlock
Weak Investigation (Score:2)
A warrant *is* enough, conditionally (Score:5, Informative)
What they will get out of it is any information on the perpetrator that Google has in their control - so Gmail, Picasa, anything on their servers. This is what a warrant does, and any content provider such as Google will have this in their TOS.
What they *might* get is a replacement account password to access the phone. That's unclear to me. It's in that respect that I don't know how Google will proceed.
What they will NOT get, however, are unlocks, text messages (unless he backs those up into his Gmail account), device passwords, device unlock patterns, or anything that would be used to unlock the device. That's all up to the mobile carrier or (possibly) the device manufacturer - not Google.
And for those who think Google made the device, no, they didn't. Somebody else did. May have been Motorola, LG, HTC, or Samsung, just to name the big four phone makers who put out Android off the top of my head. Google's support ends at the operating system development level, and whatever they have on their network. Demanding of Google whatever's on the mobile network or the device unto itself is like demanding an Amtrak schedule of Pepsico.
lazy law enforcement (Score:5, Insightful)
If the only way they can bust a "human trafficker" is by getting into his cellular phone, maybe they need to do a little more police work.
The criminal justice system allows a hell of a lot of latitude to law enforcement. Legal wire taps, surveillance, search warrants. Informants, RICO, DNA evidence, even tax evasion investigations.
I've seen The Wire and The Shield, Kojak, Columbo and even Mannix. There are plenty of ways to take down a perp, and if all else fails, you put a couple in his noggin, drop a throw-down piece on him and say he drew down on you. Then you go home and sleep like a baby.
But they tell us the only way they can lock up a gang leader involved in human trafficking is by checking his Angry Birds high score.
Just sayin'...
Comment removed (Score:5, Informative)
Re: (Score:2)
Which part of " FBI officials have requested a search warrant" do you think isn't about getting a warrant?
Re: (Score:2)
Which part of " FBI officials have requested a search warrant" do you think isn't about getting a warrant?
Which brings up the question... WTF is this newsworthy?
Re: (Score:2)
Are you telling me? (Score:5, Funny)
Are you telling me that you can't unlock one of these phones, without a PhD?
Re:Are you telling me? (Score:4, Funny)
Well the police does hold a PhD.....
Re:Are you telling me? (Score:5, Funny)
Well the police does hold a PhD.....
Only in a cell.
Re:Google it right (Score:3)
Interesting rant but maybe a little off key. The key sentence is"perceived need". Since in fact it is not needed - "https://www.google.com/search?q=warterboard" works just fine, it's that other story about your privacy being worth 60 cents.
I'm tend to think all that junk in there is tracking junk.
More to the point you want "refine and improve", it works for cars, just less nicely for information.
Re:No, don't Google it. (Score:5, Funny)
In the olde days, a Google search would produce the same results for the same search term. Not so anymore. If I search for "waterboarding" I get Wikipedia, NPR, and a number of human-rights activist sites. If Dick Cheney searches for the same term, he gets "Waterboarding magazine", "50 fun ways of torturing a PoW", and newamericancentury.org
So to be re-usable the URL must include lots of information about the person who did the search, like age, religion, political beliefs, sex (with whom, how often), and so on. I'm actually impressed they can fit all that in 250 characters.
Re: (Score:2)
So you're saying that if you are served a subpoena you won't comply? Better lawyer up!
Re: (Score:3)
But that doesn't mean I have to go dig it out of my closet to hand it to them if they can't find it themselves. I don't have to incriminate myself. I think your interpretation of the fifth amendment may need some fine tuning.
But that is no fun... (Score:2)
Re: (Score:3)
Re:Wha??? (Score:4, Informative)
No, the story says the phone in question is a seized phone. It's evidence in their possession. They just can't read it.
Re:Wha??? (Score:5, Interesting)
Technicians apparently mis-entered the pattern enough times to lock the phone, which could only be unlocked using the phone owner's Google account credentials.
Why they were even bothering with the unlock screen rather than just slurping up all the data on the phone with a UFED [forensicswiki.org] is beyond me.
Re:Wha??? (Score:4, Informative)
Why they were even bothering with the unlock screen rather than just slurping up all the data on the phone with a UFED [forensicswiki.org] is beyond me.
Because cops are idiots and the only reason the system works is because criminals are usually even dumber ?
Re:Wha??? (Score:4, Informative)
Because according to the link you provided Android support is not included on this UFED thingy?