FBI Gripes "We Can't Read Everyone's Secrets" (reuters.com) 175
New submitter rdukb writes: FBI Director James Comey told the Senate Intelligence Committee that investigators still can't access the phone contents of one of the San Bernadino killers. He went on to argue that the phenomenon of communications "going dark" due to more sophisticated technology and wider use of encryption is "overwhelmingly affecting" law enforcement operations, including, not only the San Bernadino murders, but also investigations into other murders, car accidents, drug trafficking and the proliferation of child pornography. This might increase pressure on Apple to loosen the backdoor restrictions. Will the industry relent and allow Government access to data from these devices?
Sure. Force Apple and Google to add backdoors (Score:5, Insightful)
What could POSSIBLY go wrong?
Um...maybe fifteen minutes after the first OS release, the Darknet will have utilities published to take advantage of them?
Captcha: "contempt"
If you open that backdoor... (Score:3, Insightful)
You will just force me to find other means to encrypt, making my device even DARKER than it already is...
Re:If you open that backdoor... (Score:4, Interesting)
Re: (Score:2)
The idea, I imagine they believe, is that when you have to go to suffficient lengths to keep your data confidential, you will actually draw even *more* attention in the process, and even if you are not guilty of anything in particular, may find yourself more heavily scrutinized by the powers that be than the average individual.
The use of strong encryption in no way implies that you are "guilty" of anything or have "done something wrong."
It means you have taken proper and necessary steps to secure your data against unauthorized access. That is what all good digital citizens should be doing. Many don't, and that's why we see stories every week about a large data breach of names, addresses, social security numbers, etc. being handed over to criminals.
Since everyone is subject to suspicionless, unwarranted surveillance, it doesn't se
Re: (Score:2)
I didn't suggest that it did.
In the eyes of those who might believe that if one is doing nothing wrong they have nothing to hide (which is false, but there are still people who believe believe it), however, it might at the very least give them an incentive to more closely scrutinize that person's activities, at least moreso than the average person who follows the government status quo procedures
Re: (Score:2)
The use of strong encryption in no way implies that you are "guilty" of anything or have "done something wrong."
The FBI under Hoover learned that everyone is "guilty" of something, whether it's illegal or not, and that it's very helpful to have such information on-hand.
No (Score:5, Insightful)
People made that mistake before. We learned our lesson. Government can't be trusted. They demonstrate it a new way every day.
Re:No (Score:5, Insightful)
"Overwhelmingly affecting" law enforcement. Really? What did they do when people didn't have technology and just whispered their secrets to each other? Did they whine that they couldn't hear the secrets and tried to pass laws that required everyone to shout? We have always had secrets that law enforcement could never figure out and we always will. There have always been unsolved cases, and there always will be. Law enforcement has always whined that it could do more if only they had more power, and they always will.
Re:No (Score:5, Funny)
Re: (Score:2)
If you people would only let us slowly tear the flesh off of our suspect, getting a confession would be that much easier. It's like you guys want more crime.
I believe the taser is the torture device du jour for LEOs these days.
Re: (Score:2)
Has the pepper spray novelty worn off, then?
Re: (Score:2)
I hope encryption is "overwhelmingly affecting" law enforcement's efforts to create a panopticon and collect bulk data. That means we are getting safer, we are winning the second crypto war.
Re: (Score:2)
Re:No (Score:4, Interesting)
What I think is more interesting is that even *IF* the government could be trusted, it would still be a bad idea to give them unfettered access, because if they can read your confidential data, however benign they may claim their intentions to be, then so can somebody with less benevolent motivations. The net result is that instead of making things easier for law enforcement, it will actually made things harder because law enforcement would then be further burdened with trying to also protect those who are innocent from predatory criminals who are exploiting the weaker security that would be made mandatory.
Obviously if you don't trust the government in the first place, this is clearly a bad idea.... but it is interesting, I think, to note that even if the government *COULD* be trusted, it still works out to an overall bad idea, with a net negative benefit for absolutely everyone, both the people *AND* the government. The only ones who would really come out ahead are the ones who disregard the law.
Re:No (Score:5, Interesting)
And even if the current crop of voters *did* learn their lesson (which they did not), the next generation has not learned it, and will make the same mistakes all over again.
I don't think the next generation will side with law enforcement. What did the police ever do for them besides hassle them, give them traffic tickets, and threaten to raid their parties? We have the lowest crime in decades and safest highways ever. Law enforcement is generally not needed and increasingly feared by regular people.
The people who like law enforcement are 55+ and remember trying to raise a family during the crime wave times of 1970-1990.
Re:No (Score:4, Interesting)
I don't think the next generation will side with law enforcement. What did the police ever do for them besides hassle them, give them traffic tickets, and threaten to raid their parties? We have the lowest crime in decades and safest highways ever. Law enforcement is generally not needed and increasingly feared by regular people.
This is a really good point. The police are losing the hearts and minds and seem content to let it drift away. The biggest threat to the rule of law is the lack of buy-in from the people.
As you say, when I was a kid it was dangerous to go out at night. Violent crime was a lot more common and the police were the good guys (mostly) there to protect and serve. We used to have a local cops visit the school and everyone knew them by first name.
Nowadays I feel free to walk the streets any time of night, I sleep with my front door open, I never lock my car, we live in the the safest and most prosperous times. Yet my experience of the Police is some jerks who wants to punish me for the most ridiculously trivial things.
The cops need a PR makeover, get back into the community as part of the community, as more social oriented workers than para-military bully boys.
Re: (Score:2)
The police DOES NOT CARE about winning the "hearts and the minds" of the populace.
Doesn't sound like you know any police officers, or much about the police in general other than "big government" stereotypes.
Boo Hoo!! (Score:5, Insightful)
"overwhelmingly affecting" law enforcement operations"
Including extra-legal warrantless, domestic, mass surveillance. Go cry somewhere else, the US intelligence
complex made this bed, now go lie in it.
We need more end to end encryption to be used as a daily matter of fact, because it's been proven time and time again you aren't trustable.
more FBI lies (Score:5, Insightful)
FBI directors lie to Congress as part of their normal job duties.
This is just more of the same.
Re:more FBI lies (Score:5, Insightful)
Well, now that the FBI employee directory is out. Concerned citizens can call or email the FBI Director directly, to voice their concerns.
Re: (Score:2)
FBI directors lie to Congress as part of their normal job duties.
So do you, so why do you expect others to behave differently?
This is part of the problem, instead of expecting our teachers, coaches, priests, police, politicians etc to be immune to human behaviour, we should expect it and take appropriate precautions.
Re: (Score:3)
the truth can be lost on the head of a pin.
Also, Help, I'm trapped in a fortune cookie factory!
Re: (Score:2)
I'm really not convinced that Hoover looked stunning in a paisley print frock.
NSA Disagrees (sort of) (Score:2)
http://it.slashdot.org/story/1... [slashdot.org]
Dear FBI (Score:5, Insightful)
Dear FBI,
Backdoors will only let you catch the dumbest of dumb criminals. Encryption exists, you can't uninvent it. Taking default encryption away, hurts the privacy of the innocent and does nothing to stop the bad guys from using their own encryption. You can't have a backdoor without the possibility that others will figure out how to access that backdoor too. Just deal with it already and stop trying to destroy security.
Re: (Score:2)
Cough, cough, how about this
If you really wanted to interrogate them that much, then maybe you should not have shot them to bits.
Surely you don't want the evidence to prosecute dead people?
Maybe, might be fishing expedition are no excuse (no bullshit with 6 degrees of separation means you can investigate everyone on the planet).
They have got the individuals and every weapon and ammo and residence, a field mine of DNA to track down and you will get far more from the DNA than you will the phone. You know
Re: (Score:2)
Dear FBI, Backdoors will only let you catch the dumbest of dumb criminals.
That might be good enough.
My bank is full of clever criminals who fleece 0.1% here and 0.2% there to make themselves rich and get away with it. The stupid crims will hold a gun to your face and may shoot you for $50. Given the choice, I can live with the smart crims.
Hiring Fail (Score:5, Insightful)
The police are not hiring some people because they have too high of an IQ.
Then the people they do hire, whine "Can't you make this easier ? It's too hard !"
What do you want next ?
Master keys to all physical locks ?
People must use their birth names ?
No cars that can exceed 30 mph ?
Everyone wear hi-viz clothes and flashing lights ?
Nation ID numbers tattooed on your cheeks ? all four cheeks ?
If it was an easy job, stopping crooks, all our bankers, lawyers & politicians would be incarcerated.
Re: (Score:2)
The police are not hiring some people because they have too high of an IQ.
Then the people they do hire, whine "Can't you make this easier ? It's too hard !"
What do you want next ?
Master keys to all physical locks ?
People must use their birth names ?
No cars that can exceed 30 mph ?
Everyone wear hi-viz clothes and flashing lights ?
Nation ID numbers tattooed on your cheeks ? all four cheeks ?
If it was an easy job, stopping crooks, all our bankers, lawyers & politicians would be incarcerated.
Master Keys - Wanted but all Internet Tech companies know that this is fatal to their business model.
No cars that can exceed 30 mph - See Self Driving Cars. Once we have you in a self driving car, regulating speed , route is easy.
hi-viz clothes and flashing lights ? - See Japan
National ID numbers tattooed on your cheeks - Close but see Real ID legislation that was passed without debate in congress as a rider.
Re: (Score:2)
What do you want next ?
Master keys to all physical locks ?
Already got those, they're called lock picks, and the police can't even use them, they have to ram people's door in instead.
The crooks, on the other hand, are very good at using lock picks.
Re: (Score:2)
Then the people they do hire, whine "Can't you make this easier ? It's too hard !"
Isn't it natural to want to make your job easier? I've never heard a trench digger ask for a smaller shovel, or surgeon say to put the implements away, I'll do this one with my bare hands...
don't believe his lies (Score:5, Insightful)
FBI director says investigators unable to unlock San Bernardino killer's phone content
things one needs to unlock a smartphone:
* fingerprint (sometimes) (difficulty: invalid)
* dump the flash memory (difficulty: hobbyist)
* to avoid lockout, have machines emulate the phone and try every combination to unlock the phone (difficulty: developer)
conclusion: the investigators had a technician unlock the phone in less than an hour
DO NOT BELIEVE HIS LIES.
Re: (Score:2)
It's not that it's difficult, it's just that it requires more time than the heat death of the universe to execute.
I don't deny the FBI director's assertion that they were unable to decrypt the phone; I deny his assertion that their failure constitutes any kind of problem.
Re: (Score:2)
It's not that it's difficult, it's just that it requires more time than the heat death of the universe to execute.
Eh...most phones I've seen limit your key to a 4-digit pin. So we're really talking 10,000 combinations, and that's without taking in consideration the non-uniform distribution [popsci.com] of pins people choose.
Re: (Score:3)
Phones don't need to be wiretap friendly, you have no obligation to forfeit privacy, and the constitution guarantees your right to privacy and free speech.
With that said, the phones are not constructed idiotically, and will wipe / key dump if attacked naively with brute force. Additionally, I don't know which phones are limited to 4 character passphrases, but it is sure as FUCK not "most". Android users can set a password, Apple users can set a password. Maybe some trivially untrustworthy shit limits you
Re: (Score:2)
The way the chips works, it isn't really that simple. The PIN unlocks a larger cryptographic hash. If you enter 10 wrong pins, the chip deletes it's "memory" of this hash.
The crypto-chip and the key verification are one unit, any form of tampering (opening the device, removing the chip/power etc) could probably trigger a wipe as well. I think the only way of doing it (if there are no tamper controls), would be to use perhaps an electron microscope and remove layer by layer of the chip until you can read out
Re: (Score:2)
So I can wipe peoples iPhones by entering a bad pin ten times?
Awesome. I'm going to get sacked.
Re: (Score:2)
Yes, it actually works if you have hours of time to do it. There is a progressive time lockout. So after 3 attempts, you get 1 minute timeout, this gets progressively worse as after 8 and 9 attempts it's an hour per attempt so you'll spend ~2-3 hours on the process.
Re: (Score:2)
If you store important stuff on an iDevice, without any sort of backup, you will lose it. I don't understand the security behind the iCloud backups, but nobody's claimed to be able to crack that.
Re: (Score:2)
Ten thousand combinations, and it's easy to set an iPhone to wipe after ten unsuccessful attempts to enter the PIN, so the chance is roughly one in a thousand, perhaps one in a hundred for some given non-uniform distributions. You'll lose everything on the device, but you should always have that backed up.
The interesting thing about an iPhone, cryptographically, is that the key needs a secret key embedded in a chip that's hardened so it would be extremely difficult or impossible to retrieve the key. It
Re: (Score:2)
It's not that it's difficult, it's just that it requires more time than the heat death of the universe to execute.
to crack the AES encryption: yes. to crack smartphone security: no.
Re: (Score:2)
It's not that it's difficult, it's just that it requires more time than the heat death of the universe to execute.
I don't deny the FBI director's assertion that they were unable to decrypt the phone; I deny his assertion that their failure constitutes any kind of problem.
The average user has a 4-6 digit pin, even if it is 8 or 10 digits you are looking at a few hours at most to crack it, You aren't searching for a 128 bit or 256 bit key here, just the users password to unlock.
Re: (Score:2)
1) Flash memory in iPhones is encrypted with a strong random key.
2) The key is contained only in RAM and inside the TPM module that also does fingerprint recognition.
3) The key can be released if the correct PIN is entered. However, the key is irrevocably destroyed by the TPM module if you try more than 6 wrong PINs.
In conclusion, pretty much the only way to unlock a modern iPhone when its owner is dead is to have the fingerprint available.
Re: (Score:2)
2) The key is contained only in RAM and inside the TPM module that also does fingerprint recognition.
i wouldn't be surprised if...
1) Infineon had a way to subvert their own security
2) FBI decapped the chip to retrieve the key. you can edit silicon circuits with a Focused Ion Beam. it's pricey and slow but it can be done.
Re: (Score:2)
Re: (Score:2)
TPM chips are designed to withstand such attacks by using distributed storage. I really doubt that you can pull it off even in the best lab. And even then the cost of doing it will probably make sense only for highest-grade intelligence, not regular terrorist investigations.
oh please. all they have to do is disable the self-destruct/counter mechanism and the rest is a brute force attack. i'm sure Infineon even has a backdoor mechanism to disable it. I doubt Apple is even using TPM 2.0 which makes this all moot because TPM 1.2 is a joke.
Re: (Score:3)
Re: (Score:2)
They can simply copy the contents of the phone, copy any IDs or chip based encryption keys, throw it into a virtualized environment and then send tons of possible combinations at it.
In the end, the fingerprint scanner is probably the easiest method to break. The FBI already has a huge database of fingerprints then can just randomly throw at the virtualized phone, o
Re:don't believe his lies (Score:5, Insightful)
devices sold, designed for consumers in the US have to be wiretap, plain text and voice recording friendly.
No, they don't. Encrypted phones are used every day by the US government itself, as well as numerous businesses. Consumer-facing products such as FaceTime, FaceTime Audio, and iMessage are readily available today, are used by tens of millions of people, and are designed with end-to-end encryption that prevents wiretaps from taking place. Comparable products exist for other platforms. What you just said is an outright fabrication.
Moreover, the Constitution's Fourth Amendment grants "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures". It does not grant the government the right to deny us security on the basis that they may one day have a reasonable cause for a search or seizure. They're left to figure out how to get access on their own, despite our right to be secure. If I put my papers in a safe, that means bringing in a safecracker, not legally obligating all safe manufacturers to put defects in their safes that make them less secure. If I put my stuff in my car, that means bringing in a locksmith, not legally obligating all car manufacturers to put defects in their safes that makes them easier to break into. And if I put my data in a smartphone, that means bringing in a hacker, not legally obligating all smartphone manufacturers to put defects in their phones that makes them easier to access.
In this particular case, I wish the government the best, but the suggestion that we shouldn't have the right to secure our smartphone because that same right can be used by criminals to hide wrongdoing is no different than suggesting that we shouldn't have the right to free speech because that same right can be used by criminals to incite wrongdoing.
Boycot (Score:2)
Will the industry relent and allow Government access to data from these devices?
If they or any company does, then they should be boycotted until they go bankrupt. It'll never end. Even if the government got access to every single device immediately, it would never be enough for them. Next they'd be pushing for being above any basic civil or human rights, and be able to use at will any torture techniques they felt like to pry 'secrets' out of peoples' brains, too. Ironically no one would ever be safe ever again, more fearful of the people who were once supposed to protect them than they
Re: (Score:3)
You mean like Microsoft, with Windows 10 which communicates with dozens of servers even when you turn telemetry off? [slashdot.org]
Re: (Score:2)
Re: (Score:2)
Do you have any way to actually counter his arguments other than loudly yelling nonsense?
Re: (Score:2)
Will the industry relent and allow Government access to data from these devices?
If they or any company does, then they should be boycotted until they go bankrupt.
What if getting access to one of these devices would save your family's lives?
I'm not supporting the abuse of power here, and put the bad cops to the side for a sec, we all know that routine. Ultimately, there are bad people out there who want to kill us, and it the function of law enforcement to stop them. Rather than continually hate on authorities, I'd be more interested in hearing what possible solutions exist for a law enforcement to function within the expectations of society. Because you can bet as
Re: (Score:2)
There's a legal saying that "hard cases make bad law". I can come up with situations where people's lives will be saved for any violation of civil liberties you care to name. Heck, even torture can work if the information you seek is easily verifiable but not obtainable (something like NP problems). In the meantime, any way to crack my iPhone can be used by bad guys as well as good guys.
I understand that you're a coward, and have sympathy, but you're talking about giving up privacy for an infinitesima
Re: (Score:2)
There's a legal saying that "hard cases make bad law".
Oh there's a saying? Oh well, you automatically win then.
In the meantime, any way to crack my iPhone can be used by bad guys as well as good guys.
Ooh they'll crack you phone and then what? See photos you took of yourself with your willy in your hand?
I understand that you're a coward, and have sympathy, but you're talking about giving up privacy for an infinitesimal increase in security against a particular unlikely threat.
No I'm not. But nice attempt at a strawman.
Even though I spelt it out quite clearly the first time I'll do it again for your benefit
Rather than continually hate on authorities, I'd be more interested in hearing what possible solutions exist for a law enforcement to function within the expectations of society.
Archer (Score:4, Funny)
Phrasing!
I don't think quotes mean what you think they mean (Score:3)
Re: (Score:2)
They know he is a killer -- so why do they need his phone?
Really? You're that lacking in imagination, or that unfamiliar with the long history of Islamist murderers being in touch with each other and specific consulting figureheads, financiers, teachers, parts suppliers, etc?
Re: (Score:2)
So, in other words, what they're looking for is other people to arrest. It isn't that the case against the person who actually did the crime necessitates their being able to access information on the phone. It's that there may be other people involved and they want to look that over.
Re: (Score:2)
Re: (Score:2)
The two key figures in that attack are already dead. The phone in question will shed light on whether or not their circle of friends, family, and overseas contacts were criminally involved in what happened. There's plenty of reasons to think that those to idiots didn't act in a vacuum.
So go to the NSA. Isn't that why they are tracking calls, messages and all that? Who cares if it the phone logs/messages are encrypted if it was captured when it happened. And if they're not doing that for this what the fuck are they doing?
Re: (Score:2)
So go to the NSA. Isn't that why they are tracking calls, messages and all that?
Meta data about who called who when doesn't contain the content of text messages, the photos or other files stored on the phone, etc.
Yeah, right... (Score:2)
They are only saying this to try and convince the bad guys they are "safe".
The cognitive dissonance is astounding (Score:5, Insightful)
If James Comey thinks that the FBI could keep their backdoor decryption key secure, perhaps I could call him at his office phone using the FBI directory that just got uploaded to the net, and discuss it with him. :-)
The FBI and the DoJ can't even keep their own databases safe from a social hack. A backdoor key would be in the hands of China and Russia before the week was out.
Re: (Score:2)
If James Comey thinks that the FBI could keep their backdoor decryption key secure, perhaps I could call him at his office phone using the FBI directory that just got uploaded to the net, and discuss it with him. :-)
All cleverness aside, maybe you should.....from a payphone......miles away.
Never go full J. Edgar Hoover (Score:2)
How about it, Director? Would you use one of these phones for confidential a
Fear nearly always wins (Score:2)
To cover up the X-files we need to stop other stuf (Score:2)
To cover up the X-files we need to stop other stuff as well.
Phones are too hard but IoT is easy (Score:2)
The Berkman report [harvard.edu] is pretty interesting reading and points out thatdevice encryption can be frustrating, but there's still no default for end-to-end encrypted communication, metadata is plaintext by necessity, and the security of the IoT is something that too few people have worried about.
Warrants? Cry him a river. (Score:2)
He went on to argue that the phenomenon of communications "going dark" due to more sophisticated technology and wider use of encryption is "overwhelmingly affecting" law enforcement operations
Basically he is whining because the FBI actually has to, you know, go to a judge and prove sufficient cause for her to grant them a warrant before accessing an individual's property or papers like the 4th amendment says they have to.
Cry him a river, build him a bridge, and tell him to get over it.
Re: (Score:2)
This is information that is not available with the warrant. Assuming that the security is as good as advertised (if it weren't, why would the FBI be complaining?) it can only be retrieved by entering the PIN into the phone, and the phone can be set to destroy all its data on ten wrong PIN entries. The data cannot be read without the cooperation of a person who knows the PIN. Last I checked, the US court decisions were showing that being required to turn over a key that would reveal more than what was al
Of course they will relent (Score:2)
Methinks the maiden doth protest too much (Score:2)
Re: (Score:2)
I'm pretty sure that, given sufficient compute time, the NSA can brute-force decrypt anything.
No. At some point you run out mass energy of this universe [wikipedia.org]. This limit actually happens at a surprisingly low value even using ideal computers, which are many orders of magnitude more efficient than the best we currently. For symmetric key encryption (also know as private key encryption like with the AES, TWOFISH, or SERPENT ciphers) you would run out of mass energy in this universe some where around 270 bits running on conventional computers. Sadly that is just the energy to cycle a 270 bit counter throug
Well (Score:2)
Sure... (Score:2)
Dear FBI: See this image (Score:3)
It's a photo of the world's smallest violin playing a plaintive melody to go along with your constant whining about having to follow the law:
>>--> . <--<<
Wasn't it just a few weeks ago that... (Score:4, Informative)
... Comey was trying to convince everyone that he wasn't obsessing over encryption and not being able to read everyone's private information?
Warrants Are Too Hard (Score:2, Interesting)
Comey's message:
- Warrants are too hard;
- Due Process is too hard;
- Privacy is too hard;
- Habeas Corpus is too hard;
- Miranda warnings are too hard;
- Encryption is too hard;
- Court cases are too hard;
- Evidence is too hard;
- Probable Cause is too hard;
- Judges are too hard;
- Jurisdiction is too hard;
- Investigation is too hard;
Etc.
Damn, law enforcement is hard!
My response? My grandparents were farmers in the Dirty Thirties. That was hard. Hard enough to destroy good families who didn't deserve to be test
Re: (Score:2)
This needs to modded up to +10
That's not how quotation marks work (Score:2)
Rdukb gripes, "I'm so sad because I don't think I'll be able to be a big enough asshole today."
Chances are pretty good (about 60/40) that the submitter never actually said that.
Boohoo (Score:2)
Ignorant framing of the question (Score:2)
"This might increase pressure on Apple to loosen the backdoor restrictions. Will the industry relent and allow Government access to data from these devices?"
I suppose this post may just be click-bait, but there is no "loosening" or "relenting." The question is whether companies sell end-to-end encryption to their customers -- Yes or No. End-to-end encryption is the only real security that the government can't invade. People may disagree about whether citizens in a democracy should have a private sphere that
Really? (Score:2)
Tough shit FBI.
What kind of phone did the shooter have that the FBI claims they can't crack, I see sales skyrocketing if this is true.
IT's not Aplle, Google, etc's job to make LE job's easier.
The customers want security, it's the phone makers job to provide it. Sounds like they are doing a good job
(Assuming the story is true and this isn't just the increasingly evil government's attempt to destroy the Constitution and rape american citizen's rights...)
Oldest technique: Keep information in your head (Score:2)
The Real Problem (Score:2)
but also investigations into other murders, car accidents, drug trafficking and the proliferation of child pornography.
No matter how much emphasis we place on extra serious crimes like actual terrorism, high-level drug trafficking, and running global networks for child porn, The actual and prevalent use of the technology will be trivial matters like traffic accidents, failing to pick up after your dog, minor curfew violations, etc.
Re: (Score:2)
Admittedly I haven't read TFA, what has me scratching my head is how they know that this phone belonged to one of the San Bernadino killers. Perhaps they know who the phones belong to, but what makes them think the owner is one of the San Bernadino killers? Perhaps they already have other evidence and they don't actually need any backdoors?
Subpoenas and the right against self-incrimination (Score:5, Informative)
Perhaps they know who the phones belong to, but what makes them think the owner is one of the San Bernadino killers?
That's where law enforcement is having a hard time.
* Government can use a warrant to demand the item be surrendered, and preserve it as evidence.
* Government can demand passwords from third parties like phone companies under both subpoenas and warrants.
* BUT individuals have a constitution protection against compelled self-incrimination.
The government is supposed to produce evidence and link the person to the crime without a forced confession. It is a GOOD THING, it helps prevent things like being tortured to confession and fishing expeditions looking for crimes. Prosecutors and police can demand an individual produce papers and documents that link them to a case, but (assuming their legal defense is doing their job) by doing so they trigger the protections of the fourth and fifth amendments by compelling the evidence.
This was recently re-affirmed by the supreme court in US v. Hubbell. [wikipedia.org] If the government demands that the person gives up documents, papers, or passwords to the device it is compelled self-incrimination. If the government demands a person incriminate himself to collect evidence, it becomes poisoned and the government cannot use it or information from it to help with prosecution.
Police and prosecutors absolutely can demand the people turn over passwords .... but by doing so they also trigger immunity, they cannot use that fact or anything learned from the devices as evidence against them. They'll bitch and moan and complain about not having the passwords, they'll petition congress about how unfair it is to law enforcement that police need to actually investigate crimes and can't use self-incrimination tactics, but the lawyers know full well all it takes is a single slip of paper to legally demand the passwords. Grant them immunity under the protections of the 5th and they are compelled to turn the passwords over, but the person also walks away from criminal liability.
Simply (perhaps dangerously oversimplified) in most of these cases it is that the police are lazy. There are many other known details, much other evidence, but investigators are going for the easy pickings of the data on phones and other personal documents typically protected by law. They could do actual leg-work, actual investigation, actual crime scene evaluation, and many investigators do. The ones wanting to break down the constitutional protections are the lazy investigators who won't be bothered to use the other available investigation tools.
Parallel Construction Kit? (Score:2)
Police and prosecutors absolutely can demand the people turn over passwords .... but by doing so they also trigger immunity, they cannot use that fact or anything learned from the devices as evidence against them. They'll bitch and moan and complain about not having the passwords, they'll petition congress about how unfair it is to law enforcement that police need to actually investigate crimes and can't use self-incrimination tactics, but the lawyers know full well all it takes is a single slip of paper to legally demand the passwords. Grant them immunity under the protections of the 5th and they are compelled to turn the passwords over, but the person also walks away from criminal liability.
This is a very interesting and informative comment. My question is, how does this play into parallel construction [wikipedia.org]?
Re: (Score:3)
Police and prosecutors absolutely can demand the people turn over passwords
That doesn't make sense to me because a password is the "what you know" authentication factor. And what would stop somebody from saying they forgot the password?
Now a fingerprint on the other hand is "who you are" and the government does have the right to make you identify "who you are" not only to law enforcement but to the courts as well.
The third authenticaiton factor "what you have" (i.e. smart card, key fob) could be compelled to be turned over only if the government can prove that not only does it exi
Re: (Score:2)
A court does, law enforcement does not. If you are stopped by a cop or fed or other LEO and they ask you for your identity, you are under no obligation to tell them.
You are correct in that they can't just randomly stop you and ask for ID, however they can if they have probable cause to believe that you were involved in illegal activity, which even SCOTUS has upheld:
https://www.flexyourrights.org... [flexyourrights.org]
Re: (Score:2)
government does have the right to make you identify "who you are" not only to law enforcement but to the courts as well
A court does, law enforcement does not. If you are stopped by a cop or fed or other LEO and they ask you for your identity, you are under no obligation to tell them.
And apparently they are under no obligation not to shoot you.
Re: (Score:2)
BUT individuals have a constitution protection against compelled self-incrimination.
The San Bernadino killers are dead. So I'm not certain exactly how 4th and 5th Amendment rights would work. There's a good chance that the phone contains evidence that would incriminate others. But these others have almost certainly fled and/or destroyed evidence by now. So there isn't likely a imminent threat to be dealt with. So, what exactly is it that they need?
Re: (Score:2)
It sounds to me like the problem is a flaw in the constitution or the way it's being interpreted, to be honest. The prohibition against incriminating yourself is very obviously there to stop people being tortured until they falsely claim they are guilty. But giving up a password is not a proclamation of guilt or innocence either way. All it can possibly do is yield more evidence, hopefully leading to a more accurate outcome of the case.
I mean, under the same logic, search warrants should be illegal because
Re: (Score:2)
In many countries that protection is provided not by a constitution, but by tradition of jurisprudence. If the government decides to take that protection away in their 'war on terror', which has happened in other countries, someone will have to prosecute the government to get that protection re-instated.
It is a protection that many in the United States are quick to surrender when they feel threatened, but thankfully so far the more wise heads have prevailed.
In the past 50 years or so the popular attitude toward the protection has faltered. A half century ago invoking your right to remain silent was seen as a good use of protecting yourself. Those who did it were considered smart. But these days, when someone invokes the fifth amendment in the US it is often seen with derision and suspicion.
Anyone can in
Re: (Score:2)
Re: (Score:2)
"Will the industry relent and allow Government access to data from these devices?"
I don't know, but I had better click and find out!
I didn't RTA either, it's of no use whatever it might claim, it's the background deals that will the key here.
Re: (Score:2)
"Will the industry relent and allow Government access to data from these devices?"
I don't know, but I had better click and find out!
I would say Betteridge but in this case, probably yes.
Re: (Score:2)