Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Crime Iphone The Courts Apple Technology

Drive-By Shooting Suspect Remotely Wipes iPhone X, Catches Extra Charges (appleinsider.com) 218

schwit1 shares a report from Apple Insider: A woman from Schenectady, N.Y. accused of being the driver in a shooting used Apple's remote wipe feature to destroy evidence on her iPhone X that might have been related to the event. The iPhone was seized as evidence in the case, but police say that shortly after she triggered the remote wipe, an option available via Find My iPhone in iCloud. Normally the tool is intended for people with lost or stolen devices. The suspected driver, Juelle Grant, was arrested on November 2nd and charged with two counts of tampering with physical evidence, and one count of hindering prosecution. As Apple Insider notes, only one of the tampering counts is connected to the iPhone.
This discussion has been archived. No new comments can be posted.

Drive-By Shooting Suspect Remotely Wipes iPhone X, Catches Extra Charges

Comments Filter:
  • No Faraday cage? (Score:5, Insightful)

    by Arzaboa ( 2804779 ) on Monday November 12, 2018 @06:25PM (#57633752)

    I'm surprised (I probably shouldn't be) that the police do not have some system in place so that these phones are cut off from communicating with anything once they have them. I'd have to think that a tampering charge is less than a murder charge.

    --
    Success is walking from failure to failure with no loss of enthusiasm. -- Winston Churchill

    • I'd also have to think that you can't prove in court who did it -- anybody with her icloud username and password COULD have wiped the phone. And yes, I'd think they would immediately put phones in as RF-proof bag as possible. It they don't, they are just being idiots.
      • by Anonymous Coward

        I'd also have to think that you can't prove in court who did it

        Not really. IRL something like 98% of cases are plea-bargained, so generally you don't have to prove a damn thing.

      • by Harlequin80 ( 1671040 ) on Monday November 12, 2018 @07:02PM (#57633992)

        It's beyond reasonable doubt, not beyond ANY doubt.

        For example

        Someone logs into her iCloud account, from an IP address that is registered to her physical address and then wipes the phone immediately after an event that gives her motive to wipe the phone.

        You then have means, motive and opportunity with little to no reason to believe anything else was likely to occur. I don't see how you could argue that there was a reasonable doubt.

        • It's beyond reasonable doubt, not beyond ANY doubt.

          Indeed, and "reasonable doubt" means roughly a 90% probability.

          When DNA evidence first became available, The Innocence Project went back and evaluated old archived evidence, and were able to show that about 10% of convicted defendants couldn't possibly have committed the crimes. This is a floor on the number of wrongful convictions, since there are other people that are innocent but without enough evidence to exonerate them.

          So our society is clearly willing to send plenty of innocent people to prison rathe

          • Indeed, and "reasonable doubt" means roughly a 90% probability.

            Is that true, Bill? I had no idea that reasonable doubt had been quantified to that extent. I don't doubt you, I'm just surprised. I learned something today.

            • Well, it's an empirical estimation of what reasonable doubt tends to amount to, at least. My guess is people don't convict very often without feeling more certain than that in a Bayesian sense, but you do have to account for confirmation bias.

              • Not sure I would extend your numbers to a % on reasonable doubt. To the outcome of the innocence project shows more the error rate for conviction. There would also be the error rate on not convicting, but that % is essentially unknowable.

                • by hey! ( 33014 )

                  That's actually my point: accuracy and confidence are two different things. From my experience serving on juries, voting to convict probably implies more than a 90% level of belief. As people near a conclusion they switch from reasoning to rationalizing, which means that last bit of certainty is spurious.

          • by sycodon ( 149926 )

            Odds are we let far more guilty people go than are convicted wrongly.

            Lady Justice is depicted with analog scales. Turns out that is a very appropriate description of how it works.

    • by AHuxley ( 892839 )
      In the past physical access by the police was all that was needed.
      Now its time to sell every city and town in the USA on a collection of Faraday tablet/phone bags.
      With hours of course work in how to look after the phone and keep it safe.
      Sell an up upgrade to the police evidence lab/room too. Keep any evidence away from all networks until the pushed police software can do its magic.
    • Re:No Faraday cage? (Score:5, Informative)

      by ehlo ( 578765 ) <erikloostrom AT gmail DOT com> on Tuesday November 13, 2018 @12:40AM (#57635354)

      I work in a team that, among other things, does forensic acquisitions of electronic devices on a regular basis, including with the police.

      This type of scenario is what we scare the new recruits with when we have them in day-1 training. So much effort goes into acquiring devices (warrants, court orders, co-ordination, deployment, police presence, etc) and there's so much riding on the (potential) evidence on them that it would be devastating to go through all of that effort only to be foiled by a remote wipe.

      It is best practice to turn the device on airplane mode as soon as the device comes into your possession, and/or put it in a faraday bag. There are special ones made specifically for mobile phones that have windows in them so you can see the device's screen. They cost $200. The acquisition and chain of custody forms you have to fill in when acquiring a device in the field usually even have a box you have to tick to indicate that you have put it in flight mode.

      tldr; there are robust best practises in place, they weren't followed in this case.

      • by AmiMoJo ( 196126 )

        Don't people use the emergency shut down features of their phones? Hold the power button for a few seconds, or press it 5+ times on some models.

        I guess you can buy equipment to bypass the lock for some devices, but not all.

    • by AmiMoJo ( 196126 )

      You can buy Faraday cage bags with built in charging (so that the phone doesn't power down and disable PIN/finger/face unlock, although these days they have a time-out as well) for this purpose. Maybe they couldn't afford them, maybe they just screwed up.

  • Seriously? How about refusing to give up the encryption key - would that count as tampering with physical evidence? They're effectively the same thing.
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      There is a big difference between tampering with evidence and being required to assist in your own conviction...

      There is a thing called a Constitution and the right against self incrimination, maybe you have heard of it?

    • Refusing to give up the encryption key would be contempt of court depending or your fifth amendment right depending on the price of your lawyer.
    • by mentil ( 1748130 )

      It was an iPhone X, so the police would hold it up to her face to unlock it. This has happened before [slashdot.org].

      • I've said it before.

        She should have used her junk as reference picture.

        • The iPhone unlock requires eyes to be looking at the camera... I don't want to know what you use for the eyes in this metaphor!
          • Re: (Score:2, Funny)

            by HornWumpus ( 783565 )

            One pink, one brown for her.

            'Old one eye' should work, unless apple discriminates against the one eyed..

    • by Actually, I do RTFA ( 1058596 ) on Monday November 12, 2018 @11:59PM (#57635286)

      You don't have to provide an encryption key - you don't have to help them. But you cannot hinder them.

      Similarly, lawyers and big corporations shred documents regularly, because that's legal. But once they are subpoenaed, it's illegal

      • by f3rret ( 1776822 )

        You don't have to provide an encryption key - you don't have to help them. l

        Not entirely true.
        This lady explains better than me: https://www.youtube.com/watch?... [youtube.com]

        • She may "explain better", but I'm not going to watch a video to reply to a slashdot comment. Care to summarize? (Or is your point that you can be forced to help with biometric locks? Yeah, that's why you should have a PIN if you really care.) Also, offer only good in the USA..

  • Product idea? (Score:5, Interesting)

    by b0s0z0ku ( 752509 ) on Monday November 12, 2018 @06:30PM (#57633796)
    How about a one-way drop box on police cars that's a Faraday cage, grounded to the car's chassis with a lock that only management can open. Should prevent phones from being wiped, and preserve the chain of evidence -- if a body cam shows the phone being dropped into the secure box and the box is only opened in the presence of two people, it would reduce the risk of accusations of evidence tampering. Better yet, design the box to be sent directly to a trustworthy lab equipped with a Faraday cage where they can work on the phone. (i.e. PD can only put the phone in, they can't unlock it at all).
    • I get where you are going with the one-way cage but in reality I'd be more worried about people remote-wiping seized devices that police tampering, so a more practical thing for every police car to carry would be faraday bags with wire mesh embedded in them - I used to see them for sale on Amazon, but the last I looked I couldn't find them. Seems like it could be made cheap enough for every police car to have a few on hand in case they needed to hold a phone for evidence and prevent any remote tampering.

      Yo

      • It seems like at least someone has a faraday bag for phones now [amazon.com]

        I've thought about getting one myself for a while now, in the case of a Carrington event [gaia.com] or EMP, just to keep spare phones in I would have around anyway.

        I have no idea if that one is any good, just the first one I found that looked promising.

        • by shess ( 31691 )

          I've thought about getting one myself for a while now, in the case of a Carrington event [gaia.com] or EMP, just to keep spare phones in I would have around anyway.

          "Tell me, Mr. Anderson, what good is a cellphone when you are unable to contact a tower?"

          • by ELCouz ( 1338259 )
            Pocket calculator?
            • Indeed. If one didn't want to bury books in a septic tank [google.com] - an old phone loaded up with PDFs and EPUBs with a small solar panel and charger setup stashed away in a properly shielded and sealed (water tight w/ desiccant in there!) box would be a good substitute

            • saved porn would probably be the major winner in this. lets be honest, its the intertnet..

              • Seems like a great post-apocalyptic story to be told where an empire is based entirely on one guy managing to save a hard drive of porn and a computer to access it, from a global EMP event.

                • Should pitch it to creators of south park and make randy marsh the savior. It would play well with the no internet episode!

          • by arth1 ( 260657 )

            I don't have a sim card for my cell phone. I use it for a lot of things[*] - pretty much anything except phone calls and SMS works just fine. Some use cases requires a WiFi connection, but certainly no connection to a cell tower.
            Given that actual phone calls is the least use most put a smartphone to, I am sure that many can do just fine without it.

            [*]: Books, music, audiobooks, GPS, exercise monitor/logger, calculator, metronome, 2FA token server... When near WiFi also checking e-mail, checking news, in

    • That removes the ability of the police officer to return the phone at the time. For instance, if they realize that there is no need to arrest the person.

    • by AmiMoJo ( 196126 )

      How about a phone that auto-wipes if I don't re-authorize with a strong password every 24 hours? And that wipes if it detects known data extraction tools, or for that matter any USB data connection unless I pre-authorize it?

    • You don't need anything so complicated. Just Google "faraday bag forensics". You can buy single use, single seal bags that work the same way as disposable bank deposit bags; once it is sealed it can't be opened without evidence of tampering.

  • Uh, how can they charge her with obstructing anything when they a) don't know what was on the phone and b) had any assurance they could even access they phone (especially as TFA notes that they were so clueless that they didn't toss it in a Faraday bag). There may or may not have been evidence.

    This all part of the game, and this round went to the bad guys.

    • by rogoshen1 ( 2922505 ) on Monday November 12, 2018 @06:36PM (#57633842)

      I think it's one of those "we're gonna charge you, and you can fight it; but you'll get the maximum penalty -- OR you can fess up and we'll give you 5 years and probation" type shake-downs.

      And definitely, this round will definitely go to the bad guys (overreaching DA's and police)

      • If she was actually involved in attempting to kill someone, it's not terrible if they get her for something, just like Al Capone was jailed for tax evasion.
        • Fair point; but at the risk of setting precedence for questionable behavior by police and DA's going forward?

    • pretty sure attempting to destroy evidence counts if you are knowingly destroying something that you know the police are going to try to search. If the police are about to search your car, and you set it on fire before they can arrive... pretty sure that counts as destroying evidence, regardless of whether the police can prove there was or wasn't evidence in the car.
    • IANAL, but i'm pretty sure tampering with potential evidence is obstruction even if they can't prove there was anything incriminating in the evidence in the same way that police searching without a warrant/probable cause invalidates actual incriminating evidence, even if they argue that they would eventually have found that same evidence via legal means.

      Basically the people who write the laws aren't _completely_ braindead. If the burden of proof were the other way around all potential suspects would alway
    • by Kjella ( 173770 ) on Monday November 12, 2018 @07:16PM (#57634096) Homepage

      So? If you're served with a subpoena wiping the records instead is a crime, they don't have to prove the records would have been incriminating. I think it's obvious the same should apply to remotely wiping a seized device. You're free to set up any security policy you like in advance, even a dead man's switch if you want but taking active hostile action against a police investigation is not accepted in any legal system. Now I'm sure the US legal system has a lot of other issues, but I really fail to see how this makes them the bad guy. Not even a little.

      • "You're free to set up any security policy you like in advance, even a dead man's switch if you want but taking active hostile action against a police investigation is not accepted in any legal system."

        Are you? is setting your phone to self destruct ala dead mans switches any different if the ends are the exact same. What about if you set up a canary type http address, that when unreachable for longer than an hour, would self destruct the phone? Do you really think they need much proof? or do they just assu

      • You're free to set up any security policy you like in advance, even a dead man's switch if you want but taking active hostile action against a police investigation is not accepted in any legal system. Now I'm sure the US legal system has a lot of other issues, but I really fail to see how this makes them the bad guy. Not even a little.

        Your logic is truly baffling if you think we're "free" to do as we wish here.

        In the real word a "dead mans switch" is called Corporate MDM Security Policy which dictates wiping the phone after XX number of failed password attempts. I can see police accidentally or purposely attempting to get into a suspects phone which might trigger such a policy that they would be unaware of. I can also see police failing to "hack" a device resulting in a device wipe, ALL of which would be immediately turned into a charg

    • Pretty easy, actually.

      The data on the phone was evidence of something. It could have exonerated her or it could have convicted her. But we'll never know because she destroyed the data on the phone.

      That's obstructing.

  • what if your wipe key is lawyer vs attorney and when asking you to open your phone some says I want my attorney and then the phone wipes it self?

  • by nehumanuscrede ( 624750 ) on Monday November 12, 2018 @08:38PM (#57634550)

    Of course you'll have to call it a " security " or " privacy protection " app before Apple would even consider such a thing on the App Store.
    Make sure to think of a catchy name for it. . . .

    Conditions:

    1) User has not logged into phone in $user_defined number of hours ( user is detained )
    2) No signal ( cellular or wifi ) present ( phone is in a signal denied environment )
    3) User has the paranoid feature enabled

    #2 is fun because they have to choose to either leave the phone connected to a network ( risking a remote wipe ) or denying the connection and running the risk of the phone wiping itself. Decisions, decisions . . . . . .

    User selectable payloads:

    a) Phone wipes itself
    b) Phone rekeys with a random password ( user plausible deniability - I really don't know the password )
    c) Phone overwrites data with random gibberish or lyrics from your favorite anti-police music ( NWA can help you out here )

    If you're the forgetful criminal type, you can always add a setting to flash a warning, beep, vibrate, whatever telling you bad things are about to happen to your phone if you don't log into it soon.

    Done.

    Or you could, you know, leave your damn phone at home if you plan on doing something stupid. . . . . .
    ( # 2 answer right behind don't do anything stupid to begin with )

    *afterthought*

    This whole " they-might-wipe-the-phone-remotely-so-put-it-in-a-shielded-bag-or-faraday cage " thing wouldn't be an issue if there was a user removable battery in these things.

    Just sayin . . . .

    • by iTrawl ( 4142459 )

      wouldn't be an issue if there was a user removable battery in these things

      Don't these things have a power button to turn them off?

    • Your app wouldn't have worked in this case because a network was available (it had to be in order for the remote wipe to work).

  • by Tom ( 822 )

    This, actually, is exactly what remote wipe was invented for: To prevent your data falling into the wrong hands, with you deciding who "wrong hands" are or better: Not having to decide but simply being able to wipe whenever you want.

    The police should really be able to anticipate this. What you can't take the SIM card out? While they will probably successfully sue for destruction of evidence (because it is), let's not for one second pretend that this is not exactly the use case of the feature.

    • What's missing is plausible deniability. The next version should have a self destruct mechanism that sets the battery on fire.

      Ok, it would only work as plausible with Samsung devices, but hey, it's the staple of the industry to copy features from the competitor.

  • When going into an environment where it might be helpful not to have information on one's phone fall into the wrong hands, a phone that would lobotomize itself if certain conditions weren't met would be very nice to have.

    If there isn't already an app for that, there should be.

  • When someone who you do not want to have your phone information is in possession of your phone, you can wipe it. Sounds like pretty much what the idea behind the feature was.

  • The phone was seized but left connected to the cellular network, allowing anyone who had access, to wipe the phone. The correct procedure, even if it's not official, would be to cut off all network access from the phone, so that no one or no service can access it. The fact the police didn't make this common sense move, should make them liable for the tampering and not the person who wiped it.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...