Signal's Cellebrite Hack Is Already Causing Grief For the Law (gizmodo.com) 109
An anonymous reader quotes a report from Gizmodo: A Maryland defense attorney has decided to challenge the conviction of one of his clients after it was recently discovered that the phone cracking product used in the case, produced by digital forensics firm Cellebrite, has severe cybersecurity flaws that could make it vulnerable to hacking. Ramon Rozas, who has practiced law for 25 years, told Gizmodo that he was compelled to pursue a new trial after reading a widely shared blog post written by the CEO of the encryption chat app Signal, Moxie Marlinspike. It was just about a week ago that Marlinspike brutally dunked on Cellebrite -- writing, in a searing takedown, that the company's products lacked basic "industry-standard exploit mitigation defenses," and that security holes in its software could easily be exploited to manipulate data during cell phone extraction.
Given the fact that Cellebrite's extraction software is used by law enforcement agencies the world over, questions have naturally emerged about the integrity of investigations that used the tech to secure convictions. For Rozas, the concerns center around the fact that "Cellebrite evidence was heavily relied upon" to convict his client, who was charged in relation to an armed robbery. The prosecution's argument essentially turned on that data, which was extracted from the suspect's phone using the company's tools. In a motion recently filed, Rozas argued that because "severe defects" have since been uncovered about the technology, a "new trial should be ordered so that the defense can examine the report produced by the Cellebrite device in light of this new evidence, and examine the Cellebrite device itself." "I think it's going to take a while to figure out what the exact legal ramifications of this are," says Megan Graham, a Clinical Supervising Attorney at the Samuelson Law, Technology & Public Policy Clinic with Berkeley Law School. "I don't know how likely it is that cases would be thrown out," she said, adding that a person who has already been convicted would likely have to "show that someone else identified this vulnerability and exploited it at the time" -- not an especially easy task.
"Going forward, I think it's just hard to tell," Graham said. "We now know that this vulnerability exists, and it creates concerns about the security of Cellebrite devices and the integrity of evidence." But there's a lot that we don't know, she emphasized. Among Graham's concerns, she said that "we don't know if the vulnerability is being exploited," and that makes it difficult to discern when it could become an issue in past cases. "I think there will be cases where defense attorneys are able to get judges engaged [on this issue]. They will present the security concerns, worries about manipulated evidence, and it might be persuasive. I think there will be a wide array of responses when it comes to how this plays out in cases," she said.
Given the fact that Cellebrite's extraction software is used by law enforcement agencies the world over, questions have naturally emerged about the integrity of investigations that used the tech to secure convictions. For Rozas, the concerns center around the fact that "Cellebrite evidence was heavily relied upon" to convict his client, who was charged in relation to an armed robbery. The prosecution's argument essentially turned on that data, which was extracted from the suspect's phone using the company's tools. In a motion recently filed, Rozas argued that because "severe defects" have since been uncovered about the technology, a "new trial should be ordered so that the defense can examine the report produced by the Cellebrite device in light of this new evidence, and examine the Cellebrite device itself." "I think it's going to take a while to figure out what the exact legal ramifications of this are," says Megan Graham, a Clinical Supervising Attorney at the Samuelson Law, Technology & Public Policy Clinic with Berkeley Law School. "I don't know how likely it is that cases would be thrown out," she said, adding that a person who has already been convicted would likely have to "show that someone else identified this vulnerability and exploited it at the time" -- not an especially easy task.
"Going forward, I think it's just hard to tell," Graham said. "We now know that this vulnerability exists, and it creates concerns about the security of Cellebrite devices and the integrity of evidence." But there's a lot that we don't know, she emphasized. Among Graham's concerns, she said that "we don't know if the vulnerability is being exploited," and that makes it difficult to discern when it could become an issue in past cases. "I think there will be cases where defense attorneys are able to get judges engaged [on this issue]. They will present the security concerns, worries about manipulated evidence, and it might be persuasive. I think there will be a wide array of responses when it comes to how this plays out in cases," she said.
the last paragraph of Moxie's text is telling (Score:5, Interesting)
The completely unrelated
In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software. Files will only be returned for accounts that have been active installs for some time already, and only probabilistically in low percentages based on phone number sharding. We have a few different versions of files that we think are aesthetically pleasing, and will iterate through those slowly over time. There is no other significance to these files.
This reads as "signal will store files with a bunch of vulns targeting the cellebrite box"
Re: (Score:2)
Clearly; but what are the ramifications?
The standard can't be the software systems law enforcement used during the investigation have to be absolutely free of exploits, especially not retroactively. If that standard is used than essential no digital evidence gathering will be possible. There is has been a 'local exploit' published for just about every software stack in use anywhere.
Courts are going to have to allow this evidence to be impeached though if there actually is valid reasons to suspect some kind
Re: (Score:3)
Clearly; but what are the ramifications?
These are bait for the cellebrite software to slurp up. The effect is unknown and could be anything from the software crashing, to it completely bricking the machine. There are no laws against booby-trapping files that an intruder (software or human) may happen upon.
Re: (Score:2)
You describe physical traps designed to cause personal injury or death to a human being. Software designed to break other software may not be covered depending on how those laws are written.
Re: (Score:3)
> Software designed to break other software may not be covered depending on how those laws are written.
Which defines Cellbebrite.
Re: (Score:2)
Software designed to break other software may not be covered depending on how those laws are written.
Which defines Cellbebrite.
This, precisely.
If Cellebrite is legal, then software that does what Cellebrite does (i.e., exploiting flaws in other software to do things not intended by the original software designer) must also be legal.
You can't logically have one without the other.
Re: (Score:2)
Except the Police are allowed to do thing that regular people aren't, seized drugs, CP, weapons, etc. aren't criminal for the police to hold once seized for example.
Re: (Score:2)
Re: (Score:1)
Isn't the police granted an exception to laws like that?
For instance police now abuse the copyright laws by playing copyrighted music to prevent being recorded.
I mean police get away with sexual assault (forced cavity search of women in front of men or done by men without gloves and lube (painful and risk of getting STDs think lifelong HIV/AIDS), etc and pure murder. Police run around with mobile access points which grabs everything, listen in on private conversations, invading privacy, assault and harass p
Re: (Score:2)
The requirement for using a booby trap is that it must be able to identify lawful intruders as distinct from unlawful intruders. It's not an absolute ban.
One could argue an AI trap is fine by the Supreme Court's ruling.
Re: (Score:2)
The requirement for using a booby trap is that it must be able to identify lawful intruders as distinct from unlawful intruders.
[citation needed]
While laws obviously vary from jurisdiction to jurisdiction, I haven't heard that standard before. It's my understanding (read: IANAL) that booby traps are generally illegal if they apply disproportionate force to the potential harm being suffered. For instance, there was a famous case in which a couple left a shotgun booby trap in a house they owned that was vacant. They were using the house for storage and because it was not being lived in it was a frequent target of robberies. They put u
Re: (Score:2)
For cases apparently holding dangerous devices may be used to ward off and prevent a trespasser from breaking and entering into an inhabited dwelling, see State v. Vance, supra; Grant v. Hass, supra; Scheuermann v. Scharfenberg, supra; Simpson v. State, supra; United States v. Gilliam, 1 Hayw. & H. 109, 25 Fed.Cas. 1319, p. 1320, No. 15,205 a (D.C. 1882); State v. Childers, supra; Gramlich v. Wurst, 86 Pa. 74, 80 (1878).
https://law.justia.com/cases/i... [justia.com]
Re: (Score:2)
For cases considering the devices a property owner is or is not privileged to use to repel a mere trespasser, see Hooker v. Miller, supra, 37 Iowa 613 (trap gun set in orchard to repel); State v. Vance, supra, 17 Iowa 138 (1864); Phelps v. Hamlett, Tex.Civ.App., 207 S.W. 425 (1918) (bomb set in open air theater); State v. Plumlee, supra, 177 La. 687, 149 So. 425 (1933) (trap gun set in open barn); Starkey v. Dameron, supra, 96 Colo. 459, 21 P.2d 1112 (1933) (spring gun in outdoor automatic gas pump); State v. Childers, 133 Ohio St. 508, 14 N.E.2d 767 (1938) (trap gun in melon patch); Weis v. Allen, 147 Or. 670, 35 P.2d 478 (1934) (trap gun in junkyard); Johnson v. Patterson, 14 Conn. 1 (1840) *668 (straying poultry poisoned); Bird v. Holbrook, supra, 4 Bingham's Reports 628 (England, 1828) (spring gun in garden enclosed by wall of undisclosed height).
There's tons of case law. Read some.
Re: (Score:2)
However, an exception to the rule that there may be criminal and civil liability for death or injuries caused by such a device has been recognized where the intrusion is, in fact, such that the person, were he present, would be justified in taking the life or inflicting the bodily harm with his own hands. (See United States v. Gilliam, supra, 25 F.Cas. 1319, 1320-1321; Scheuermann v. Scharfenberg, *477 163 Ala. 337 [50 So. 335]; Katko v. Briney, supra; Gray v. Combs (Ky.) 23 Am. Dec. 431; State v. Plumlee, supra; State v. Beckham, supra; State v. Childers, supra, p. 770; Marquis v. Benfer, supra; see Defense of Property — Spring Guns or Traps, 47 A.L.R.3d 646, 662; 6 Am.Jur.2d, Assault and Battery, 89, p. 78; 40 C.J.S., Homicide, 111, pp. 978-979; Perkins on Criminal Law (2d ed.) p. 1030; Rest. 2d Torts, 85; Prosser on Torts (4th ed.) p. 116; but see Posner, Killing or Wounding to Protect a Property Interest (1971) 14 J. Law & Econ. 201, 214-215.) The phrase "were he present" does not hypothesize the actual presence of the person (see Rest. 2d Torts, 85, coms. (a), (c) & (d)), but is used in setting forth in an indirect manner the principle that a person may do indirectly that which he is privileged to do directly.
https://scholar.google.com/sch... [google.com]
Re: (Score:2)
I'll reply here to everything you've written (and thank you for that, it's rare that someone actually does seek to provide citations!). Let me start with some clarification. When I said "booby traps are generally illegal if they apply disproportionate force to the potential harm being suffered", the notion I was trying to get at, but may have misstated, was that you can't apply lethal force if all you're protecting is property, but if you're protecting yourself lethal force may be an appropriate response. T
Re: (Score:2)
I'm also going to state here that I've been trying to find the exact wording I was looking for, and haven't had much luck, but I'm also busy doing Real Work, as I'm not retired yet.
This was a discussion we had on Slashdot well over a decade ago, and I'm probably going to need to dig fairly hard to find my original citation I'm thinking of. The exception particularly supports the idea that being present isn't actually necessary if you'd otherwise have the right to use force, but it's not the specifically wor
Re: (Score:2)
There exist emergency situations that would make unauthorized entry into someone's house legal (or at least excused). For that reason, a trap likely to cause serious injury and potentially death are out of bounds. Had their trap just let loose a blast of dye or skunk spray they probably would have been OK.
Re: (Score:2)
That's why the citation I'm trying to find specified the distinction and made a comment about lawful intruders. Perhaps I'm misremembering the exact wording, but I recall your point being made about unauthorized entry for legitimate reasons--those would be lawful intruders.
Re: (Score:2)
One of your earlier links got at a related idea with a mention of firefighters or other emergency personnel.
Backing up for a sec, I have no problem agreeing with the notion that booby traps are illegal if they deploy lethal force against lawful entrants. Absolutely so. But the way your earlier statement was phrased, it had me thinking that you believed that the inverse was equally as true: that booby traps are legal if deployed against unlawful entrants. That's why I asked for a citation, and that's the par
Re: (Score:2)
That would be a good standard for DRM.
Reading plaintext for copyright infringement purposes? Legal to interfere with. Reading plaintext in order to play the movie? Illegal to interfere with. Can't tell because the user's device doesn't have enough CPU to run the standard tribunal of a lawyer AI, a psychic AI, and an engineer AI? Then interfering is risky.
Re: (Score:2)
Citation needed. How does that differ from a fence topped with barbed wire?
Re: (Score:2)
Because concealment is a key element of all definitions I'm familiar with. For example, in CA:
(c) For purposes of this section, "boobytrap" means any concealed
or camouflaged device designed to cause great bodily injury when
triggered by an action of any unsuspecting person coming across the
device. Boobytraps may include, but are not limited to, guns,
ammunition, or explosive devices attached to trip wires or other
triggering mechanisms, sharpened stakes, and lines or wire with hooks
attached.
Re: (Score:2)
Re: (Score:2)
(3) For the purposes of this subsection, the term “boobytrap” means any concealed or camouflaged device designed to cause bodily injury when triggered by any action of any unsuspecting person making contact with the device. Such term includes guns, ammunition, or explosive devices attached to trip wires or other triggering mechanisms, sharpened stakes, and lines or wires with hooks attached.
Federal law: https://www.law.cornell.edu/us... [cornell.edu]
Re: (Score:2)
The equivalent law in Arkansas probably is unconstitutional:
(b) As used in this section, "booby trap" means a device designed to cause death or serious physical injury to a person.
Too broad.
Re: (Score:1)
Re: (Score:2)
There's several key elements in these definitions. You need all of them.
Re: (Score:2)
How does that differ from a fence topped with barbed wire?
Plain difference - barbed wire is not usually hidden.
Intent - barbed wire is usually intended to deter, the hidden razor blades are intended to injure someone who is already engaged in the theft.
Re: (Score:1)
Re: (Score:2)
Booby traps that are likely to injure a person are generally illegal, not so much for property damage (consider, spikes in paid parking to keep people from entering through the exit)
Re: the last paragraph of Moxie's text is telling (Score:2)
Mantrapping (but on a computer).
Should work just fine like all the other versions of the same crimes on the books for "on a computer".
Re: (Score:3)
The standard can't be the software systems law enforcement used during the investigation have to be absolutely free of exploits
To some extent, it must be. The standard for criminal conviction can't be lowered to "pretty sure". Given the way that police investigations tend to be an advanced form of pin the tail on the donkey, pretty much every criminal has strong motive to make someone (anyone) look more likely to be guilty than they do.
It's fairly widely understood that there are more exploits out there than there are published reports about exploits and that there is a high probability that someone somewhere discovered an exploit
Re: (Score:2)
"the last paragraph of Moxie's text is telling:"
I'm missing something here, like, what is the context for this paragraph?
Re: (Score:1)
what is the context for this paragraph?
Exploiting vulnerabilities in Cellebrite [signal.org]
Re: (Score:2)
Yes, I know the source. But WTF is the context? The source only says "this is unrelated." WHY is this software downloading "aesthetically pleasing" files? Downloading from whom? Downloading to where? Downloading for what purpose? Why do we care if they are "aesthetically pleasing"?
I suppose if I knew more about the software this may be clear, but as written, the paragraph seems to think that I can guess the context, and I can't.
Re: (Score:2)
> WHY is this software downloading "aesthetically pleasing" files?
For use in exploiting the Cellebrite device
> Downloading from whom?
I'd imagine signal.org or associated servers
> Downloading to where?
Your phone's app storage
> Downloading for what purpose?
To use in exploiting the Cellebrite device
> Why do we care if they are "aesthetically pleasing"?
Better than being ugly looking?
Re: (Score:2)
But what will they do? It's hard to see how they could actually tamper with evidence without breaking multiple laws.
He seems to think that the mere existence of these vulnerabilities or a single bit of software that exploits them in some undefined way could be enough. By that logic though the fact that it runs on Windows, and Windows has security vulnerabilities and viruses, should have already had a similar effect on it.
Courts generally won't accept "but the police computer might have had a virus that down
Re: (Score:3)
The mere existence of data taken from an electronic device introduced as evidence entitles the defense to examine the device which produced it, because the claim that the device is accurate is also considered evidence
See my citations in other posts on this story.
Re: (Score:2)
Agreed, and I think that in general any device used to gather evidence should be available for examination, including source code.
Let's say the defence finds a critical vulnerability that allows an attacker to place an arbitrary text message on the victim's phone. How likely is the court to view that as reason to doubt any incriminating text messages recovered?
Considering that Cellbrite needs the device to be unlocked to work it seems like there would be ample opportunity for the cops to simply plant fake t
Re: (Score:2)
How likely is the court to view that as reason to doubt any incriminating text messages recovered?
That would seem to be the heart of the matter. I don't know the actual standard. Reasonable suspicion? Probable cause? Reasonable person?
Re: (Score:1)
ALL OSs have viruses and vulnerabilities. What they (prosecution) would need to show the courts to prevent a retrial is:
Did Signal perform the expected due diligence within industry norms to ensure that their software was free of compromises?
Did the police department perform the expected due diligence to ensure that the computer was up-to-date with regards to software, security patches, virus & malware protection, etc.?
Did the police department perform appropriate trusted-chain procedures to ensure tha
It is not. (Score:2)
The mere suggestion that something may or may not happen probabilistically, at random, in your imagination, is enough to make people think twice about Cellebrite. If Signal can do it, the implication is that, anyone with the technical mean can do it.
Even if these files were filled with random bytes, there's still a non-dismissible chance that it could cast doubt upon any evidence collected by Cellebrite, and this doubt alone will cause enough additional work for both Law enforcement, that they'll start loo
Defective by Design (Score:2, Interesting)
Cellebrite is defective by design. Law Enforcement is not interested, and is NEVER interested, in getting to the truth. It is only interested in winning convictions to support re-election for the politicians that bring in the cash from the military industrial complex.
Intentional weaknesses that allow data from a phone extraction to be manipulated, especially in a difficult to detect way, are the obvious solution to the problem of facts and truth getting in the way of convictions. It is therefore reasonable,
Re: Defective by Design (Score:2)
Protecting software against a malicious user with direct access to the computer it's running on is a lost cause.
If you out of principle discount all testimony of police in your country you should consider emigrating. At some point trust is required, not everything can have independent proof.
Please don't say "never" Re:Defective by Design (Score:2, Informative)
Law Enforcement is not interested, and is NEVER interested, in getting to the truth.
"NEVER" can be refuted by a single counter-example. "Rarely if ever" or "practically never" is harder to refute. If you want to be taken seriously, please don't be so easy to disprove.
Most Slashdotters can think of a counter-example and can stop reading now. For the benefit of the A. C. or anyone else who needs even a single counter-example to open their eyes, do a web search for the term "conviction integrity unit" to find many examples of prosecutors who go back to correct the false prosecutions of the
Re: (Score:1)
This. Precision with language is crucial for effective communication. Words have meanings.
Re: (Score:2)
do a web search for the term "conviction integrity unit" to find many examples of prosecutors who go back to correct the false prosecutions of their predecessors.
Being a cynic I would say they do that to show how much better they are then their predecessors and not because they care about wrong convictions.
They still want to convict as many people as possible to make their numbers look better so they can stay in power longer.
Re: (Score:2, Informative)
It may be hard to prove motive, but it's trivial to show that 98% of all casesat the federal level are plead out instead of tried.
Those people aren't all guilty; they've been coerced by agents of the State. Statistics alone should suggest something is VERY wrong.
How to hire a real hacker (Score:1)
Re: (Score:2)
And yes, the DoJ will probably win the case and send every Signal contributor who collaborated on this new feature to prison because the issue is cut and dry; there is no legal theory in the USA that is recognized by the courts that allows you to target the forensic tools like this in the forensic lab vs the courtroom.
It depends on what the tools do. You could claim a car alarm might target the sensitive ears of a thief, but the primary purpose of the alarm is to alert others that the car has been compromised. If it's some kind of worm or something, that's entirely different.
Re: (Score:2)
The legal nature of a particular object is often only decidable in context. For example, MA has no legal requirements for licensure or anything else to possess locksmithing tools. Locksport is a somewhat common hobby among nerds in MA.
They're legal to possess, by anyone, at any time, except if they're used in the commission of a crime (possession is enough for the courts), they magically become "burglarious instruments". And those are illegal.
Context is everything.
Re: (Score:3)
The accused has the right under the federal rules of evidence, section 902, https://www.law.cornell.edu/ru... [cornell.edu] rules 11, 13, and 14 to inspect the evidence.
(11) Certified Domestic Records of a Regularly Conducted Activity. The original or a copy of a domestic record that meets the requirements of Rule 803(6)(A)-(C), as shown by a certification of the custodian or another qualified person that complies with a federal statute or a rule prescribed by the Supreme Court. Before the trial or hearing, the proponent must give an adverse party reasonable written notice of the intent to offer the record — and must make the record and certification available for inspection — so that the party has a fair opportunity to challenge them.
[...[
(13) Certified Records Generated by an Electronic Process or System. A record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent must also meet the notice requirements of Rule 902(11).
(14) Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule (902(11) or (12). The proponent also must meet the notice requirements of Rule 902 (11).
Re: (Score:3)
Additionally, 901(9) also considers the presentation of evidence that a device is accurate (and can thereby be used in 902):
(9) Evidence About a Process or System. Evidence describing a process or system and showing that it produces an accurate result.
This is also available to the defense.
Re: (Score:2)
Think about how far this reasonably goes though. Like say the prosecution presents files recovered from a computer. How likely is questioning the fact that Windows has known security flaws, that the police computer might have had malware on it, going to get the evidence thrown out? How many defendants have been successful in getting the source code to the forensic app to examine?
I seem to recall in the past people have requested source code for speed traps. Not sure what came of that.
Re: (Score:2)
It's been done for breathalyzers. https://www.wired.com/2009/05/... [wired.com]
Re: (Score:3)
The Supreme Court of New Jersey on Monday reinstated the use of breath tests in convictions for driving under the influence of alcohol (DUI). The court faced a challenge to the reliability of the Draeger Alcotest 7110 breathalyzer machine from twenty defendants who combined efforts to create a sophisticated attack on the device. A total of 10,470 DUI cases had been put on hold over the course of the three-year trial -- putting millions in fine revenue at risk. The court acted to uphold the convictions.
"We conclude that the Alcotest... is generally scientifically reliable, but that certain modifications are required in order to permit its results to be admissible or to allow it to be utilized to prove a per se violation of the statute," the unanimous court wrote in brushing aside the accuracy concerns.
But it doesn't guarantee they'll buy that any given vuln fucked your own results.
Re: (Score:1)
It's common knowledge that breathalyzers are notoriously unreliable just like mobile drug tests. Eating a bagel with those bread seeds can get you put in prison/fined for cannabis use or other drug use. Breathalyzers can trigger when you have eaten certain food or candy or it can trigger because it feels like it or you have fuel or spilled beer in the car or specifically on the spot you're standing or as people have explained to me some cops intentionally put alcohol on the tube to intentionally trigger it.
Re: (Score:2)
Thanks. So in that case they were able to attack the measurement specifically. So a bit different to this case.
Re: (Score:2)
The question is does putting a file on a uses device with their permission, mind you constitute targeting; even if that file is known to cause problems for forensic software attempting to digest it? It probably matters what it does too. Does it just cause a crash and break the acquisition process or does it actually attempt to run code or tamper with the evidence system in anyway.
We are not talking about connecting to a service and sending malicious data. This is passive. Also presumably they can get a war
Re: (Score:2)
Don't forget that there's a possibility that even successful prosecution for malfeasance for preventing the successful use of forensic software might still be less severe than the sort of charges that might be levied against the defendant if the phone were successfully accessed.
Re: (Score:3)
Since when is there a law demanding I make my computers support some arbitrary hacking software?
Re: It's a potentially very stupid move by Signal (Score:2)
Hell you don't even have to follow the USB standard and not supply 200 volts at 30 amps from a small capacitor to anything that plugs into that port....
This is suddenly getting back to my arguments about encryption in general. Arranging my effects in such a way that others can't understand them does not require computing. I can stack quarters on my desk in a pattern that only I can understand.
A search warrant grants you the right to come in and look at my quarter piles. At no point does it give you the righ
Re: (Score:2)
Didn't they jail people for refusing to give up encryption keys? Violating their 5th amendment rights?
Re: (Score:2)
I should say, passwords to keys. They couldn't understand them, so they jailed the person in contempt.
Re: (Score:2)
https://arstechnica.com/tech-p... [arstechnica.com]
Ah yes, here it is. They held him for FOUR YEARS, then decided his 5th Amendment rights had been violated.
https://arstechnica.com/tech-p... [arstechnica.com]
Re: (Score:2)
Re:It's a potentially very stupid move by Signal (Score:4, Informative)
Please, Keyboard Lawyer, do provide us a detailed analysis or law citations to show that "there is no legal theory in the USA that is recognized by the courts that allows you to target the forensic tools like this in the forensic lab vs the courtroom." I await your extraordinary evidence for this extraordinary claim.
Also please provide actual statute that you might think Marlinspike could be charged with.
Meanwhile I will provide you this article which has, at the start, a summary of several cases where both the people, their work practices, or the technology implementations associated with forensic science for a legal case has been undermined in the courts: https://scholarlycommons.law.c... [case.edu]
Showing that the prosecution's forensics are unreliable is entirely valid and legal in court, which includes showing that their tools are badly built and unreliable.
Re: (Score:2)
Re: (Score:3)
Sure there is. Wiping off your fingerprints isn't a crime and specifically designed to target forensic tools.
Re: (Score:2)
It is a crime if you did it to destroy evidence of another crime...
Re:It's a potentially very stupid move by Signal (Score:4, Informative)
https://www.law.cornell.edu/us... [cornell.edu]
Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.
Look up spoliation.
Re: (Score:2)
How does one prove intent? "It was messy, I was cleaning."
Re: (Score:2)
That's a problem for the prosecution. I'm just quoting the law, kid.
Re: (Score:2)
Re:It's a potentially very stupid move by Signal (Score:4, Informative)
Not true:
Litigants are only subject to spoliation sanctions if a duty to preserve evidence in question arises. “[I]n order for the injured party to pursue a remedy for spoliation, the spoliating party must have been under a duty to preserve the evidence at issue.” Phillips, 297 Ga. at 394, 774 S.E.2d at 603, citing Whitfield v. Tequila Mexican Restaurant No. 1, 323 Ga. App. 801, 807(6), 748 S.E.2d 281 (2013). So, Phillips makes it clear that for spoliation sanctions to be appropriate, there (1) must be a duty to preserve the evidence in question and (2) a failure to preserve the evidence.
Phillips changed the landscape as to when this duty arises. Since Phillips, the Court of Appeals has acknowledged this shift:
“In Phillips, our Supreme Court overruled a long line of precedent from this Court in which we had held that a defendant’s duty to preserve arises only when the plaintiff’s actions have provided the defendant with actual or express notice that the plaintiff is contemplating litigation. Phillips enunciated two concepts on the issue of notice: (1) notice may be actual or constructive and (2) the defendant’s actions may be relevant to that determination because such activity may be an expression by the defendant that it was acting in anticipation of litigation.” (emphasis supplied).
Re: (Score:2)
How is what they are doing any different than run of the mill antivirus software? There is no guarantee that every celebrite user is law enforcement or has a warrant. People are allowed to secure their computers. Its up to celebrite to circumvent the phone's security.
Re: (Score:3)
Follow me here:
A) works are automatically copyright in US jurisdiction upon their creation. Registration is not required, but recommended for ease of enforcement.
B) text messages are copyrighted works owned by me.
C) Signal implements technological measures to effectively control and protect access to my copyrighted works.
D) Section 103 (17 U.S.C Sec. 1201(a)(1)) of the DMCA bluntly states: "No person shall circumvent a technological measure that effectively controls access to a work protected under this ti
Don't tell them about fingerprint/DNA "evidence".. (Score:1, Troll)
Like people with more than on DNA in or on their bodies.
Like DNA sequencing using a game of blend-the-DNA, replicate it a billion times, then puzzle one together that might or might not get all he countless huge repetitions in our chromosomes together the right way again.
Like most fingerprints being too distorted and incomplete to give a reliable match.
Like the flaws of human memory making witnesses dangerously wrong ans easily manipulated, even into false memories. Like playing "Who in this lineup of peopl
Re: Don't tell them about fingerprint/DNA "evidenc (Score:2)
*more than ONE DNA.
To clarify: I mean chimeras, people with transplants (including hair transplants), on just simple things like spit and cum stains.
Re: (Score:2)
Funny how time passes and the instruments change, but the song remains the same.
One of my all-time favourite cartoons appeared in the National Lampoon about 25 years ago. It shows an old lady standing with a cop, looking through a two-way mirror to pick a suspect out of a police lineup. In the lineup: a goose, a nun and a black guy.
Not trolling! (Score:2)
But a harsh critique of our legal system!
Can you moderatrolls please turn on your brains and the awareness of your own triggers before you read and "moderate"?? I was speaking *for* you!
I'm more surprised that (Score:2)
40+ years of tough on crime means it's very easy to get convictions out of people. Add to that bad software you can't examine and you've got a recipe for disaster.
Re: (Score:2)
It was posted twice.
Re: (Score:2)
A fledgling new /. editor in the making?
defense rights and chain of custody issues to deal (Score:2)
defense rights and chain of custody issues to deal with.
What is the chain of custody like for an phone that has this done to it?
Does the defense have the right to have there own Cellebrite tools so they can do on there own?
Does the defense have the right to source code / full image dump and not just what the cops keep?
What if say apple helped the cops on the case in any way can an court order them to give the the same help to the defense?
Re: (Score:2)
Defense has the right to that specific device and the source code/binary running on that device.
The cops are required to keep the device in order to introduce it as evidence. If there's the possibility that it would be used in litigation, they have to keep it, period. They can't just sell it off--it might be exculpatory.
Apple can help anyone or no one, as they please, with the exception of having to provide the source code on court order to facilitate the evaluation of evidence.
These are all cited in my oth
Re: (Score:2)
To go even further, if a device is the subject of court proceedings as evidence, or MIGHT become evidence in potential litigation, they can't so much as update the firmware without violating 18 U.S. Code 1519: Destruction, alteration, or falsification of records in Federal investigations and bankruptcy.
Wrong burden of proof IMHO (Score:2)
"I don't know how likely it is that cases would be thrown out," [said Megan Graham, lawyer associated with Berkeley Law School], adding that a person who has already been convicted would likely have to "show that someone else identified this vulnerability and exploited it at the time" -- not an especially easy task.
While the courts may actually work that way, and has an interest in not getting into infinite loops of rehearings on frivolous claims, it seems to me (a non-laywer) that the burden of proof is su
CFAA (Score:2)
But one of the things that interested me about Moxie Marlinspike’s analysis of the Cellebrite tool was his reference to finding files there which appear to have come from Apple’s iTunes. This suggests that at least part of the ‘route in’ that the program uses is to impersonate iTunes in some way.
But that, in turn, suggests that the Cellebrite application
Re: (Score:1)
Your comment is better worded than my comment.
"Secondly, if law enforcement are willing to break the law to get in to a phone, what else are they willing to break the law to do?"
Isn't there already an answer to this question? "Qualified immunity". Cops literally get away with physical assault, sexual assault (forced cavity search, no gloves, no lube, high risk for lifelong STDs) and murder. Some lawsuits have popped up but they are shot down in court because apparently cops can do no wrong and when they do
Re: (Score:2)
For those unfamiliar with the term, this is a legal definition in which a police force or investigating agency may use illegal means [for example phone taps, IMSI captures, etc] to investigate a suspected criminal. If the activities performed by the police in this manner are illegal, they cannot use the evidence they obtain in a court case, because the defence would be able to cross-examine and should, if competent, be able to quickly
Re: (Score:2)
1. On too many occasions Law Enforcement have sought access to personal technology like smartphones without a warrant - and when Cellebrite license their software to a law enforcement agency, there is no implicit control to ensure that the agency in question limits their use of the software to cases where a warrant has been issued. In fact, we know the opposite is true.
2. Cellebrite are also willing to sell their software to organizations other than law enforcement agencies,
Chain of Evidence (Score:2)