- cross-posted to:
- 404media@rss.ponder.cat
- cross-posted to:
- 404media@rss.ponder.cat
You know, the same thing happens to me every time the FBI takes my phones.
I really hate to defend this guy because he clearly sucks. But honestly: smart move. Your phone password and much of the contents of your phone should be considered speech and you shouldn’t be compelled to testify against yourself. That said, if this phone was government property then he shouldn’t have been the only one capable of unlocking it, which is a policy failure.
He’s a cop, of course he knows how law enforcement will go through and find something incriminating
Recorded speech about engaging in crimes is often acceptable evidence. It’s probably the same with written messages.
I guess it’s up to the accused to prevent law enforcement from acquiring what they said, whether it be preventing recording, preventing police from sifting through mail or unsecure communications, or preventing police from acquiring the accused’s copy of potentially illegal communications. Which he is currently attempting.
I don’t blame him for trying, and would agree on a lesser extent that he is right to prevent self incriminating now. But copied communication as acceptable evidence is pretty settled in law by now.
I work in IT. Five bucks says their government-issued phones can be unlocked by an MDM (Mobile Device Management) profile.
“Adams claimed that after he learned about the investigation into his conduct, he changed the password,” and he “increased the complexity of his password from four digits to six,” the document reads. Adams said he did this to stop members of his staff “from inadvertently or intentionally deleting the contents of his phone because, according to Adams, he wished to preserve the contents of his phone due to the investigation.”
Sure thing, bud.
Wow… I could dream up more realistic excuses in middle school.
6 digits is brute force hackable in about 1 second.
Also, isn’t lying to the FBI another crime?
Clone.
Repeat.
Also, cellebrite.
Edit: if people think forensics uses the actual device that would severely hinder any investigation.
That would risk tampering, or destroying evidence.
Copies are made.
Technology exists.
And the cloning can happen thousands of times in one second?
According to reporting, they have actually done this before.
Most of the discussion I’ve read about this is along the lines of: clone the drive on the phone and then brute force the clones (circumventing the lockout issue: if you get locked out just keep trying on a new clone).
In a relatively famous case, the FBI cracked the password on the San Bernardino shooter’s phone, but did not explain how they did it: https://www.vox.com/2016/3/29/11325134/apple-iphone-fbi-san-bernardino-case-ends
Here is a company selling a brute force module for iPhones, although they don’t explain how they get around the lockout issue: https://belkasoft.com/unlocking-ios-devices-with-brute-force
Here is another article about a company that claims to be able to brute force iPhone passcodes: https://www.vice.com/en/article/how-to-brute-force-iphones-graykey/
The FBI didn’t crack it. It was done by Cellebrite. I worked for Apple during the San Bernardino case. The suspect had an iPhone 5c, a model that did not have a Secure Enclave, and was vulnerable to brute force hacking through the Lightning Port. The Secure Enclave was released with the iPhone 5s, along with Touch ID, preventing peripheral access through the Lightning Port after the iPhone has been restarted.
No worries, Eric, they’ll figure it out for you.
With a pipe wrench
A $5 wrench.
I wouldn’t be surprised if at some point, Eric Adams said something a long the lines “If you didn’t do anything illegal, you have nothing to hide”.
Damn, he must be in some deep shit because he’s pulling out Trumpian excuses.
I mean, this is an obvious lie.
But it’s a smarter lie than Trump usually tells. Giving up your passcode is self incriminating, but a court can still compel you to do it. If you claim to have forgotten it, the court can’t compel you to remember.
A Trumpian lie would be like “I never had a phone, and people said it was the best phone, better than Nokeeya, better than Obamaphone, nobody had ever seen a phone like it, people would come up to me and say, I’ve never seen a better phone. A perfect phone, they’d tell me, I don’t know. The password, I shouldn’t even tell you this, but it’s so good, it’s the name of a hooker I used to know in Atlantic City. She was, well, she was young and looked a lot like my daughter Ivanka, very smart woman, super smart, and sexy, smart though. Ivanka was smart, not Brandy, but she was very good too. She said I had the biggest hands of anybody, any hands, she’d ever seen. Brandy, not Ivanka said that, although Ivanka also says I have big hands. But no, to answer the question, I never touched Brandy, never even met her, she’s not really my type, if you know what I mean. She’s not a very good person, at least that’s what they tell me, because I don’t know, I never met her, bad person, bad.”
Its a mess, but largely, courts cannot compel you to give up your phone password, because of the 5th amendment. They can force you to unlock a phone secured with biometrics, as that isn’t compelled speech.
Sort of, but also it hasn’t gone to the SCOTUS yet. Plus:
There is a difference between communicating a passcode to police and physically providing an unlocked phone to police, the court said. Though these two acts “may be functionally equivalent in many respects, this functional equivalency is not dispositive under current Fifth Amendment jurisprudence,” the court said. “We conclude that the act-of-production analytical framework makes sense only where law enforcement compels someone to perform an act to unlock an electronic device.”
The Utah case was an officer demanding to know the passcode. A court in New York might decide that the defendant can be compelled to enter his password and hand over an unlocked phone.
But if he’s forgotten the password, then the phone is simply locked until somebody hacks into it.
If anyone ever takes my phone and asks for the password, I forgot it. Guilty or innocent, doesn’t matter.
You’re right. But it’s not his phone. It’s his employer’s phone.
Then they shouldn’t need the password…
I can’t disagree with that. Which makes it worse - tampering with evidence.
Everyone should do this!!! No one who wants your phone code is your friend! Police, feds, spouses/partners. If anyone wants to unlock your phone, they’re looking to incriminate.
He’s an elected public servant. Regardless of whether or not we want to protect ourselves from prosecution, he’s supposed to be accountable for his actions and he’s deliberately spoiling the investigation.
No, not everyone. If I’m a public servant, I should be using work phones for work stuff. And I should expect any government-sanctioned investigation office to have access to it.
It would be a different thing if it was his personal phone. In that case, I could agree with you.
“Just say No”
From a pro-privacy standpoint changing your passwords to something you can’t remember is absolutely the right thing to do to prevent yourself from being compelled to give up any passwords…
But in light of him being a government official tampering with his government issued phone to “accidentally” prevent it being used to investigate official wrongdoing, that act becomes highly suspicious, and (in the FBI’s shoes) would only give more incentive to hack into his phone.
If it was turned on, they’ve likely already gotten it unlocked. If he had time to turn it off he might buy himself some time but I seriously doubt they would even charge him without having all the receipts already anyways.
In short, this dude is FUCKED.
I have not forgotten their training on how to put a knee on someone’s neck. Should I subdue the suspect?
this is a fuckin SNL skit
Does Apple/Android have a 2-factor authentication system to reset a phone’s passcode?
Apple has a feature to restrict changing the passcode when not in a typical geolocation. This is to prevent thieves from shoulder-surfing your passcode in a bar and then snatching the phone and changing the code. If you’re at home or at work (where the phone recognizes your typical behavior / location), it shouldn’t activate. In a random location, it would. I don’t know how well that works. It’s a relatively recent feature (within a year or so, I think).
FBI: “Darn! So did we!”
404 Media - News Source Context (Click to view Full Report)
Information for 404 Media:
MBFC: Left-Center - Credibility: High - Factual Reporting: Mostly Factual - United States of America
Wikipedia about this sourceSearch topics on Ground.News
https://www.404media.co/eric-adams-told-fbi-he-forgot-his-phones-passcode/