this post was submitted on 15 Jul 2024
296 points (98.4% liked)

News

38301 readers
2418 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious biased sources will be removed at the mods’ discretion. Supporting links can be added in comments or posted separately but not to the post body. Sources may be checked for reliability using Wikipedia, MBFC, AdFontes, GroundNews, etc.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source. Clickbait titles may be removed.


Posts which titles don’t match the source may be removed. If the site changed their headline, we may ask you to update the post title. Clickbait titles use hyperbolic language and do not accurately describe the article content. When necessary, post titles may be edited, clearly marked with [brackets], but may never be used to editorialize or comment on the content.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials, videos, blogs, press releases, or celebrity gossip will be allowed. All posts will be judged on a case-by-case basis. Mods may use discretion to pre-approve videos or press releases from highly credible sources that provide unique, newsworthy content not available or possible in another format.


7. No duplicate posts.


If an article has already been posted, it will be removed. Different articles reporting on the same subject are permitted. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners or news aggregators.


All posts must link to original article sources. You may include archival links in the post description. News aggregators such as Yahoo, Google, Hacker News, etc. should be avoided in favor of the original source link. Newswire services such as AP, Reuters, or AFP, are frequently republished and may be shared from other credible sources.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 3 years ago
MODERATORS
 

Federal investigators are analyzing device’s content, although it is unclear how agency gained access

The FBI has gained access to the phone of the suspected gunman who opened fire on Donald Trump’s rally and is analyzing the device’s contents, the agency stated in a press release on Monday afternoon. The shooting, which killed one audience member and left Trump bleeding from one ear, is being investigated as an assassination attempt.

Authorities have been working to determine the motive behind the attack at Trump’s campaign rally on Saturday, but no clear picture has yet emerged. The gunman, identified as 20-year-old Thomas Matthew Crooks by the FBI, was shot and killed in the incident.

Federal investigators announced on Sunday that they had obtained Crooks’s cellphone, but had issues with bypassing its password protections to access the data within. FBI investigators then shipped the phone to a lab in Virginia, where agents successfully gained access, per the bureau’s press release.

you are viewing a single comment's thread
view the rest of the comments
[–] Maeve@kbin.earth 86 points 2 years ago (5 children)

Something sus about how quickly they can unlock phones when it's attempted murderer killed dead and murder victims killed dead.

[–] TeddE@lemmy.world 91 points 2 years ago

Cracking a phone is pretty doable. Cracking phones in a way that will hold up in a court trial, much more formal.

[–] Negligent_Embassy@links.hackliberty.org 30 points 2 years ago* (last edited 2 years ago) (2 children)

look into celebrite

I think there's videos on youtube.

they can plug in most phones and have access to everything through an easy gui

[–] MegaUltraChicken@lemmy.world 7 points 2 years ago (1 children)

I would definitely not call Cellebrite an "easy GUI" and they definitely don't get into most devices. Ive seen devices take months to unlock, if ever.

[–] FuglyDuck@lemmy.world 4 points 2 years ago (1 children)

Pretty sure we found the gentoo user.

“Naw that’s simple bro…”

the terminal is just an easy gui if you really think about it

[–] Blaster_M@lemmy.world 6 points 2 years ago

Cellebrite machines were used to copy contacts and messages and call logs from one phone to another, back in the day before Android and iPhone. There was little to no security on dumb phones back then... and you still needed the customer to put the PIN in and unlock their phone before using the Cellebrite. They came with a million different kinds of USB -> phone proprietary adapters, because mini and microUSB hadn't bee adopted yet as a standard.

Source: I used to do this sort of thing on a Cellebrite.

[–] SpacePirate@lemmy.ml 23 points 2 years ago (2 children)

Most phones are locked with a four digit numerical PIN. The current technique is taking an image of the flash memory, and reflashing the memory after every few attempts.

It still takes a bit longer than straight brute force without a temporal lockout, but it’s still pretty trivial.

[–] saltesc@lemmy.world 15 points 2 years ago

If it was biometric login, even easier. Would've gotten in before thebody even got cold.

[–] Magister@lemmy.world 14 points 2 years ago (1 children)

15 years ago, yes, nowadays especially on iPhone this does not work at all

[–] SpacePirate@lemmy.ml 22 points 2 years ago* (last edited 2 years ago) (2 children)

It does when you have physical access to the RAM and storage, and a disassembly lab expressly configured for this purpose.

This is the backbone for a number of forensic services offered to law enforcement, and an entire cottage industry. I know with certainty it was still feasible as of the iPhone 12, which is well inside of 15 years. I don’t believe the architecture in the 13 or 14 has changed significantly to make this impossible.

With slightly earlier phones, tethered jailbreaks are often good enough, though law enforcement would more likely outsource to a firm leveraging Cellebrite or Axiom as the first step.

[–] Negligent_Embassy@links.hackliberty.org 5 points 2 years ago* (last edited 2 years ago)

How does this work with for example the Titan-M in pixels with graphene?

I believe newer iphones have something similar (?)

[–] OutsizedWalrus@lemmy.world 3 points 2 years ago (1 children)

No, it doesn’t. This is what the Secure Enclave is for.

You’re not storing these counters in system memory. You’re sending attempts to an isolated chip.

[–] stetech@lemmy.world 11 points 2 years ago* (last edited 2 years ago) (1 children)

Yes, it does, if they have full access to the disassembled hardware and assuming research time & resources they could do practically anything. Such as emulating the Secure Enclave chip with a “fraudulent” version, changing all firmware running on any semiconductors in the phone, isolating storage, I don’t know the details, but let your imagination loose.

Physical, uninterrupted access is unlikely, yet bad news for anyone’s threat model.

[–] experbia@lemmy.world 4 points 2 years ago

not only physical access, but the authority to get any information necessary from the manufacturers of every component in the device. there is no question to them how any component operates, from silicon to software.

[–] WindyRebel@lemmy.world 14 points 2 years ago (4 children)

If it used face unlock, just have the dead body and prop the eyes open and you’re in?

Fingerprint unlock would be even easier.

[–] Warl0k3@lemmy.world 3 points 2 years ago (2 children)

If I remember right, samsung/iphone face unlock won't work on a corpse since it relies (at least in part) on infrared constellations that incorporate patterns formed by subdermal capillary networks and death obviously disrupts those.

[–] Skydancer@pawb.social 4 points 2 years ago* (last edited 2 years ago)

At the nation-state level with an ex-president target, pumping heated liquid through the arteries of a dead body isn't much of an obstacle.

Probably not actually what they did, but seriously people - a single biometric security factor is not going to secure anything when a government has the body and actually cares about getting in.

[–] WindyRebel@lemmy.world 1 points 2 years ago

That’s very interesting if true! I didn’t realize it could be that advanced.

[–] Maeve@kbin.earth 2 points 2 years ago

I shouldn't have, but I smiled.

I should clarify: I meant that if they're law enforcement does the killing, cracking the phone takes much less time than it does when the phone belongs to the murder victim.

[–] JohnOliver@feddit.dk 7 points 2 years ago (1 children)

Dude... my niece can unlock my phone while i sleep by putting my finger on the sensor.

I wouldn't be surprised if it would recognize my face while sleeping too

[–] dependencyinjection@discuss.tchncs.de 3 points 2 years ago (1 children)

iPhones require your eyes to be open and looking at it, so I imagine Androids have something similar.

[–] JohnOliver@feddit.dk 2 points 2 years ago (2 children)

I sleep with my eyes mostly open... but the point is, that i am sure that the FBI are more creative than my niece

[–] dependencyinjection@discuss.tchncs.de 4 points 2 years ago (1 children)

Your niece is a bigger threat. Most people are not on the FBI radar.

[–] Corkyskog@sh.itjust.works 3 points 2 years ago

Literally a growing threat too...

[–] aStonedSanta@lemm.ee 1 points 2 years ago (1 children)
[–] JohnOliver@feddit.dk 2 points 2 years ago (1 children)
[–] aStonedSanta@lemm.ee 1 points 2 years ago

Damn that’s wild. Sorry to hear about that. Hope it’s not a burden.