this post was submitted on 18 Jul 2024
52 points (98.1% liked)

Cybersecurity

5644 readers
113 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
top 21 comments
sorted by: hot top controversial new old
[–] pelletbucket@lemm.ee 25 points 3 months ago (2 children)

if he had biometrics turned on they might have just pointed it at his face

[–] Grass@sh.itjust.works 22 points 3 months ago (1 children)

it's totally this or fingerprint. don't forget the omni fingerprint set that supposedly can unlock any phone in one hand's worth of composite fingerprints.

[–] yokonzo@lemmy.world 9 points 3 months ago* (last edited 3 months ago)

I feel like that's the first thing they would try, article says they took a few days

[–] jonne@infosec.pub 4 points 3 months ago (1 children)

I doubt there was a lot of his face left.

[–] gnutard@sh.itjust.works 7 points 3 months ago* (last edited 3 months ago) (1 children)

Actually, his face was pretty much in tact. There's close up pictures of the shooter dead online, I believe they shot him in the neck. Don't get me wrong, taking close up photos of him dead is pretty fucked up, considering how the parents must've felt about all of this.

[–] borari@lemmy.dbzer0.com 0 points 3 months ago

Bro you can’t say that then not drop the links.

[–] WhyFlip@lemmy.world 22 points 3 months ago (3 children)

I worked for a private company in computer forensics. We had two machines, expensive machines, dedicated to accessing phones. I'm going to go out on a limb here and guess the FBI has something similar, if not better, at their disposal.

[–] Debs@lemmy.zip 11 points 3 months ago (2 children)

Were the machines always successful? If not, how often did they fail and why? Was there a difference between Android or iPhones?

[–] WhyFlip@lemmy.world 11 points 3 months ago

Short of the device being damaged, they were successful 100% of the time. No difference between manufacturers and platforms.

[–] jet@hackertalks.com 5 points 3 months ago

https://discuss.grapheneos.org/d/12848-claims-made-by-forensics-companies-their-capabilities-and-how-grapheneos-fares

Basically all phone, iphone and Android

This is an arms race, at the moment the crackers are in the lead.

[–] 4am@lemm.ee 4 points 3 months ago (1 children)

There is probably some kind of backdoor into devices utilizing a recovery or diagnostic mode. Either that or AES has been broken for many years now

[–] sugar_in_your_tea@sh.itjust.works 12 points 3 months ago

It's probably some set of zero days they're sitting on.

[–] galoisghost@aussie.zone 9 points 3 months ago (1 children)
[–] agentshags@sh.itjust.works 5 points 3 months ago (1 children)
[–] kionite231@lemmy.ca 3 points 3 months ago

How did you guess my password!!

[–] index@sh.itjust.works 6 points 3 months ago
[–] SGG@lemmy.world 6 points 3 months ago

Biometrics, also people are horrible at making good passwords/pin codes. There's also normally a few tricks to get around being locked out for X minutes/days/years. Also you can bet Apple or whoever made his phone bent over backwards to help the FBI get in to that phone. The idiot tried to shoot a former president of the United States.

[–] henfredemars@infosec.pub 5 points 3 months ago (1 children)

I don’t disagree with the article, but it strikes me as speculation. I would sooner say that we don’t know, though the assumptions are fairly reasonable.

[–] yokonzo@lemmy.world 4 points 3 months ago (1 children)

I mean it's not like we'll ever know, so I think there's a little fun to be had in speculating

[–] henfredemars@infosec.pub 4 points 3 months ago

Certainly, but I’m just too eager to know the technical details if there were some.