Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Credits: The Register
Analysis A US judge gave the cops permission to force people’s fingers onto seized iPhones to see who could unlock them, a newly unsealed search warrant has revealed.
Specifically, Judge Judith Dein, of the federal district court of Massachusetts, gave agents from the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) the right to press Robert Brito-Pina’s fingers on any iPhone found in his apartment in Boston. The bloke was suspected to be trafficking guns, hence the application for a search warrant. In fact, anyone nabbed at the property would be forced to use their fingers to unlock any cellphones seized at the home, according to the court filing.
The warrant, issued April 18, is due to be executed by May 2, though it’s not clear if it has been carried out yet, and therefore if the agents have been able to force Brito-Pina’s fingers, or anyone else’s digits, onto mobiles seized at the apartment, including his own iPhone. In any case, the document makes it plain that the ATF went to some trouble to get the judge’s specific authorization on the issue.
In the 10-paragraph warrant, three are dedicated to the issue of unlocking the phone and note that the officers can choose which fingers to press on the device, including thumbs. The warrant [PDF] also includes an entire section on the return of seized mobile phones.
In seeking the judge’s permission, ATF special agent Robert Jacobsen outlined in some detail why they believe the judge should allow them to try to force-unlock any phones found in the suspect’s apartment.
Jacobsen notes that gun traffickers “often use cellular telephones to acquire or sell illegal guns” and that they are “normally maintained for reasonably long periods of time because they are expensive, can often be subject to long-term contracts that contain substantial penalties for early termination, can store large amounts of information, and do not easily wear out.” He also notes that even when people buy a new phone, they will typically transfer the contents of their old phone onto it.
That means that Brito-Pina’s phone is likely to contain a significant amount of evidence, the ATF agent argues. The case for the search warrant notes that the investigative process that led agents to Brito-Pina’s was in large part thanks to information gleaned from other people’s cellphones, including text messages, drop-off locations stored in the Waze navigation app, and photos of illegal guns taken by people on their own phones – often featuring them posing with the guns.
Magic touch
“Collins communicated with Brito-Pina via cell phone regarding the sales and purchases of firearms,” the agent notes, referring to another suspect.
“Cell phones also have text message and camera capabilities, and many users tend to store photos in their cell phones which are most often maintained by the user on his person or in his residence when not outside.” He then goes into detail about how the iPhone’s TouchID system works and why criminals use it.
Notably however the justification for allowing the officers to force a suspect’s fingers onto a iPhone is precisely because without it they would have to type in a passcode – which the suspect would be required to tell them.
“In some circumstances, a fingerprint cannot be used to unlock a device that has Touch ID enabled, and a passcode must be used instead, such as: (1) when more than 48 hours has passed since the last time the device was unlocked and (2) when the device has not been unlocked via Touch ID in 8 hours and the passcode or password has not been entered in the last 6 days,” he wrote.
He goes on: “Thus, in the event law enforcement encounters a locked Apple device, the opportunity to unlock the device via Touch 10 exists only for a short time.”
And he adds: “Attempting to unlock the relevant Apple device(s) via Touch 10 with the use of the fingerprints of the user(s) is necessary because the government may not otherwise be able to access the data contained on those devices for the purpose of executing the requested search warrants.”
The warrant even gives the cops the right to force anyone in the apartment at the time of the raid to put their fingers on any mobile device they find – something that has judges in other jurisdictions have balked at in the past.
What is notable about the warrant, surfaced this week by Law360, is that law enforcement is drawing a clear distinction between forcing someone to place their fingers on a phone to unlock it and forcing them to give officers the passcode to unlock it. The first is physical; the second is mental, and brings with it both Fourth and Fifth Amendment issues.
Also noteworthy is the fact that the agent draws a distinction between mobile phones and computers: the warrant explicitly notes that it does not apply to computers in the apartment and that they will not seize or search any computers they find.
www.extremehacking.org
Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India