Don't do illegal things on your phone :)
this post was submitted on 16 Jul 2024
311 points (95.3% liked)
Technology
70332 readers
4118 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Good chance it was just putting the dead dudes finger on the scanner lmao
Not how that works
Unless disabled by timeout, restart, or otherwise manually I'm curious to know why that would be?
Of course the dude had to know this was a one way trip, I'd have wiped everything but then again maybe they didn't care at that point.
load more comments
(11 replies)
I’m pretty sure it used to be easier with phones that didn’t have full disk encryption.
.
Stingrays don't do shit for this. That's mostly real time location data focused in by tricking your phone into reporting its location to a fake cell tower controlled by an adversary. That doesn't get into the data in your phone, and even if someone used the fake tower to man in the middle, by default pretty much all of a phone's Internet traffic is encrypted from the ISP.
The world of breaking disk encryption on devices is a completely different line of technology, tools, and techniques.
load more comments
(2 replies)
load more comments
(1 replies)
The article does mention Cellebrite.
Our local sheriff is using some spy level shit in our county that he refuses to explain.
He keeps "happening" upon crimes just "on accident." yesterday it was "stopped to take a pee in public park and caught a baddie" and two days before that it was "just happen to follow and pull over a guy with lots of pounds of pot hidden in the car."
The US police are spying on Americans phones, internet, GPS, and everything with no judicial recourse because it is corporations spying and then "giving the info" to the police for money.
The US law enforcement has gone full STAZI but using capitalism as additional cover.
The US is dead.
They're probably just capturing SMS messages or regular calls. Which is still illegal without a warrant, but who watches the watchers? Use encrypted chats and encrypted calls if you're worried.
Do you have an article on this?
“on accident“ 🤮
“on accident“ 🤮
I know. Who SAYS that? It's by accident. One doesn't plan these things.
load more comments
(1 replies)
load more comments
(1 replies)
Let's all apologize to Stallman.
Let’s all apologize to Stallman.
For the twice a day that broken toe-jam-eating watch is right?
the man has rarely been proven wrong in anything tech related he has said
Good thing you put the "tech related" qualifier on there. He probably should have stayed in that lane.
Indeed.
It's also a reminder of why we shouldn't mindlessly celebrate celebrity figures like they're deities.
Stallman has amazing views regarding FOSS, but yeah, some of his other opinions are... interesting.
load more comments
(2 replies)
load more comments
(1 replies)
Do they say what phone it was?
Without knowing how they got into his phone, this is a non-story that is just a retelling of older stories. For all we know they just took his dead finger and put it on the reader. Or maybe he used the same 4-digit PIN for his debit card or lock box or something else that they were able to recover. Maybe some detective just just randomly entered the shooter's birthday, only to say "Hey sarge, you're never gonna believe this... first try!"
There's nothing useful that can be taken away from this story yet, until more details come out.
they just took his dead finger and put it on the reader.
My bet's on this.
I’m super curious how they got into his phone
I think you'll get to hold on to that feeling.
load more comments
(1 replies)
Or unknown NGO software was used. But you're right. A nothing burger for now.
load more comments
(1 replies)
Easier is a very relative term. It’ll be really expensive to use a genuine zero-day to do it. Such exploits are few and far between.
But known exploits that have been patched, but not applied because they didn't update their phone, are plentiful enough.
Update your phones. Reboot them regularly, too.
This is true, but becoming an increasingly less important factor because devices now ship with automatic updates enabled by default.
Personally, if I had to guess as someone who studies exploits for a living, I’d wager the device isn’t the most recent model and is probably a few years old, so there are likely known unpatchable bootrom or firmware bugs that can be used from their private arsenal without having to risk an actual zero day exploit.
How is it expensive? It is if it eqates to the zero day becoming of public domain, and this is not the case here. They can say they guessed the password while in fact they exploited some unknown vulnerability...
Zero days are extremely expensive costing in the millions of dollars even if you’re not publishing exploit details. Just using it is extremely costly because each attempt exposes your bug to the world, which is an opportunity that it could get caught and patched. Android and iPhone both have mechanisms to detect and report crashes which could easily cost you your bug. Plus, on the exploit markets, a bug that hasn’t been used is worth more because there have been literally zero days of opportunity to defend against it.
There is definitely a cost to using something that expensive and that requires a necessary level of risk. You’ve got to be worth it, and the supply of such bugs is extremely low and sometimes zero depending on your exact software version.
load more comments
(4 replies)
This is the best summary I could come up with:
Just two days after the attempted assassination at former President Donald Trump’s rally in Butler, Pennsylvania, the FBI announced it “gained access” to the shooter’s phone.
Cooper Quintin, a security researcher and senior staff technologist with the Electronic Frontier Foundation, said that law enforcement agencies have several tools at their disposal to extract data from phones.
The bureau famously butted heads with Apple in late 2015 after the company refused to help law enforcement get around the encryption on the San Bernardino, California shooter’s iPhone.
Early in the following year, Apple refused a federal court order to help the FBI access the shooter’s phone, which the company said would effectively require it to build a backdoor for the iPhone’s encryption software.
“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor,” Cook wrote.
Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, said the Pensacola shooting was one of the last times federal law enforcement agencies loudly denounced encryption.
The original article contains 1,208 words, the summary contains 180 words. Saved 85%. I'm a bot and I'm open source!