[cryptography] Here's What Law Enforcement Can Recover From A Seized iPhone

Jeffrey Walton noloader at gmail.com
Sun Mar 24 18:30:38 EDT 2013


Interesting point below is OS vendors are extracting data for law
enforcement. I wonder how they are doing it when other tools fails.
(Thanks to JM on another list for the link).

http://www.forbes.com/sites/andygreenberg/2013/02/26/heres-what-law-enforcement-can-recover-from-a-seized-iphone/

You may think of your iPhone as a friendly personal assistant. But
once it’s alone in a room full of law enforcement officials, you might
be surprised at the revealing things it will say about you.

On Tuesday the American Civil Liberties Union published a report it
obtained from a drug investigation by the Immigration and Customs
Enforcement (ICE) agency, documenting the seizure and search of a
suspect’s iPhone from her bedroom. While it’s no surprise that a phone
carries plenty of secrets, the document presents in stark detail a
list of that personal information, including call logs, photos,
videos, text messages, Web history, eight different passwords for
various services, and perhaps most importantly, 659 previous locations
of the phone invisibly gathered from Wifi networks and cell towers.

“We know the police have started using tools that can do this. We’ve
known the iPhone retains records of the cell towers it contacts. But
we’ve never before seen the huge amount of data police can obtain,”
says ACLU technology lead Chris Soghoian, who found the report in a
court filing. “It shouldn’t be shocking. But it’s one thing to know
that they’re using it. It’s another to see exactly what they get.”

In this case, ICE was able to extract the iPhone’s details with the
help of the forensics firm Cellebrite. The suspect doesn’t seem to
have enabled a PIN or passcode. But even when those login safeguards
are set up in other cases, law enforcement have still often been able
to use tools to bypass or brute-force a phone’s security measures.
Google in some cases helps law enforcement to get past Android phones’
lockscreens, and if law enforcement can’t crack a seized iPhone,
officers will in some cases mail the phone to Apple, who extract the
data and return it stored on a DVD along with the locked phone.

The phone search and seizure described in the documented case required
a warrant. But the legality of warrantless phone searches remains an
open issue. At U.S. borders or when arresting a suspect, for instance,
police and government officials have argued that no such warrant is
required.

Failing legal protections, the ACLU’s Soghoian says those who’d like
to keep prying eyes away from their handsets’ data should use long,
complex passcodes and encrypt their phone’s storage disk. “While the
law does not sufficiently protect the private data on smartphones,
technology can at least provide some protection,” Soghoian writes.

Here’s the full court document detailing the iPhone’s forensic search.


More information about the cryptography mailing list