
FBI, stumped by pimp's Android pattern lock, serves warrant on Google - llambda
http://arstechnica.com/tech-policy/news/2012/03/fbi-stumped-by-pimps-androids-pattern-lock-serves-warrant-on-google.ars
======
freehunter
I'm okay with the method the FBI is pursuing. They clearly have a case (or
enough of a case to take to court), they know exactly what data they need, and
they have obtained a warrant for the information. I don't think wiretap laws
should come into play on this unless they plan on intercepting communication
beyond what is already stored on the phone. The case so far is exactly what
the law intended and holds just as relevant today as it did in the 1700s.

Like drivebyacct2 mentioned, though, asking Google for the SSN of a user is
kind of odd, and I really hope Google doesn't know that. It's possible the
carrier might know, but Google shouldn't unless the suspect was receiving
payment from AdWords or Google Checkout/Wallet (do they need SSN for tax
reasons at that point?)

~~~
redthrowaway
Here's my issue: Google could, in theory, provide them access to the device.
But that's not what they're asking for. They're asking for usernames,
passwords, SSN, etc. By all means, the FBI can submit a warrant to a lock
manufacturer to open a lock. They can not, however, tell the lock manufacturer
to give them the contents of whatever the lock is protecting. That's a
separate warrant.

~~~
freehunter
This is true, and you've just pointed out a big difference from old to new
that I had forgotten about.

But what if the safe in the metaphor is owned by someone else and residing on
their property, and contains multiple smaller safes inside? That's kind of
like cloud-based apps that Android uses heavily. The Feds have enough reason
to believe there is relevant information in email, text, and web searches to
convince a court of this (difficulty level of convincing a court is
debatable).

There also is generally a lot of shit the man pushes out with the knowledge
they likely won't be given a response to, and they will accept that. It's a
fishing expedition. It's not right, but it's common.

------
pilif
To quote the article:

> In it, the FBI asks for a warrant to be served on Google. It wants to know:

> The subscriber's name, address, Social Security number, account login and
> password

I would hope the FBI is bright enough to know that in all likelyhood Google
stores their users passwords in hashed form. How would Google actually be able
to comply with this request for the password?

What would happen if they can't comply (they can't)? Would this eventually
lead to legislation that forces services to store passwords in plain text or
reversible encryption (which is pretty much the same thing)?

~~~
andersh
Google can give you a new password if you forget yours. There is no technical
barrier to giving the FBI access and clearly no requirement for plaintext
passwords anywhere (setting aside how the request was expressed in the article
as a request for a password).

~~~
jrockway
They can even generate an application-specific password for the FBI, to be
revoked after the time limit specified in the warrant is reached. (No idea if
this is done or not, but in theory, there is no need to know the password in
order to disclose one to the FBI. All they want to do is unlock the phone, but
are too dumb to connect a USB cable and run adb.)

~~~
derleth
> but are too dumb to connect a USB cable and run adb.

Or that would break the rules regarding _forensic_ data retrieval, and make
the information gleaned in that fashion inadmissible as evidence.

~~~
chimeracoder
How does this violate the rules? He's already signed a waiver to his 4th
amendment rights, so no court order is needed - he's essentially given them
full control over his own property, including his phone (which I presume would
include accessing the data via adb instead of the phone screen).

~~~
rprasad
Because then the phone is no longer in the original state as when the
defendant turned it over, and the FBI cannot prove it did not alter the
contents of the phone (as images cannot be made while the phone is locked).

~~~
chimeracoder
Even with the lock, how can they prove that? If they're able to get
information off of it, they're able to modify it....

------
tedunangst
_Soghoian wonders about the legality of accessing a still-operational cell
phone. ... But a US Magistrate Judge disagreed._

As a side note, I really dislike this style of reporting. I doubt the judge
_disagreed_ with Soghoian if Soghoian published his blog post _after_ the
judge published his opinion. The article makes it sound like a stupid judge
made the wrong decision by not reading some expert opinion that was available
to him. If the judge disagreed with anybody, it was defense counsel. But the
article doesn't mention any objection by the defense. Perhaps, because as a
lawyer, he is in a better position to know what's legal and what's not?

~~~
inchcombec
I noticed that too and agree entirely. There is absolutely nothing in the
article that suggests this argument was actually made and rejected. At the end
of the day, judges are people too and can't possibly have the entirety of all
case law in their minds at all times. It is up to defense attorneys to
research the case and bring up relevant arguments. I just can't see anything
in the article that even suggests that the idea of a wiretap warrant being
more appropriate was even discussed.

------
dsr_
Pattern locks are notoriously vulnerable to visual analysis of fingertip
grease marks on the screen. Don't count on this to protect your data.

~~~
rdtsc
Ah I just figured something out. So some people here are calling FBI's
stupidity for mucking with the phone, as in trying patterns that eventually
locked the device. In other words if phones are known to lock they shouldn't
just randomly try patterns on it.

But I believe the attempts were not random. They probably did what you
suggested, inspects trace of the fingertip grease and discovered a much more
constrained set of possible possible patterns.

So they basically got an un-directed graph and now they thought they could
figure out the most likely directed path in the graph that would unlock the
phone.

Somebody probably made an educated (but eventually bad) guess about what the
unlock path would be.

------
FaceKicker
It's a pattern lock, so it must not be using disk encryption (only available
on Ice Cream Sandwich with either PIN or password). Is there some reason they
can't just open it up and see what's on it?

~~~
tadfisher
Text messages are on internal storage, which becomes unmountable when the
device is locked.

Depending on the phone, they should be able to get into recovery mode and
connect via adb. However, if it has a locked bootloader, they're SOL, and my
schaudenfreude is without limit :)

~~~
FaceKicker
Sorry, I'm not sure I understand - can you explain more? How does the OS
making it unmountable when it's locked stop the FBI from physically removing
the internal storage and looking at its contents via another device? I can see
how it might require specialized forensics equipment depending on how
obscure/proprietary the internal storage hardware is, but that seems like
something the FBI would have access to or be able to obtain...

~~~
tadfisher
I would imagine that busting a pimp isn't exactly high up there on the FBI's
list of priorities, at least not high enough to desolder a NAND chip (possibly
destroying evidence) and reverse-engineer its raw access protocol. Far simpler
to just make Google give them the password.

------
cleverjake
I wonder if the FBI is aware of android issue 3006 -
<http://code.google.com/p/android/issues/detail?id=3006>

~~~
pwf
Does this still exist? What an absolutely horrifying bug.

Do you know where in the source this is?

~~~
cleverjake
its still open, and works on my droid, but considering that there are so many
handsets that are not updated, im sure this one would still work on most
phones. I haven't looked through the code to pinpoint it.

------
Qweef
They could have just come and asked here.

You must have already have root but since they mentioned it's a Samsung phone
then all you do is find a CWM/Rooted kernel tar and flash via Odin then do the
steps below.

adb -d shell

sqlite3 data/data/com.android.providers.settings/databases/settings.db

sqlite> update system set value=0 where name='lock_pattern_autolock'; sqlite>
.exit

exit

Reboot from there and the lockscreen is bypassed.

Remember kids, use this for good and not evil muahahhahaahhaah

~~~
driverdan
(IANAL) Modifying anything on the phone would make the data inadmissible.

------
DanBC
Direct link to security researchers blog.

([http://paranoia.dubfire.net/2012/03/fbi-seeks-warrant-to-
for...](http://paranoia.dubfire.net/2012/03/fbi-seeks-warrant-to-force-google-
to.html))

PDF of the application.

([http://www.archive.org/download/gov.uscourts.casd.378626/gov...](http://www.archive.org/download/gov.uscourts.casd.378626/gov.uscourts.casd.378626.1.0.pdf))

------
brown9-2
This is probably a tangent, but why would the FBI be involved in a
prostitution case? Shouldn't that be state/local?

~~~
kenj0418
Minor victim and state-lines being crossed -- that would be my guess.

~~~
shareme
is MANN act state or Federal?

------
koenigdavidmj
Can't all of this be gotten just by looking at the storage on the phone? Or
talking to the wireless carrier?

------
signalsignal
I just assumed that they had search warrants allow this form of discovery for
years now. It is funny to thing that an investigator tried one time too many
pattern attempts and accidentally erased the phone contents. I'm going to go
on record as haha'ing the slip up.

------
SNK
How could the FBI not know his SSN?!

~~~
lost-theory
They want to know the subscriber's SSN, the person who owns the phone. He said
the phone belonged to his sister.

~~~
chimeracoder
How should Google know that?

------
trzaska
Seriously? Pattern locks are almost as easy as Face Unlock to get through.

~~~
dm8
Are you referring to smudge attacks on pattern locks?

Face unlock was even weaker since anyone who had access to your photo could
unlock it.

~~~
laserDinosaur
"Face unlock was even weaker since anyone who had access to your photo could
unlock it"

I thought that rumour was debunked by Google engineers within the first hour
that it launched?

edit - The quote is "Responding to a Twitter message from someone who say Face
Unlock could be hacked [with a picture of the person], Bray said, "Nope. Give
us some credit.""

~~~
meow
how would they make it photo proof ? I mean any guesses on the algorithm they
use.. my dart in the dark would be that a photo would be absolutely still
while a real person's face might twitch, shake, bat eyelids etc..

~~~
DrStalker
Maybe they do something really clever and rely on faces being 3D and the phone
not being held 100% still?

------
eta_carinae
I'm confused, can't they just write a GUI in Visual Basic to track the perp's
IP?

------
user2459
The FBI Forensics Lab mis-entered the pattern lock too many times? The FBI
uses the same tactic as my little brother to get into peoples phones? At a
forensics lab? And the stuff they want from google kind of blows my mind. "The
times and duration of every webpage visited"... As far is I can see that's
completely undeliverable by anyone but possibly the carrier. Who do they have
working down there?

This is also super interesting: "His parole conditions prevented him from
doing anything to hide or lock digital files."

So if convicted of a crime they can require you to not use basic personal and
identity safety measures.

~~~
corin_
> _So if convicted of a crime they can require you to not use basic personal
> and identity safety measures._

Not really a new concept, it's fairly similar to banning a paedophile from
going near schools, banning someone on parole from leaving the country (or
state), or enforcing a curfew, etc. Similar in that it's restricting what
would normally be anybody's right.

~~~
einhverfr
I know that is not a new concept, but it seems troubling because of its scope.
It would be like saying "You may not shred credit card statements."

But more to the point, so man computers now expect password-protection. I
don't see how this amounts to something other than a ban on general computing
and for reasons that are not distinctly related to the offence.

------
drivebyacct2
Some of the things they're asking for are beyond absurd. How does someone work
at the FBI and not realize that asking Google for a user's SS# or detailed
browsing logs not realistic?

~~~
potshot
IANAL, but I'm assuming Google doesn't have to hand over anything that's not
explicitly listed in the warrant. If you're the FBI, you might as well ask for
the world and see what you get back.

------
gcb
the implications at the end are really lame. "the phone may have received sms
after the judge issued the order"

like that would be held in court for anything? let's thing analogically: would
a mob king be freed if a judge authorized a safe with evidence to be opened on
the 4th but it was only opened on the 7th, and new evidence was put into the
safe by other agents on the 6th?

~~~
saraid216
It's not a matter of new evidence becoming available, but private data
becoming visible unlawfully.

~~~
gcb
how it's different from the safe example?

