
New York eyes a 'breathlyzer' for texting while driving - dvanwag
http://timesunion.com/local/article/Lawmakers-look-at-breathlyzer-for-texting-while-11105205.php
======
Sargos
This will be struck down by the courts so fast the ink won't even be dry. Your
phone is the backbone of your life and contains pretty much all of your
private information and allowing police to scoop all of that up without a
warrant is blatantly unconstitutional.

~~~
throwfast1
at the rate of which laws are changing, I wish I could believe ideas like this
would be immediately struck down however I suspect more laws like this will be
created to our surprise on a consistent basis.

the chief argument being, the law needs tools to protect its citizens.

the sacrifice of privacy for security has been towards security on a
consistent basis for a while now, I see no reason for that to change.

~~~
tptacek
At the rate which laws are changing? Can you be as specific as you can about
the priors you're using to generate this conclusion?

~~~
throwfast1
caught me, I am grumbling about net-neutrality and my inability to keep up
with what is going on.

the tiff between fbi and apple[0] I see as woefully unresolved. and my concern
is when I hear politicians discuss it I hear in my brain the following "we
need silicon valley to give us tools, they are creative and smart and I'm sure
they can do it" this is not unique to D or R I actually think I recall Hillary
making a comment along those lines that I do not have time to track down right
now. lastly what about ISPs having their new rights to our privacy [1][2], in
regards to [2] there were many that sprouted some collectecting a few hundred
thousand dollars... what became of them I do not know.

I suspect some agreement with apple will be reached, or worse which I am
incapable of imagining. The government persists and I do not think the general
populace has the vigilance to keep up. comments like "

comments like that of Eric Schmidt (I am paraphrasing) -- Those who are doing
nothing wrong have nothing to hide.. I pulled an all nighter and see myself
grumbling but I feel this is coherent enough for others to fill in blanks. I
feel powerless to change the current state of affairs and the trajectory we
are heading.

[0] [https://www.theguardian.com/technology/2016/feb/17/inside-
th...](https://www.theguardian.com/technology/2016/feb/17/inside-the-fbis-
encryption-battle-with-apple) [1]
[https://www.eff.org/deeplinks/2017/03/senate-puts-isp-
profit...](https://www.eff.org/deeplinks/2017/03/senate-puts-isp-profits-over-
your-privacy) [2]
[https://www.gofundme.com/BuyCongressData](https://www.gofundme.com/BuyCongressData)

------
finnn
Anyone know where I can get one of these devices that can bypass the security
of a smartphone and scrape it's contents? Also, will the mobile OS
manufacturers be patching this gaping security hole?

~~~
cmdrfred
It also interestingly works on all devices evidently. I think it's vaporware
it says it hasn't been developed yet.

------
skolos
These technologies (including actual breathlyzer) are patches that might
reduce bad human driving behavior but will never eliminate it. In my opinion
the only way to solve this is to stop humans from driving altogether. The
biggest reason I'm excited that self driving car technology is maturing is
because I won't need to worry (and often see through windshield) that a fellow
driver is pressing gas pedal while paying no attention where he/she 's going.

------
mediaman
The article mentions this technology is still glitchy. But how will it ever
become non-glitchy? Police will not be able to constitutionally require you to
provide a passcode if the phone is locked and there is established case law to
support this, so the device would have to scan the phone without a passcode.

Doesn't existing security on modern phones (the iPhone's secure enclave, for
example) make this extremely difficult to do?

~~~
darknoon
Older iPhones have exploits that allow bypassing some or all of the
protections. It's likely exploits will be found or have been found against
current (iPhone 7) hardware given the economic incentives. Nonetheless, I am
not aware of any out in the wild.

As for android phones, afaik you're pretty boned.

~~~
jncraton
That's a little alarmist. Apple at least appears to take iOS security
seriously, so if there was a known flaw that was actively being used to
extract data in the wild it would get patched very quickly.

Why do assert that Android phones are just broken? Even with traditional full
device encryption without specialized hardware support, it is very difficult
to extract keys from a running device without some sort of known
vulnerability.

I find it highly unlikely that anyone could build a simple device that someone
like a State Trooper could use to pull usable information off an encrypted
phone made in the last two years old with any kind of reliability.

------
jimktrains2
Is it keeping track of speed while I perform tasks? or the text I sent a few
minutes ago in a parking lot with the car off going to get me a ticket?

Or, what if I handed my phone to the passenger?

------
Brendinooo
This article was really light on technological details:

>The technology is still in development. But the concept is a device that
would use cutting-edge software to determine whether a person's smartphone was
being used at the time of an accident.

Does anyone know anything about what Cellebrite does? Their website feels
jargon-y on the surface, didn't get a clear sense of what all they do on an
initial visit. Is what they're proposing even possible without help from
Apple/Google?

~~~
zabuni
Judging from the release notes of their other products, which I assume this
will be based on, it relies on exploits, or having the phone unlocked. So if
you run a patched google phone or an iphone, they get nothing.

[http://www.cellebrite.com/Releases/MobileForensics/UFED6.1_R...](http://www.cellebrite.com/Releases/MobileForensics/UFED6.1_ReleaseNotes_EN.pdf)

The device lists makes and models of Android phones they can access, and ones
they can bypass the lock. I have to assume they are using exploits. Especially
with the lack of similar lists for Apple.

What I have to wonder though, are they getting a special version of the
product, or is the euphemism or a digital "breathalyzer" just a way of dodging
the fact that they want to do warrant less digital forensics on people's
devices?

------
ColinCochrane
It seems like there are a couple big issues with this.

1) What if your passenger was using your phone?

2) What if you using voice-commands to send a text (especially if via CarPlay,
etc...)?

~~~
johnfn
True, passenger in the car does blow a hole through this. But that's only
something like 5% of cars, so it'd be easy to only target the other 95%.

Voice to text is certainly harder to prove right now.

To me (and I know this will be a controversial opinion) I feel this is
something smart phone manufacturers should work together with the government
on. A simple "has a text been manually entered in the last x minutes" read out
feels like a non slippery slope that may save lives by proxy.

~~~
jimktrains2
> To me (and I know this will be a controversial opinion) I feel this is
> something smart phone manufacturers should work together with the government
> on. A simple "has a text been manually entered in the last x minutes" read
> out feels like a non slippery slope that may save lives by proxy.

It wouldn't save lives -- it's only useful after the fact. My phone shouldn't
spy or taddle on me (more than's already required to connect to the cell
network.)

------
fuzzywalrus
I just don't know how this could be provable? Either there's an OS level log
that you're signing your life away on that is a huge privacy risk (and
requires OS level engineering) or they're just guesstimating off data use. I
can't see how they'd be able to differentiate from a hands free UX interaction
from one done physically. Also, if in a car of multiple people, it begs the
question who is responsible for using the phone? When traveling with
friends/family/significant others/guests often we hand off our device for
media usage.

------
dbg31415
This is a horrible idea.

I'm not going to unlock my phone for the cops just because they pull me over.
Once they connect, who knows what data they will capture and how that will be
used. Driving isn't probable case for them to look through my emails... and
once I unlock my phone for them they can see everything.

Also... it's stupidly easy to circumvent. Just carry an old phone and switch
it out when they ask. They won't have probable cause to search the car, so
it's really whatever phone you give them.

I hate how they waste tax money on crap like this.

------
thrillgore
How soon before Apple and Google patch whatever mechanisms this tool is using
to check phone activity?

Since my phone uses Qi charging, maybe I see a value in epoxying my USB
port...

~~~
planteen
Take it a step further and put a USB killer inside the phone!

[https://arstechnica.com/gadgets/2016/12/usb-killer-fries-
dev...](https://arstechnica.com/gadgets/2016/12/usb-killer-fries-devices/)

------
sandworm101
Constitutions normally only protect the content of communications, not the
fact that communications occur. This isnt even the traditional metadata debate
(inside v outside of an envalope). They dont care who or what you text, just
the when and that you did. A mandatory tech that betrays only the time that a
text was sent will probably survive legal scrutiny.

~~~
djschnei
4A makes no distinction between content/things and actions. A timeline of my
actions is absolutely something I am (should be) secure in.

Furthermore, the idea that privacy means secrecy is too narrow even when we
think only about personal information, like the contents of a journal. Suppose
I give you my diary and urge you to read it. No one would think you are
violating my privacy when you do so. The reason is that privacy is not about
the information itself, no matter how personal it may be. Instead, this aspect
of privacy – informational privacy – is about my right to control what other
see, and in this example I have given you my permission.

Privacy has less to do with the information we conceal from the world than
with the close and trusted people that we determine to share our information
with.

My Actions, i.e. the act of communicating, is absolutely protected under the
original intent of the fourth amendment. Now, that means very little nowadays,
but your statement - "Constitutions normally only protect the content of
communications, not the fact that communications occur" \- is patently untrue.

------
djschnei
“Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety” - Ben Franklin

------
ben_jones
So um, can we name and shame whatever start-up is doing this?

------
tomjen3
Pointless. I mean sure if they see them do it, fine them, but I am far more
concerned with drivers who are drunk - they are dangerous the entire trip.

------
kamakazizuru
this is why we just need to get self-driving cars sooner, this is solving the
wrong problem.

------
empath75
this seems to be unconstitutional on its face, but the courts have been
willing to let cops get away with murder, so it probably would end up being
allowed.

------
humbleMouse
This is the beginning of the end. Privacy is gone, humanity is doomed. What
other data will these devices skim while they are looking through the phone OS
to see when the last text message you sent was?

We are on a slippery slope to being completely controlled by cops and their
technology. Pretty soon every law enforcement vehicle is going to come
equipped with a LTE spoofer running in their car that skims all this
information from the phones in the near vicinity.

You'll get automatic messages in your car's dashboard display when you send a
text message - "Pull over, you broke the law and sent a text while driving. A
cop will be here soon to arrest you."

~~~
vvanders
On one hand, driving isn't a right and if you're piloting a 5k+ lb projectile
at 70mph(or 50k+ in the case of some truckers I've seen texting + driving) you
deserve to have the goddamn book thrown at you.

It would be nicer if there was a way to do this without complete privacy
invasion, at the bare minimum a warrant + request to your carrier for just
timestamp metadata would make me much more comfortable.

~~~
jimktrains2
What if my passenger was making the call or text on my phone (which isn't
uncommon, at least with my group of friends)?

What if the texts were minutes before at a parking lot, while the car was off?
How does anything but a copy actually seeing a cell phone in my hand while
driving prove beyond a doubt I'm guilty?

~~~
vvanders
E911 pings should provide moving speed at the time of the text. An officer is
going to take your Driver's License, so they should should be able to
differentiate between you and your passengers.

~~~
sidlls
How accurate are E911 pings?

What if I give my phone to a passenger? My driver's license has literally
nothing to do with that.

My wife and I both have expensive smart phones. We frequently let the
passenger use the driver's phone for, e.g. navigational purposes. If we get in
an accident while I'm driving and my wife is using _my phone_ to configure a
route, how is a cop to know that?

