- cross-posted to:
- privacy@programming.dev
- cross-posted to:
- privacy@programming.dev
The FBI has been unable to access a Washington Post reporter’s seized iPhone because it was in Lockdown Mode, a sometimes overlooked feature that makes iPhones broadly more secure, according to recently filed court records.
The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device.
“Because the iPhone was in Lockdown mode, CART could not extract that device,” the court record reads, referring to the FBI’s Computer Analysis Response Team, a unit focused on performing forensic analyses of seized devices. The document is written by the government, and is opposing the return of Natanson’s devices.
Archive: http://archive.today/gfTg9
You must log in or register to comment.
Remember, if it were an android phone, google would have rolled out a welcome mat to it.
not if it was lineage, calyx, graphene.
This news sparks joy. It’s a shame the FBI is wasting their time on petty political bullshit like this instead of going after real crime. What a shameful chapter for the FBI, and that’s really saying something given their illustrious history.
You act like there’s a cabal of kid rapist running the world.
If they had any decency at all they should be arresting the president.
But hell would need to freeze over first. 😡
They did that, twice. Even got a trial and 34 felonies. Repercussions? None. Honestly if you do your job and not only see nothing come of it but said felon has an impact on your job now I can sympathize a bit.
He would have been fucked if he had lost the election, and money won the election, money and the markets is the only thing Trump cares about.
Scott Galloway has the right idea
It’s really great, isn’t it? But I’d leave you with one theoretical angle to consider…
What if the FBI actually did get into the phone? If so, then why would this information have been made public?
The only reason why, that I can think of right now, is that the FBI wants more people using Lockout. If so, the only reason I can possibly imagine for that is—there are actually some good commonly available techniques to keep them out of your devices, of which Lockout is insufficient. They’d want more people assuming that it is sufficient, and this news could accomplish that.
Purely theoretical… but the bigger point here, whether that framing is strategically true or miraculously over-thinking things, is that something does work. No matter what, you know something works.
I don’t think that’s a rational line of thinking, because there are documented filings of attempted file access into FOSS programs that the FBI are unable to influence and are completely unable to access, such as Veracrypt/LUKS encrypted PCs and GrapheneOS in BFU/Duress password entry status.
Now, Apple is indeed a proprietary ecosystem, and as such unable to have community outside assurances that their system is completely trustworthy. However, Lockdown has now joined the ranks of other systems of data security that have been proven effective against a warrant, perpetuating the cycle in which nations such as the UK (and the US during the Crypto Wars) have tried to overtly undermine the technology through public actions after failures to covertly crack them. You cannot classify mathematics, physics, or cryptography, and there is no such thing as a perfect backdoor (despite some senators’ opinions).
With all that being said, I still wouldn’t trust an iPhone, but I don’t think that proposed line of thinking meshes with the FBI.
It’s not like it was a press release, it was gleaned from a court document. I suppose they could be happy with what info they got off of it enough to let this prosecution fail if they can follow up the chain, but I’m still skeptical. Who knows, maybe they have a functional quantum computer they don’t want to advertise
Honestly I don’t even believe this stuff anymore. I feel like our government would set up shit just to make it look like they don’t have as much control as they really do.
Just a nice little theater act to try to make people think privacy can still be a thing.
Always, always default to the simplest answer being the most likely to be true. In context, the government is too incompetent to manage such a thing.
Best advertisement I’ve heard for an iPhone ever. Now that Android moving to the same walled garden business model…
Yes, that’s advertising allright.
Android phones have lockdown mode too. Hold the power button to show the shutdown menu and click lockdown.
Having it and it working as well are two different things. historically Apple has been ahead in security that can slow down or stop law enforcement. And before before you jump to the same conclusions as someone else, I never have owned an iPhone, nor wanted to.
GrapheneOS is ~10x more private and secure than iOS.
I want a phone, not a hobby.
Up voting because you made be lol, not because I agree with you. Been on GOS for over a year, it’s not that bad. A few apps don’t work, it’s only slightly inconvenient.
It’s not a hobby.
Don’t confuse Graphene with a tinker box, or some ROM you once rooted.
It’s a professionally polished and very secure fork of Android.
There are some minor limitations with a handful apps that can’t pass their Google specific internal security checks, but there’s lists of them that you can check to see if any are a deal breaker for you.
Safely using an insecure device swiftly becomes a hobby, unless you give in to the default experience.
I installed GrapheneOS, installed my apps, and I’m done. If I want to deny telemetry or to set up something like the duress password, it’s one to two taps.
iPhone users, man… stop drinking the fucking punch.
I’m not an iPhone user. I don’t own an Apple anything and really despise them as a company. Stop making stupid assumptions.
I’ve used GOS daily for years. Your characterization of the OS as a “hobby” could not be further from the truth. After some basic initial configuration, it simply works like any other phone. My bank app works. Every app they told me would not work, works fine. Honestly, I’m beginning to wonder if all this FUD is a result of personal lack of willingness to do the research or something more nefarious like intentional misinformation.
Discounting some minor comparability issues, the process just requires a computer, an internet connection, a cable, and the ability to read through a couple paragraphs of instruction.
I’m talking about daily use. I have a good friend, we’ve both been computer nerds since The Apple II era, we both used to put custom roms on our android phones, we’re avid self hosters, etc… He recently switched to Graphene and wants to switch back to something that’s less of a pain. His complaints are pretty much the same as reasons I haven’t switched. I warned him it would be an adjustment.
So you haven’t used it yourself and are shitting on an OS based on anecdotal evidence? "Stop making stupid assumptions”, I once heard someone say.
I use GrapheneOS and have helped other less tech-savvy people install and use it. You can just roll with the defaults and have a better privacy stance than the spyware Google puts out, or you can take a deep dive. It works just fine either way.
As someone who uses GrapheneOS with sandboxed GooglePlay on his only smartphone (with daily usage for years at this point): I don’t know what kind of adjustment you are referring to. I never had to adjust to anything, because I never encountered anything that GrapheneOS couldn’t do that stock Android could. Follow the installation process and after that the phone behaves like a regular phone, except you have way more options regarding security and privacy.
Is your friend trying to use GrapheneOS without any Google services maybe?
I had to fiddle with some stuff to get the Google location history and Android Auto working. But if you’re using it for privacy-from-Google purposes you probably don’t care about those.
Edit: also RCS and tap to pay with credit/debit card. Those require your carrier and Google to allow them, respectively.
My own personal experience over the past year with it has… Largely not lined up with that? The install process was easy, I do have gplay enabled but rarely use it, favoring fdroid, and it’s… Been fine? It’s felt mostly like stock android tbh
That’s the same thing stopping me from switching my friends from Linux. I know one of them would if I pushed.
I’ve been daily driving Linux for almost 2 years and also always have a minor issue daily. “Oh. Bluetooth module decided it just didn’t want to work. Better reload. Oh. Reloading doesn’t work? Got to restart. Oh. Now my Wi-Fi has completely crapped the bed and restarts every 5 seconds”.
Then the major issues are catastrophic, even though rare. I once had a system just start… filling up empty storage at a rate of 1 GB a second with an empty log file. I couldn’t figure out why. Ended up reinstalling everything.
I don’t mind fixing these issues. And hell, I have fun, but I’m the only computer guy in our group though so I’d be playing tech support for these people if they ever changed.
What distro are you using? This seems bizarre and the sort of thing you see on a less stable rolling release.
I’m an experienced technologist (a software engineer for over 30 years), I used to regularly install CyanogenMod on my phones. While I didn’t find the graphene OS installation to be particularly difficult, I did find actually using it to be too much of a challenge to live with every day. The biggest single problem I can recall is that I could not do any group
SMSMMS texts. Many searches and attempts at fixes later, I realized that it was a known bug that for reasons unknown did not seem to affect all users. There were a number of minor annoyances in addition to that bug.That may reflect more on how Google has locked down things on the pixel phones, or other stuff they’ve done to keep things as proprietary as possible in their software and devices. I switched back because it wasn’t worth the hassle to me.
That’s odd, group texts works fine on my phone.
You can’t send group texts over SMS
I’d guess the group chat is stuck sending messages to RCS (basically Google Proprietary) rather than MMS
This is the same problem iPhone users have dealt with for a long time when switching to Android and their number is stuck in Apple’s iMessage system
Corrected to MMS.
My friend tried using it last year and he started getting some super annoying RCS issues that caused him to switch back to iPhone. He was very invested in using graphene but it became too much.
That’s not what you said. But since you did, it’s very easy to install and use. No hobby required.
come onnnnn
this shit is fun!
Sigh, how, just how do you quantify that?
sigh you don’t.
So your comment is just fanboy bullshit?
LOL sure
deleted by creator
Graphene OS
You can lockdown an Android phone too. At least I can on my Pixel 8a.
And the FBI can’t get in? I doubt that. It has always been notoriously easy for law enforcement to get in to Android phones.
Under Kash Patel, I’d be surprised if the FBI could unlock a Mime’s door, let alone a phone.
Haha, very true. Loyalty over competency.
Obligatory XKCD.
Even if you turned the phone off? It should be secure on a cold boot before entering the password, as nothing is unencrypted yet.
You know, I have not kept up. Things may have improved recently. But historically there’s always been flaws in the security.
they’ll just lay israelis (cellbrite) to crack it
Here are the instructions to enable and description of how it works. Seems really complete.
Feature set seems like an improvement, honestly. In particular:
Game Center is also disabled.
One shortcoming of lockdown mode, as far as I can tell: you can pair your phone and watch so locking your phone will lock your watch as well, but you can’t do the reverse. It seems more likely that a hostile party would get access to your phone first while you still (temporarily) have control of your watch, so being able to lock your phone from your watch would be extremely useful. (Or for that matter, set lockdown mode to trigger automatically if your watch is removed or your watch and phone move to different locations.)
Swallow it.
“Can I cook mine?”
“No, you must eat it raw.”
That seems like a very simple problem to just not need to worry about.
Just don’t buy a smartwatch.
It’s not that the watch is an added vulnerability (there’s no info accessible via the watch once the phone is locked)—it’s just a missed opportunity.
Well, since the reporter does not really own the phone, the FBI will now turn to Apple ordering them to disable that false sentiment of security.
If you don’t hold the keys, it’s not encrypted.
If a person is using lockdown mode they more than likely also have Advanced Data Protection enabled. This removes iCloud keys on Apple’s side and is only stored on device.
In that case you hold the keys and it’s encrypted.
And if you don’t think there are backdoors then I have a bridge to sell you.
The best you can hope for in any case is increased friction. Because if you have pissed off a government org to the point they declare you an actual national security threat… you start realizing why israel et al tend to be known to have tools that can crack a few generations back.
Which is why journalists, when they talk about stuff like this, are pretty adamant that they don’t trust those devices at all. One of the more common tactics is to have completely separate devices for sensitive communication that are kept physically isolated from any of their personal devices… and preferably in a place that a trusted associate knows about. If someone gets taken away in a black van? Someone else goes for a walk with a power drill for no apparent reason at all.
Well those back doors don’t seem to be working in the actual case happening currently. What you’re saying is assumptions.
Also you’re the second commenter today to say they have a bridge to sell me. Is this old saying making a comeback or is it bots?
You still don’t have the key. The device, allegedly, has it, but you have no access to the device.
So no, you still have zilsh.
Yes you do. In fact Apple warns you several times to keep copies of the key secure because there’s no way for them to help if it’s lost.
Yup… How can anyone even trust these massive companies anymore? Everyone just gives their freedom and privacy away.
We sacrifice everything at the altar of convenience and comfort. It won’t be long before people realize how bad of a decision that has been, and not because they’ll broaden the minds. More like, reality has a habit of shoving the truth into our faces and holding it there.
Dunno what this has to do with the Ginza Apple Store. The intern just used the first stock photo they could find, I guess.
