back to article Unlocking news: We decrypt those cryptic headlines about Scottish cops bypassing smartphone encryption

Police Scotland to roll out encryption bypass technology, as one publication reported this week, causing some Register readers to silently mouth: what the hell? With all the brouhaha over the FBI, like a broken record, once again demanding Apple backdoor its iPhone security, and tech companies under pressure to weaken their …

  1. Hubert Cumberdale Silver badge

    All the more reason...

    ...for me to continue shunning smartphones and using something that lasts over a week without charging. All my private data is safe on a BitLocker-encryp... oh, wait... have they broken BitLocker yet? Oh yeah, I'm using Windows 10, so they already know everything about me anyway [gives up, screws up tin foil hat and tosses it over shoulder].

    1. Gonzo wizard Bronze badge
      FAIL

      Re: All the more reason...

      That depends if bitlocker has stopped relying on poorly implemented drive-level encryption which turns out to be depressingly easy to defeat in many cases.

      1. RobinCM

        Re: All the more reason...

        BitLocker Drive Encryption always uses software-based encryption on the OS drive if you turn it on after installing Windows.

        Microsoft recommend you only use software encryption.

        For additional drives that you format and encrypt later you can change defaults and other settings via group policy.

        Also see KB4516071.

    2. StargateSg7 Bronze badge

      Re: All the more reason...

      And THIS is WHY not only do I run my OWN fully-encrypted main operating system on my phones, I ALSO RUN a custom BASEBAND communications operating system for the 3G/4G/5G telco communications, ...AND.... I also run a custom ROM BIOS (i.e. Read ONLY memory!) with Shor's Algorithm resistant encryption at the base operating system level !!!

      Not even dipping my phones into liquid helium to get at RAM contents will work since I ENCRYPT EVERY SINGLE OPERATION and in-memory/virtual memory VARIABLE and constant! They is gettin' NUTHIN' from me !!!!!

      Cellbrite and those other systems DO NOT WORK on my custom-built-systems especially since I use my own custom CPU's and instruction sets NOT based upon ARM or x86!

      .

      GOOD LUCK !!!!

      .

      1. Michael Wojcik Silver badge

        Re: All the more reason...

        Ah, that's some good kook-rant.

    3. StargateSg7 Bronze badge

      Re: All the more reason...

      I should also note, that for ARM chips in the 2 GHz range (on some phones!) you can run an SDR (software defined radio) baseband OS to emulate ANY waveform you want. Just delete the Baseband OS loader and install your own and NO-ONE can take control of your phone because you can do deep packet inspection at the baseband OS level (i.e. the OS lying underneath Android and iOS used for 3G/4G/5G telecom communications).

  2. hellsatan

    The FEDs want remote access...

    All very well skimming through a seized device, but the plod really want to just remote in to any old smartphone and browse all the pics of your cat without anybody asking awkward questions... hence the demands for backdoors.

    1. diodesign (Written by Reg staff) Silver badge

      Remote access

      There is that, but this is in the context of physically seized devices.

      C.

      1. NoneSuch Silver badge

        Re: Remote access

        "There is that, but this is in the context of physically seized devices."

        I would argue this is the thin end of the wedge. Checking a phone in police custody seized during the arrest of a suspect is one thing. Backdoor encryption allows people to check anyones phone from 200 KM away whenever the mood takes them.

        Police / MI5 / Home Office should have a court warrant naming the individual involved and their suspected crimes for proper search and seizure. That's a balanced system that has worked for hundreds of years.

        Governments say they want privacy eliminated so they can fight terrorists and one of the first things they do with those powers is tap journalist email accounts. That shows you everything you need to know.

        Once government has access to your phone, the second phase is censoring your data to protect their agenda and political power.

        1. Anonymous Coward
          Anonymous Coward

          Re: Remote access

          and the SNP are the guiltiest of it, siccing Plod Scotland already on journos who asked "too many awkward questions" as well as making threatening phonecalls to editors, approaching newspaper owners directly to make threats, putting pressure on advertisers and worse.....

          People's (non) Democratic Republic of Scotland incoming? complete with field guidance visits from the FM and the appointment of a "transfinder general" to appease the transphobic wing of the party membership along with an anti trans section 28/clause 2a (already being openly called for by some.....shameful)

          1. Joe 37

            Re: Remote access

            When it comes to trans crap - ask the Minster for Higher Education. For an afternoon.

            Who doesn't buy the trans fascist crap.

            And got sacked by Queen Nikki (May she die and rot in Hell forever)

            1. Anonymous Coward
              Anonymous Coward

              Re: Remote access

              No she was and is a transphobic bigot, just like Cherry and McAlpine

            2. anonymous boring coward Silver badge

              Re: Remote access

              What is "trans crap"?

            3. anonymous boring coward Silver badge

              Re: Remote access

              Hello? Why don't you define "trans crap" so at least I know what you are talking about?

      2. HildyJ Silver badge
        Flame

        Re: Remote access

        The reality is that they don't need remote access if they have the physical phone. But you'd never know that to hear the Feds talk. The Feds on both sides of the pond want to be able to view anyone's (and, ultimately, everyone's) data remotely, 24/7, without anyone knowing it. Over here Attorney General Barf is attacking Apple for not giving him a back door in a case where the FBI has the physical phone (and has probably decrypted it already.

        Never forget, if you exist, you are a suspect.

    2. DJV Silver badge

      Re: The FEDs want remote access...

      Shirley, in that case, they should be asking for catflaps, not backdoors!

      1. Anonymous Coward
        Anonymous Coward

        Re: The FEDs want remote access...

        Our cat refuses to use the catflap. Instead it waits for one of its slaves to open the door, so that it can through it, change its mind and come back again.

        1. KittenHuffer Silver badge

          Re: The FEDs want remote access...

          The trick is to use (duck or cello) tape to tape the flap in the open position. Your cat will get used to going in an out of this opening. Then after a few weeks you can untape the flap, and out of habit they will push at this thing that has appeared in their entry/exit route, and you can continue to sit on your bum watching TV!

          1. OssianScotland Silver badge

            Re: The FEDs want remote access...

            Dogs, maybe, but any self-respecting feline will see the obstacle and sit, making whining noises, until one of their slaves comes and lets them in/out.

            If they are going out, noises may be replaced with a carefully located* deposit

            *i.e. in a location directly proportional to both the cost/cleanability of the floor covering and your liklihood of stepping right on it

          2. the future is back!

            Re: The FEDs want remote access...

            That’s “duct”, “Duct” I say.

        2. Is It Me

          Re: The FEDs want remote access...

          Our happily uses it's cat flap (or teleportation abilities) when no one is looking, but as soon as there is a human slave it sits and stares at the outside world until the door magically is opened.

        3. Teiwaz Silver badge

          Re: The FEDs want remote access...

          Our cat

          Ours refused to use outside doors point blank, and always jumps up to sit on a windowsill to be let in

          1. DJV Silver badge

            @Teiwaz

            A cat my family had in the 1960s* used to sit on an outside window sill and continuously scrape his claws down the window when he wanted to be let in. The sound it made was almost as bad as chalk on a blackboard - you just HAD to let him in to make the noise go away.

            (* and long before installing catflaps was a "thing" in the UK)

        4. Smooth Newt Silver badge
          Happy

          Re: The FEDs want remote access...

          Our cat refuses to use the catflap. Instead it waits for one of its slaves to open the door, so that it can through it, change its mind and come back again.

          You have one of those Brexit cats, then.

        5. LeahroyNake Silver badge

          Re: The FEDs want remote access...

          Pussy whipped just like me.

          Have tried loads of tricks, changing the flap, treats, leaving the little shit out in the rain, pushing the bugger through. Opening the flap works but we may as well open the bloody door grrrrrr.

          1. Anonymous Coward
            Anonymous Coward

            Re: The FEDs want remote access...

            Kill The Cat (s)

            regards Any Dog.

        6. steviebuk Silver badge

          Re: The FEDs want remote access...

          Because they don't know and can't see what is on the other side they have a natural fear. If you create a minor shelter on the other side until they get used to using it, that can help them use it.

    3. Andy Non Silver badge
      WTF?

      Re: The FEDs want remote access...

      You mean the plod want to look at my wife's pussy?

      1. MiguelC Silver badge
        Holmes

        Re: The FEDs want remote access...

        And at yours too.

      2. Spanners Silver badge
        Go

        Re: The FEDs want remote access...

        No. Just Mrs Slocombe's.

      3. jelabarre59 Silver badge

        Re: The FEDs want remote access...

        https://www.youtube.com/watch?v=qVJnd3GgNQk (****NSFW***)

  3. Chewi
    Black Helicopters

    IndyRef2

    Despite voting "no" last time, I am quite keen to have IndyRef2 in light of recent events. I'm not fully decided at this point but I would still like to be given the choice. Police Scotland, however, puts me off voting "yes" more than any other issue and not just because of what this article addresses.

    1. CommanderGalaxian
      Unhappy

      Re: IndyRef2

      Just install LineageOS. Even you won't be able to access your phone via USB afterwards.

      1. phuzz Silver badge

        Re: IndyRef2

        I had that problem, but it turned out to be my Moto G, not Lineage.

      2. Arbuthnot the Magnificent

        Re: IndyRef2

        Hmm - on my second LineageOS handset, with no real problems - USB access works from my Linux machine.

    2. Anonymous Coward
      Anonymous Coward

      Re: IndyRef2

      Given that English-and-Welsh law has always been different and separate from Scots law, it shouldn't make any difference to Scotland's police service whether Scotland is or is not part of the UK, as rUK is a separate jurisdiction in either case. If there are issues of concern with the police service because of its groupthink or weltanschauung, wouldn't they (sadly) be there either way?

      If an independent Scotland ended up with a series of more repressive governments, that would be something to worry about, as that would presumably result in more oppressive policing. And if the police were oppressive anyway, that would still be a problem with the police, rather than the government (although you'd hope that the government would then take the police service to task). Who watches the watchers, and all that...

    3. Anonymous Coward
      Anonymous Coward

      Re: IndyRef2

      just remember who created plod Scotland and their "overseers" (still stripped of their powers IIRC) Scottish Police Authority (and lost their powers due to failing to do any oversight and just giving Plod Scotland EVERYTHING they wanted and then some.......oh yes...it was.....the SNP.....

      Who are going full steam ahead with facial recognition cameras, without any real oversight, given the overseer is yet again SNP appointed so will just do whatever the Plod or the party demand, especially given Humza Yousef is Justice Secretary and is simply continuing a reign of utter incompetence which has led to his meteoric rise in the ranks, most recently failing as transport secretary but given he's loyal to the FM and ticks various boxes, he can do no wrong.

      Also remember who constantly announces one thing and then does another....oh yes the SNP, PIP replacement, sat on hands 2.5 years and are delivering....a tartan hued PIP clone "structurally no different" comes the quote.....

      Then there is crashing school attainment, NHS waiting lists in orbit, bottle tax, virtual signalling plastic straw ban (despite the severe negative affect it will have on the disabled), determination to force through the "Nordic Model" despite reams of evidence that its counter productive and doesn't work, despite a review by former senior judge Lord Bracadale and which rejected their proposals, the SNP are hell bent on making vaguely defined "Misogyny" a criminal offence, along with "hatred towards a political entity" (hmm I wonder who they are trying to defend against criticism with that then?) aka "dishonouring the nation" an offence usually deployed by illiberal countries like Turkey and Russia....

      Voted Yes in 2014 and SNP for years, due to the above, either not voting in indyref2 or voting NO, holyrood elections.....no idea who, definetely not Labour or the SNP due to the blatant transphobia that runs rampant in both those parties....

      1. albaleo

        Re: IndyRef2

        "just remember who created plod Scotland and their "overseers" (still stripped of their powers IIRC) Scottish Police Authority (and lost their powers due to failing to do any oversight and just giving Plod Scotland EVERYTHING they wanted and then some.......oh yes...it was.....the SNP....."

        I recall there were only about six votes against the bill to create Police Scotland. I think all parties played a part. It was only after the police started raiding strip clubs in Edinburgh that we woke up to the consequences.

        1. Anonymous Coward
          Anonymous Coward

          Re: IndyRef2

          I recall there were only about six votes against the bill to create Police Scotland. I think all parties played a part. It was only after the police started raiding strip clubs in Edinburgh that we woke up to the consequences.

          Lothian and Border Police and Edinburgh City Council had long taken a very relaxed attitude towards the city's brothels ("massage parlours") and the unfortunate women who worked in them. The suspicion was always that substantial amounts of money were changing hands in exchange for such leniency. When Police Scotland came into being one of the first things they did was clean up the mess.

      2. Muscleguy Silver badge

        Re: IndyRef2

        Transphobia? you’re havin’ a laff. The SNP are gung-ho for GRA in the teeth of society opposition. Admittedly they are in competition with the Greens for the most pro Trans party. Which leaves us sensible minded Yes voters with nowhere to vote for unless the Rev Stu comes good with the Wings party in 2021.

        Anyway not wanting to vote Yes because police Scotland has to be one of the most witless reasons I’ve heard and I’ve chapped more doors than I can remember. At Wed Dundee RIC meeting it was revealed we chapped 20,000 doors in indyref1. I’ve trod some of the supposedly meanest streets and closes in Dundee on my tod in the dark armed only with Yes badges and a clipboard and never met no bother.

        Once Independence has been won you are free to vote for whichever Libertarian party floats your boat. If you think being yoked to hard right Tory Westminster is going to give you civil liberties I must ask what substances you have been smoking/snorting/injecting/ingesting.

        1. Anonymous Coward
          Anonymous Coward

          Re: IndyRef2

          Transphobia? you’re havin’ a laff. The SNP are gung-ho for GRA in the teeth of society opposition.

          Society opposition? I few dozen paranoid and ill-educated bigots on Mumsnet do not, thank goodness, define "society".

        2. Anonymous Coward
          Anonymous Coward

          Re: IndyRef2

          Muscleguy - all you ever do here is spout transphobic nonsense and defend "the party", the SNP isn't "society" as much as your lot would want it to be, their hard on for a one party state is sickening, their blatant flouting of the "representation of the people act" by bribing voters with sausage rolls etc and then denouncing the press attention as "mince" (a phrase seemingly aired everyday by SNP activists and politicians to deflect any criticism) and claiming without any shame "oh its for our massive activist base" despite being seen handing them out to members of the public. Yet plod Scotland have looked the other way as hard as possible.

          SNP Pro Trans my arse - Joan McAlpine, Joanna Cherry, Chris McEleny, Marjory Smith, Gillian Martin, Ash Denholm, Kate Forbes and many many more have all made blatantly transphobic comments, retweeted transphobic bigots, praised transphobic groups or used coded language, stuff that would get you in court if used towards any other group.

          They claim to be "following best practice" yet already Ireland, Argentina and other countries have enacted more sweeping changes with no rise in rapes/asaults and who have rejected the transphobia so virulent in the UK, then again no surprise given how much media attention is lavished on well heeled self defined "feminists" while ignoring mainstream feminist groups who reject their prejudice. Then again said same media were all against repealing Clause 2a / Section 28,

          Don't think "I don't want blacks, Hispanics, Muslims, Asians, Lesbians, Disabled etc in our bathrooms" would go over very well at all and would get said speakers in seriously hot water legally, any msp who inveited someone who had described a group of people as "parasites" and worse to speak at the Scottish Parliament would up till recently have been forced to step down and faced an investigation as would praising a relentless transphobic bigot who was banned from speaking at her former university due to her transphobic bigotry

          Said same tactics were used for years against homosexuals and were deplored and called out for the bigotry that it was, particularly in the lead up to the repeal of Clause 2a / Section 28, yet today you see radical lesbian feminists using the same slurs and abuse that were levied at them (will result in sexual assaults, places young girls / boys in danger (yes I remember all those lines being used against homosexuals and not that long ago), its shameful and unacceptable.

          Your party are instutionally transphobic bigots plain and simple, sturgeon is a coward who has let this cancer fester to put party ahead of country as always, she thinks sticking her head in the sand and kowtowing to bigots by watering down the GRA reforms will keep the party intact and deflects whenever the topic comes up

        3. Toni the terrible

          Re: IndyRef2

          It's true that the Tory party as it has existed for the last 20 years and the governments it has run (not that labour has been that much better) is the best reason for a Scot-exit from the UK, shame I am not scots really....

  4. Dan 55 Silver badge
    Holmes

    Let me get this right

    1. scotPlod uses software to flash phone, furtle bits not usually furtled, forcibly unlock it, rummage around.

    2. Based on that may or may not decide to send off to a lab to properly extract contents.

    Can anyone see a possible place in this workflow where there's a chance for evidence to be planted/removed?

    1. ElReg!comments!Pierre

      Re: Let me get this right

      It all depends on how it's implemented. My assumption was that the use of dedicated "kiosks" is so that the kit can be properly locked down (and, hopefully, bolted down too). I don't think the plods want cases to be thrown out of court because of doubts about evidence massaging ...

      The kiosks are probably read-only, with the devices sent to a proper lab with proper procedures if anything suspicious iis discovered. As for returning the "clean" devices to their owners, though, there is probably little hope.

    2. NuffSed?
      Unhappy

      Re: Let me get this right

      And....

      They imply it is foolproof. When someone says that, for something like this, I think they are basically saying they can trick us proles (with impunity) that all us well until this Turnkey product can be fully activated when no-one is watching.

      Checks and balances exist (sorry give me a moment..... need to reign back nervous laughter) for all Police activity.

      How many Police were disciplined last year for abusing PNC? Moreover, how many got away with it? A recent article (IIRC) put it at over 50 in 2018! One plod (a relative) once told me that it isn't hard and only the naive get caught (still not sure how to take that comment).

      Planting "irrefutable" evidence is becoming easier by the day! How can we defend against it?

      I suppose it all comes down to trust in the Police. I think I still have a vague recollection of that term - it fades daily though.

    3. Little Mouse

      Re: Let me get this right

      Maintaining the integrity of the data source, and being able to evidence this, is the cornerstone of digital forensics.

      The CSI cliche of the investigator powering up the suspect's computer to see what they can find would likely be grounds to render any such evidence inadmissable (IANAL).

      Do the kiosks create an image of the phone without changing the original? It doesn't sound like it, but some clarification would be appreciated.

      1. Kientha

        Re: Let me get this right

        When I did my XRY cert (one of the other less worrisome mobile forensic tools since you need the passcode for the device for it to work) it could do an extraction from an iPhone without changing any data (except what is changed by the device itself in the normal operation) but Android devices had to change data on the device to extract data from it.

        The legal side of this is done with the documentation of the steps taken and the impact that has on the device. As long as you're following a good process, they'll accept the changing of the device data as a consequence. The way XRY and other tools work prevent investigators from being able to write anything to the device while it was plugged in to the XRY box. The rest of your assurance is from the process with exact time stamps of where the device was etc. The police guidelines are not fit for purpose but they're usable. XRY is also idiot proof whereas the other Mobile Forensic Tools are not. As long as you can follow very simple instructions, you can use XRY.

        1. Splurg The Barbarian

          Re: Let me get this right

          When did you do your XRY?

          Used it throughout my time in Cybercrime dept. Almost all of the XRY extracts of Android were done without changes. Left at the end of 2014 & haven't kept up to date with the latest versions of XRY since not long after.

          Besides even something has to added to a device, or indeed you have had to manually examine a device, as long as it is documented, photographed or videoed as we did then there is no issue, also remember that in Scotland corroboration is required. There can be one examiner as lead but everything done has to be corroborated and signed off by a 2nd examiner too.

          1. Kientha

            Re: Let me get this right

            2016. I believe it was only the case for Android 6.0+ which was still quite new at the time

    4. phuzz Silver badge
      Holmes

      Re: Let me get this right

      "Can anyone see a possible place in this workflow where there's a chance for evidence to be planted/removed?"

      Well yes, as soon as you get searched by the police, they "find" a baggy of class A in your pocket, or a knife with bloodstains on, or a signed confession saying "it wuz me wot dun it" etc.

      If the police want to frame you, then they still have a myriad of ways to do so without ever going near your phone.

      The solutions to this are the same as always: Try to live in a country where the police don't routinely do that sort of thing. Don't be a minority. Have enough money to pay for a scary lawyer.

      1. Toni the terrible

        Re: Let me get this right

        It is also true that if you have the connections or enough money the 'Security Services/Police" will be less likely to bother you. But then, you will be among the top 1% anyway and part of the Elite.

    5. DontFeedTheTrolls Silver badge
      Terminator

      Re: Let me get this right

      "uses software to flash phone, furtle bits not usually furtled, forcibly unlock it, rummage around."

      From what I've read, nothing as specific as this happens. Details are thin but I've seen nothing that indicates any change to the device

      If it does alter the contents then you are right, that evidence is likely to be inadmissible. That, however is not the point. Plod want to know who you've been communicating with so they can go search them too, acting on "information received".

      1. Dan 55 Silver badge

        Re: Let me get this right

        TFA says it makes changes:

        The technology works in various ways: Cellebrite says for some phone models, its equipment copies a custom bootloader to the device's RAM and runs that to bypass security mechanisms [PDF]. In some other cases, such as with Android devices, it tries to temporarily root the handset. The equipment can also attempt to exploit vulnerabilities in phone firmware, including iOS, to ultimately extract data.

      2. heyrick Silver badge

        Re: Let me get this right

        "but I've seen nothing that indicates any change to the device"

        Except the article itself, which says: In some other cases, such as with Android devices, it tries to temporarily root the handset.

        If they try that with some of the later Samsung models, they'd better be prepared to pay for a replacement. Rooting the device will trip KNOX which will blow an efuse to indicate that the device can no longer be considered "secure". It's hardware. It's permanent. Unrooting doesn't restore things.

        So, yes, there is a very real risk of changes to the device, and as the better phones take security more seriously, more devious methods will need to be used to try to get in. But deviousness has consequences.

  5. Peter Sommer

    DPA limits on police investigations of smartphones???

    Police powers to examine smartphones etc seized from persons and/or premises aren't unlimited, though how far some police forces realise this is unclear. The present position is that provided the person or premises were lawfully searched no additional authority to examine smartphones, computers, etc is required.

    This needs to change.

    But Part 3 of the Data Protection Act, 2018 (which incorporates GDPR) specifically provides controls on the activities of law enforcement. The 6 data protection principles must be complied with -s 36(1) says that any purposes of processing must be specified, explicit and legitimate. This rather implies that there should be a written privacy impact assessment. I'd be interested to know how many UK police forces actually run PIAs against devices they seize, and how they reconcile this requirement against the need to triage devices to see if they are relevant to an investigation.

    1. NuffSed?
      Coat

      Re: DPA limits on police investigations of smartphones???

      Ignorance of the law is no excuse, unless you are PC Plod for whom the law is changed retrospectively!

    2. Anonymous Coward
      Anonymous Coward

      Re: DPA limits on police investigations of smartphones???

      Likely they assuming having a singular PIA for the activity will cover them for all of them. Until that's tested legally I doubt it'll impact them.

  6. chuBb. Bronze badge

    I wonder if the plod bothered to buy the support/update package, as i bet as is the version that was signed off with for purchase can only handle phones more than 6 months old...

    £370k seems awful cheap for 41 govt/police targetted hard and software sales, its less than 10k per machine, which really seems way to cheap unless cellebrite employs a non commision chasing sales droid (yeah right!) so yeah wonder how much the update and support fees will be, but i suspect the deal is even worse as it includes the training budget for i assume at least 41 people unable to join the army/unemployable after the army, yeah i predict some red faces once the shine has worn off and its proven to be ineffective/illeagal/inadmissable/ripe for abuse.

    As for why the FBI is chasing apple, i suspect its a bit deeper a back door than usual, and they want to backdoor the hardware crypto stuff, so they can have a way of cracking any file container or private key signed using the TPM (or equiv chips) [or rather than cracking, just revoke and reissue with keys they control], to avoid "yay phone unlocked, but all the data is in an encryped container booo", they want a spectre level back door, so its largely immune to OS changes and or software tampering, and nigh on impossible for it to be bypassed or altered as its inherent in the hardware design of the phone. Which is a fine concept and easy sell to just about anyone with a crayola/trump (delete as applicable) level understanding of the topic.Until inevitably some researcher somewhere stumbles upon the magic key, and then every device with compient hardware in circulation internationally is wide open to world plus 5g dog. Can see it now, the fappening 2.0 aided by some ML, and AWS containers (paid with compromised banking apps on the compromised hardware) to scan for the most salacious exfiltrated data. Love to hear how "but but but terrorists!!!11!!!!, think of the children" will play to millions across the globe who find them selves cleaned out because good ol US of A doesnt like to admit to getting the thumb screws out on home turf....

    1. Mad Dave

      Downvoted for the most blatant showing of TDS I've seen today.

      1. chuBb. Bronze badge

        Tds?? Nah till chump can progress to sharp pencils instead of blunted felt tips I stand by my opinion ;)

    2. Mike 16 Silver badge

      Awfully cheap?

      Maybe Cellbrite is using the increasingly popular "Some telemetry data may be sent to the manufacturer for quality monitoring and product improvement" clause, which means that they get all the personal details the kiosk has ever seen on every phone it has "triaged". Should help them stay solvent even with low sticker prices. Works for ISPs, OSes, and social networks.

  7. Anonymous Coward
    Anonymous Coward

    Crooks and Alex Salmond, get your Linux phone here.

  8. SJA

    Extracting encrypted data?

    My android phone is encrypted with a rather long password. When I boot into TWRP and don't supply the password, I see only garbled entries in the filesystem. So those tool can also get physical access and do bit-by-bit extraction. But the they will still be encrypted and hence useless. Or can they also break the encryption?

    1. ds6

      Re: Extracting encrypted data?

      A combination of hardware/software exploits and brute force leads to data being exfiltrated. Just because your storage is encrypted doesn't mean there aren't other attack vectors, like the bootloader or baseband.

      1. SJA

        Re: Extracting encrypted data?

        But extracted doesn't mean being decrypted. E.g. making a copy of an encrypted HDD is simple: dd if=/dev/sda of=/mnt/sdb1/sda.img -- but I still can't break the encryption. So can the break the encryption?

        1. ds6

          Re: Extracting encrypted data?

          Technically all encryption can be broken, the only reason it's considered safe is it will take a very, very long time with current methods and technology to defeat it.

          More directly, the length of you password doesn't matter if your phone is already booted and has been unlocked once, as the decryption key can be siphoned out of /data/misc/vold; encrypted partitions are not unmounted when your phone locks, even if you trigger Lockdown. Your password is only used to unlock the phone and to encrypt the key used to encrypt the /sdcard filesystem (and other filesystems/per file encryption). Keep in mind there are sometimes 20-30+ partitions on an Android device, varying by vendor/ROM, and only a handful of them are encrypted.

          If you have Xposed, Magisk, root over ADB, or root shell available and the passwords for any of those are either not enabled or easy to guess, then data can be easily exfiltrated. I don't think Xposed Manager, EdXposed Manager, or Magisk even have the ability to lock module installs behind a password.

          It could also be possible to attack memory, flash a new bootloader, attack proprietary firmware like the baseband and/or wireless controllers, or use social engineering to get you to install a malicious APK.

    2. Splurg The Barbarian

      Re: Extracting encrypted data?

      Remember under RIP(s)A amd RIPA in England & Wales refusal to supply an encryption key when asked, includes phone locks, can lead to up to 2 years in jail.

      It's not used very often but the power is there.

      1. SJA

        Re: Extracting encrypted data?

        Not everyone lives in the UK ;) although I still think that RIPA is in conflict with the ECHR as it guarantees a fair trial which inclused right to remain silent and not to incriminate oneself. See https://www.echr.coe.int/Documents/Guide_Art_6_criminal_ENG.pdf , p. 35.

        1. Splurg The Barbarian

          Re: Extracting encrypted data?

          True, but the story is on a UK force being Police Scotland. There would have to be very good reasons for going through with a prosecution on this .

          Lets say, hypothetically, some kit has been found and examined, contains indecent images of children. One device is encrypted, accused doesn't hand over key. Why? Although evidence has been found to suggest a user of equipment ( can never but bum on a seat!) has comitted a crime, evidence very strongly points to accused, he tales.his chances that the up to 2 years will be less than would receive if data is seen from encrypted drive. In cases like that there is the fear that it could be hands on abuse of identifiable victims.

          Now i hate the "think of the children" garbage spouted by many to to.cause.fear, alarm and justify draconian measures, but where other evidence is available and in cases like the above example I can see its benefit. It also why it is only used , certainly in my experience, as an option under advisement where there is genuine concern.

          Its an "absolute power corrupts absolutely" type issue but as long as the nutcracker is used for the nuts & the sledgehammer is only used when the wall absolutely must be broken through then its OK, but only used in that way.

          1. SJA

            Re: Extracting encrypted data?

            Why should he be forced to hand over they password? That's a violation of right to fair process and the nemo tenetur principle.

        2. Toni the terrible

          Re: Extracting encrypted data?

          but Brexit....

    3. Jaybus

      Re: Extracting encrypted data?

      "Or can they also break the encryption?"

      It depends on the processor and Android version. There are bugs in many Snapdragon SOCs used in many Android devices that allow extracting the RSA key(s) from the QSEE (Qalcomm Secure Execution Environment). QSEE is Qualcomm's kernel that runs in the ARM TrustZone, or in other words apart from the processor cores on which Android (or whatever OS) runs. Similar function to the Trusted Platform Module, but built into the ARM SOC. This is the key used to check the RSA signature of an app intended to run in the QSEE, meaning a root'd phone can have custom apps installed into the QSEE. Not good. Also, the RSA key used for generating the key for encrypted file systems is stored in the QSEE. This key is used along with the passcode to generate the key used to encrypt/decrypt the filesystem. Once this key is extracted, it is simply a matter of brute forcing the passcode.

      If that isn't bad enough, the equipment in question can make a bit-level copy of the filesystem so that the passcode brute force attack can be run on heavy duty hardware, rather than the phone's meager ARM cores. So, if the RSA keys in the QSEE can be somehow extracted, then the passcode can be discovered in a reasonable amount of time.

  9. Version 1.0 Silver badge

    Breaking Glaswegian encryption

    OK, so they can break the encryption - but will that actually help?

    Burnistoun - Nae Rolls

  10. Steve Davies 3 Silver badge
    Joke

    Just wait until after Indyref 2

    The Plod will not only be inspecting your papers but sucking all those lovely cat vids off your phone before they'll let you into the SRE (Socialist Republic of Ecosse)

    Border posts will ensure that vids of cats having sex will be repelled at all costs (sic).

    As for walkers on the Pennine Way heading south... they'll be made to strip naked and swim across Kielder Water as pennance for want to leave the SRE. Those heading north will be made to recite at least three poems by Burns before being allowed in.

    [see icon]

    1. Halfmad Silver badge

      Re: Just wait until after Indyref 2

      Nah they'll be shut down as we won't have any money to pay for them.

    2. albaleo

      Re: Just wait until after Indyref 2

      Wrong country, pal. Police Scotland will only inspect your papers or phones if you fail to recite your lodge number (Orange or Masons, either will do.)

    3. Anonymous Coward
      Anonymous Coward

      Re: Just wait until after Indyref 2

      More like anyone attempting to leave will be shot ala North Korea, and portraits of the current FM will be hung in every building inc private home, likely with an assortment of statues here there and everywhere.....of course whenever the party elects a new FM there will be purges of those not in line with the new regime...

      Already Scotland is steamrolling towards being DDR reborn, Queen Nicky herself on her coronation told her aides to treat the media as "the enemy" and has stymied FOI requests from journalists, sent Plod Scotland after troublesome journalists, put pressure on others to get them fired and worse....

      "the media misinforms the people" / "BBC mis-reporting Scotland" sounds just like Trump's "FAKE NEWS" and the Nazis "Lugenpresse", no wonder the SNP are SO touchy about any comparisons with the Nazis, wouldn't want the public to see the ever increasing similarities now would we? - Setting up a national unified police force loyal to the government, repressive controls on speech (offensive behaviour at football, "misogyny" as a hate crime), state spying on the public - facial recognition, state interfering with private lives "Named Person Scheme" (claimed to have been dropped but its still coming, ID system - Universal Citizen Reference Number, claiming to be the sole voice of the country "we speak for Scotland" "Scotland says no to this" "This is OUR country" etc etc etc etc

      1. CommanderGalaxian

        Re: Just wait until after Indyref 2

        You have issues, don't you?

        I'm guessing you are somehow related to this Holocaust Denier (expelled from UKIP for it) - (and not forgetting the idiot holding the banner who got done for booting a pregnant independence supporter in the stomach during #IndyRef2014):

        https://twitter.com/mankyjaiket/status/1187049382128041985

        https://twitter.com/DgScots/status/1187315820931747840/photo/1

      2. heyrick Silver badge

        Re: Just wait until after Indyref 2

        "the media as "the enemy" and has stymied FOI requests from journalists"

        You mean, just like that lot down south?

        http://theconversation.com/what-boris-johnsons-election-win-means-for-british-broadcasting-129087

        https://www.heraldscotland.com/news/17873264.boris-johnson-39-s-tory-government-refuses-reveal-poverty-levels-brexit/

        (and quite a few more)

  11. BebopWeBop Silver badge
    Headmaster

    Not surprisingly, the Open Rights grtoup has something to say on the matter

    https://www.openrightsgroup.org/assets/files/pdfs/Scotland/Seizing%20the%20future_%20Seeking%20clarity%20of%20law%20in%20the%20search%20and%20seizure%20of%20mobile%20devices%20-%20Open%20Rights%20Group.pdf

    1. Anonymous Coward
      Anonymous Coward

      That's a horrific URI, and one of the reasons why sensible people don't put spaces in filenames! :-(

      (But, thanks for the info!)

      1. BebopWeBop Silver badge

        True - but one of the reasons that 'copy and paste' is your friend and I am always dubious over tiny urls

  12. Splurg The Barbarian

    Fail to see what the fuss is

    Firstly cards on the table, i work in have previously worked in a cybercrime department in Scotland both pre and.post Police Scotland creation. I no longer work in the department, seeing more naked children in a year than a pediatrician sees in a career causes you to escape while you still have your sanity.

    I fail to see what the fuss is. Simply nothing that these kiosks do is new. They do not give the police more rights nor more access to data than they already have currently nor more than at anytime in my time there (I started there in 2009).

    Police sieze a phone as per the law, or take witnesses'/complainer's phone with their permission. Reporting officer tells examiners what they are looking for (images, sms, other messaging,internet data, calls etc) phone is examined and the relevant info extracted and handed to RO.

    These new kiosks will allow devices to be triaged see if it has relevant info on it (exactly the same access to the phones that Police forces all over UK have) unable to changed, store move etc. the data. If it contains something then it is sent for examination.

    As witnesses'/complainers' devices could be months before examined before being found irrelevant this should hopefully stop innocent people.wanting to help or victims of crime being inconvenienced.

    In my experience, if your not driving on the phone, downloading images you shouldn't, stalking, abusive messages/calls, selling drugs, sending unsolicited dick picks, or grooming etc underage kids the police have no interest in your phone. Our department used to refuse loads of requests as not relevant, over reaching or best evidence can be got from elsewhere. It will still be the same here, it may be triaged, bur cynercrime may still refuse the full examination.

    There has been a lot of hysteria, hand-wringing and so on about this. My only concern is those that will be triaging may not have enough experience/knowledge to accurately translate what they receive from the initial exam.

    1. Yet Another Anonymous coward Silver badge

      Re: Fail to see what the fuss is

      >I fail to see what the fuss is

      Because it normalises this action.

      The next version of the software will fit in a pocket.

      The police will then slurp the contents of your phone at every traffic stop or SUS. Just to save a trip to the station = a purely administrative change for efficiency

      It's hardly unreasonable that the police can stop anyone in the street and check that they haven't viewed the website of any terrorist links to a group like extinction rebellion or English Heritage.

      Then get a list of all your friends, any financial data to pass along to the DWP or check for IR35

      Then get a copy of any pictures of your girlfriend/boyfriend/Sheep to pass along to their palls at the lodge.

      Just make sure you are following the SNP leader and giving it lots of likes in the run up to the next referendum citizen

      1. Splurg The Barbarian

        Re: Fail to see what the fuss is

        In that case then it has already been normalised.

        I stand by the commemt.

        This "kiosk" business does NOTHING AT ALL DIFFERENT to what police forces across the UK have been doing for at least 15 years. It gives the police access to NOTHING THEY HAVEN'T ALREADY GOT ACCESS TO at the moment nor what they have had access to for at least 15 years in case of normal mobile phones and less taking smartphones into account.

        This IS hand-wringing and woe is me by people misunderstanding what is going on.

        Police CANNOT just take your phone when asked, the same.as they cannot just walk in your house and look around. The mobile phone examinations will be EXACTLY the same it has been back in 2009 when I joined at the time my local plods cybercrime dept.

        All that is changing is the fact that rather than waiting months for an examination, unless it jumps the queue, it will be triaged at a kiosk. At the kiosk no data can be extracted and stored. In the case of witnesses' or complainers' devices the PIN/passcode will have been provided, as it allways has been. In the case of accused it sometimes is, sometimes its bypassed as it has been for years.

        The phones are only taken from accused if it is felt that it is likely to contain evidence, ie stalking, domestic abuse cases, rape and sexual assualt, grooming, drug dealing missing persons etc, where it is suspected to have been used during an RTC. Any examination that was negative is not kept, only the positive are. Only the relevant data is extracted ie call data, texts or messaging. If its not required for the case its not extracted or looked through, the cybercrime departments simply do not have time.

        I had issues with a few things we were asked if we could do, which we refused and I believe they still do. But a cannot start an argument with this on what is makey up guff, as everything that folk are complaining about that could happen is exactly what happens and has been happening for years.

        The sad comments about me and SNP is a bit much. I am no fan of what has been done to Police Scotland and the kool-aid swallowed by the media and masses regarding 1000 extra officer amongst others.

        1. Anonymous Coward
          Anonymous Coward

          Re: Fail to see what the fuss is

          stalking, domestic abuse cases, rape and sexual assualt, grooming, drug dealing missing persons etc, where it is suspected to have been used during an RTC. Halfway serious question. Are there any offences that don't fall in to your list? I know you missed terrorism and fraud - but those seem fairly obvious cases where phone evidence would be used. As far as I can see it's probably just wanton and furious cycling and sticking a postage stamp (remember those?) on upside down.

        2. Woodnag

          Re: Fail to see what the fuss is

          I think you miss the point.

          Right now, there are some controls on when a phone can be slurped. But the law can change.

          Before RIPA, passwords were private.

          Before even then, silence was a right and could not be used against the defendent.

        3. j.bourne
          Big Brother

          Re: Fail to see what the fuss is

          Well, interested to hear you were around before Scotland was created - you must be real old by now!

          OK. on to the subject

          "Police CANNOT just take your phone when asked, the same.as they cannot just walk in your house and look around. The mobile phone examinations will be EXACTLY the same it has been back in 2009 when I joined at the time my local plods cybercrime dept."

          Please tell that to all police - They need something to make them laugh now and again. Truth is that 99% do exactly whatever they like. Whether they technically "CAN" or "CAN'T". Post action rationalisation is used by most people. It's the same for the Police: only difference being that they often know which rationalisation will hold in court.

          1. Anonymous Coward
            Anonymous Coward

            Re: Fail to see what the fuss is

            Tell that to the guy whose former female partner battered him over a period of years and then stalked and harassed him, went to the Police Station in Arbroath, female PC LAUGHED at him and threatened to charge him with "wasting police time" IIRC

            He complained to the Police, closed ranks (nothing changes), complained to PIRC, she got off with a slap on the wrist, police "alledgedly" find a twitter account ridiculing them and decide it MUST be him and so send a multiple officer unit to smash down his door and ransack his house and then had the audacity to defend this as "proportionate to protect officer and police support worker privacy and safety"

            uniformed thugs, no wonder they dress all in black like paramilitaries, surprised that deaths head skulls aren't standard issue....well yet......

    2. DontFeedTheTrolls Silver badge
      Headmaster

      Re: Fail to see what the fuss is

      Much as I agree with you that the innocent have nothing to fear, the problem is the scope creep of searches.

      Will officers routinely "triage" all devices they seize just in case they find something incriminating. If it only takes a short amount of time and every officer has access to the scanner, what is to stop them fishing? Policy on Probable Cause? I know that often minor crimes lead to bigger catches, criminals being idiots don't insure their car, get pulled, and hey presto, stolen goods or drugs in the boot. Wouldn't be caught if the Police couldn't open the boot just because there was no insurance.

      At what point do the Daily Mail want every device scanned "cause paedophiles". Do we have random searches taking place "cause paedophiles".

      Just what is the feedback loop on searches to ensure the scope does not creep.

      1. MJB7 Silver badge

        Re: Policy on Probable Cause

        Scotland doesn't have a policy on "probable cause", because it is not a legal term there. The police in Scotland can act on "reasonable suspicion" (which is significantly weaker).

    3. Tinslave_the_Barelegged

      Re: Fail to see what the fuss is

      > or take witnesses'/complainer's phone with their permission

      This is the part that bothers me most, and about which I have written to my MSP. Imagine what will happen if you don't give permission. Hint: the response won't be "Oh, OK, on you go."

      And once this tech is normalised, it'll be like a bloke with a hammer - everything will look like a nail, and the most trivial issues are going to involve deep intrusions into our personal lives, even passers-by. This is not a wise or helpful step for society.

    4. paulll

      Re: Fail to see what the fuss is

      "if your not driving on the phone, downloading images you shouldn't, stalking, abusive messages/calls, selling drugs, sending unsolicited dick picks, or grooming etc underage kids the police have no interest in your phone. Our department used to refuse loads of requests as not relevant,"

      If the police have no interest then whose loads of requests were you refusing?

    5. Dan 55 Silver badge

      Re: Fail to see what the fuss is

      In my experience, if your not driving on the phone, downloading images you shouldn't, stalking, abusive messages/calls, selling drugs, sending unsolicited dick picks, or grooming etc underage kids the police have no interest in your phone.

      Getting raped is a new cause for police to rummage through your phone since you started in 2009.

      It is being normalised.

    6. Anonymous Coward
      Anonymous Coward

      Re: Fail to see what the fuss is

      Ahh.. the old "If you've got nothing to hide, you've got nothing to fear" routine, thank you for clearing that up.

    7. Anne-Lise Pasch

      Re: Fail to see what the fuss is

      My 'fuss' is that this toolset changes the device and does harm. Its the digital equivalent of kicking the door in. One does not simply 'unroot' afterwards, no harm, no foul. So normalizing this ability allows officers to think that this is a lockpick, not a siege weapon.

    8. Anonymous Coward
      Anonymous Coward

      Re: Fail to see what the fuss is

      Seems you moved onto the SPA, given those are the said same talking points deployed by them at Holyrood to justify them rubberstamping this and failing to employ any oversight of Police Scotland....

      Its the start to an extreme steep and slippery slope towards non stop surveillance and eradication of privacy.

      Police Scotland want always on facial recognition cameras and have lobbied for control of ALL CCTV in Scotland

      Police Scotland also close ranks and threaten members of the public- domestic violence viction was ridiculed and belittled and all because he was male (and he was seriously battered and then stalked by his ex) Police Scotland then kicked down his door and tore his house apart because he had the temerity to complain about his treatment

      Former Sgt in Tayside battered (and I mean battered) a suspect in custody, already had a rep as loose cannon, and still walked and was allowed to retire quietly with full pension (fiscals office had refused to charge him previously for threatening a member of the public in the street in uniform, despite said member of the public having a witness.....)

  13. JakeMS
    Windows

    What if..

    Serious question. The article states they attempt to bypass encryption by several methods, one of those methods being flashing the bootloader.

    They also state that they will return a device back to its owner of it's deemed "clean".

    But. Using my own phone as an example... My device has a custom bootloader (TWRP) and a custom firmware.

    After they have flashed their bootloader, they will need to restore the old one.

    My device is super picky about its bootloader, at this point if you boot or load the official bootloader, it will be permanently locked.

    Which in turn will also cause the firmware to not boot. That also means you can't flash the custom bootloader back either.

    Essentially they would have bricked the device.

    So, in the event, they give me back my device, bricked because of their actions, where do I stand legally? They have damaged my property.

    1. Alumoi

      Re: What if..

      You'll be SOL since by removing the official firmware you've accepted the risk of bricking the device.

      Oh, before the gang piles up on me, I always root my devices and replace the official firmware.

      1. JakeMS

        Re: What if..

        @Alumoi

        I'm not entirely sure that is correct, because while that is true had I bricked it through my own actions (aka it bricked while I was flashing it)

        It also remains true from the manufacturers point of view (I voided the warranty).

        However, if the phone is fully functional prior to the police having performed their actions, then it is not me who has caused the device to brick. In addition, there is no law which specifies you cannot alter your devices firmware or bootloader. The only exception being that you lose your warranty.

        This responsibility would entirely rest with the police for causing that device to brick at that time, on the basis had they not altered the bootloader (They are also voiding your warranty btw) your device would still be fully functional.

        1. The Mole

          Re: What if..

          IANAL but my understanding of case law is that if the police break your door down to search the property then they don't legally have to pay for repair for it... even if they've gone to completely the wrong address and you are completely innocent. I imagine that the same principle applies if they've broken the door of your phone down.

        2. chuBb. Bronze badge

          Re: What if..

          My guess small claims court, unless ur phone is covered in diamonds its worth less than 10k, and well it should back up somewhere (I mean non stock config and flash puts you in the category of people who should at least know they should be doing this even if we don't for our selves; mea culpa I'm the only one in my family whose devices don't back up to multiple locations and can be fully recovered to some point no later than 6 hours ago...) so data loss should be minimal, even if the embuggerence is quite high

        3. Alumoi
          Trollface

          Re: What if..

          Playing devil's advocate here, since you modified the original firmware by yourself, what proof do you have it worked before the police bricked it?

          BTW, replacing the firmware can be considered criminal intent, as you're bypassing the official surveillance. You know, if you don't have anything to hide and all that.

    2. CommanderGalaxian

      Re: What if..

      Unless I am missing something, unless the bootloader is already unlocked, they won't be able to do what they claim.

      Mine is currently unlocked - but that's for the convenience of being able to make random mods to my phone at a whim.

      However, if I was getting up to anything illegal, then I would, of course, lock the bootloader - and, as most modern phones do, subsequent unlocking (by manufacturing design) would cause the phone to be automatically wiped.

      Unless they are claiming they have a way to by-pass or disable the automatic wiping process that occurs at the point in time when the bootloader state is changed from locked to unlocked?

    3. Splurg The Barbarian

      Re: What if..

      You would either personally or via solicitor put in a request for damages to the police. Actually dealt with one for a laptop I examined. Thankfully in that case it was fully photographed & everything documented. When it was looked into the device had been "fiddled" with subsequently with different hard drives etc and could be proved.

      In your case if the phone did not work, and you had not been found guilty nor had an order confiscating your productions due to the type of case, then it would be treated the same as going through the wrong address' front door. If valid some form of settlement would be agreed.

      1. BebopWeBop Silver badge

        Re: What if..

        According to the commons law review (UK parliament publication) it is not necessarily the case that the police are liable and any payments will probably be ex-gratia.

      2. Anonymous Coward
        Anonymous Coward

        Re: What if..

        They would just make sure it was "unprovable" and dirty your name in the process, kicking down your door if needs be to intimidate you.....

        and yes I've had a not very veiled threat levied at me by a serving police sgt "many officers tend to see those filing complaints against the police as problem to be dealt with"

    4. NonSSL-Login

      Re: What if..

      Had a problem like that using Multiboot to have multiple roms on a phone and when one got a kernel update, caused problems galore with booting the others.

      If I understand what they are doing here, they are not changing the deleting or replacing the bootloader but putting it in memory and patching the phone to boot from that bit of memory instead of the current bootloader. If this is the case then it should have no effect on the phone after a reboot.

      Otherwise like you say, may things that can go wrong!

      1. CommanderGalaxian
        Alert

        Re: What if..

        Reading their brochure there is much to cause concern. It talks in parts about techniques that may be similar to the one you just described. However...

        It also talks about not making modifications by virtue of the fact that it deletes anything it has to temporarily install.

        Their caveat in that it claims it doesn't alter the "user partition": so ok to alter anything else then?: "Cellebrite ensures that the process is non-intrusive and that nothing in the device’s user partition is changed"

        And even if it does alter the (alleged) crime scene - apparently that's not a problem because at least you know those are your footprints in the snow: "This type of installation is comparable to walking into a snowy crime scene to retrieve a murder weapon. The investigator may leave his or her own footprints behind, but this necessity is acceptable in court as long as it is carefully documented. "

        No worries then about overwriting evidence that could prove somebody innocent!!!???

        And that it does alter things permanently: "This necessitates rewriting the phone’s memory, permanently changing the device boot loader to Cellebrite’s own."

        There's plenty of contradictions in the document to befuddle the technically unsofisticated - so that's you fucked if you are the accussed in any UK court then.

        Love this humdinger though: "Some agencies, for example, may require examiners to always disable the “automatic uninstall” setting, declare and document its use and leave the client in place. Other agencies may require this action only for suspect phones, but allow the client to be uninstalled from a victim’s phone as long as its use is documented."

        Did they actually just say "victim"!? So any alleged suspect is a "victim"!? Nice Freudian there guys.

    5. Anonymous Coward
      Anonymous Coward

      Re: What if..

      Answer "Police Scotland deny any culpability, our officers are highly trained and our suppliers guarantee that no damage could be caused and our "expert" witnesses will testify that this is impossible and the complainant caused the damage personally to file a vexatious complaint or inserted a "logic bomb" to obscure his criminality"

  14. jelabarre59 Silver badge

    side business

    The technology works in various ways: Cellebrite says for some phone models, its equipment copies a custom bootloader to the device's RAM and runs that to bypass security mechanisms [PDF]. In some other cases, such as with Android devices, it tries to temporarily root the handset.

    So as a side business, the local police can help you load LineageOS on particularly stubborn phones then?

  15. Anonymous Coward
    Anonymous Coward

    What state is the device left in at the end of all these shenanigans ?

    Because I'd be a bit pissed off to be handed a brick back after they found fuck all on it, and expect to suck it up.

    1. Splurg The Barbarian

      Re: What state is the device left in at the end of all these shenanigans ?

      Exactly the way it went in. Worked in cybercrime dept for 5 and a half years and in that time no phone or tablet that came in left in any state other than the same it came in.

      The only way that would change is if it requires a chip off examination. Which would require a forensic examination by the qualifies examiners of the cybercrime dept. For that to be done it wouldn't be an investigation into a crime that was proportional to that type of examination, and there would more than likely be some form of other corroborating evidence that would make that type of examination necessary.

      1. CommanderGalaxian

        Re: What state is the device left in at the end of all these shenanigans ?

        "Exactly the way it went in. Worked in cybercrime dept for 5 and a half years and in that time no phone or tablet that came in left in any state other than the same it came in."

        Disagree, if the equipment in the article actually accesses moblies in the way described.

        If you start tampering with bootloaders and and trying to root devices - it is inevitable that some phones will end up getting bricked or automatically wiped.

        Sure, bricked phones can be got working again. But the chances of doing it without data loss are small, and it can take quite a lot of time, patience and knowledge - which the person using the Celebrite equipment is unlikely to have.

  16. Anonymous Coward
    Anonymous Coward

    IOS and Android

    So, as long as I don't do anything dodgy in China, my new Huawei without Android should be fine. OR I could just use my no longer supported Windows phone - that should appropriately baffle the bluebottles.

    1. Yet Another Anonymous coward Silver badge

      Re: IOS and Android

      Your Huawei still has Google Android, just not Google store.

      It also has the same layers of baseband and embedded processor code that this system is exploiting.

      Given that the biggest customers for cellphone spys-R-us after the USA is China, you can bet Celebrite's engineers are frequent visitors to Huawei 's labs.

  17. Danny 2 Silver badge

    What the fuck is...no comment

    Ignore the pro/anti Scottish comments as irrelevant, this is a British issue. For institutional background, Strathclyde Police was one of the nastiest police forces in the UK (except the MET and City of London and Cleveland Constabulary) and it became Police Scotland in a takeover of the other Scottish forces, but Lothian and Borders Police weren't much better.

    My background is I was an accidental peace protestor for four years, wrongly blacklisted from IT a year before I decided to be an actual protestor. I was pressured into stopping any activism by police informers/infiltrators one of whom claimed to be MI5. The way they pressured me was raids/visits on my elderly parents home, I lost count in double figures. They knew I didn't live there but they knew that would be damaging to me - gangster tactics imo.

    Most raids on my parental house were within hours of me visiting them. I had an old 2G phone during most of that time. I put in an official complaint on the last raid, because it damaged my parents health, and I got a sham 'inquiry'. I pointed out it was obvious they were using their tracking of my phone to time their raids and was laughed at because "That's ridiculous, that would be too expensive, we don't have the budget".

    They also said if I pursued the complaint they would have to visit my parents repeatedly to pursue my complaint that they were visiting my parents repeatedly.

    I've a letter from them saying I was questioned as a terrorist in 2007. Pacifist. Just today Greenpeace have been listed as terrorists, and last week Extinction Rebellion were. Not my cause but yeah, ha to the governments greenwashing claims.

    Scotland is a police state. Britain is a police state. The police are riddled by fascists, masons, and other kow-towers to the aristocracy - not our best and brightest. Not all police are bastards. I've been in cells far too often but I've never been sent to prison, and certain cops could have sent me to prison but chose not to. The highest ranks are bastards though.

    My Chinese New Year resolution is to comment less here so often and give more tech advice to the climate newbies.

    1. Anonymous Coward
      Anonymous Coward

      Re: What the fuck is...no comment

      Add Tayside to your list, just as bad several officers told me to take the guy who was harassing my wife "down a dark alley and kick his head in, just don't get seen" "too much paperwork for us to do anything" etc etc etc

      XR though get no support from me "if our demands are not met we will" "I only need 3.5% of the population to force through my demands" and worse, phrasing thats generally only used by terrorists and other fanatics unwilling to consider the views of others and determined the apocalypse will be a week next Tuesday....the kind who used to wear sandwich boards and ring handbells not so long ago or join fanatical religious cults....

      1. Danny 2 Silver badge

        Re: What the fuck is...no comment

        I was beaten up as a 17 year old at a party by a psycho with a bottle of Martini. Still can't drink Martini. I was sitting missing teeth and my skull fractured next to two cops in A&E who asked what had happened to me. They recommended I buy baseball bats, get some mates, and bash the psychos head in. They gave me their names and badge numbers in case I got caught as they'd get me off any charges.

        I could've done that but Asimov wrote violence was the last refuge of the incompetent.

        I soon regretted that choice because the same psycho hospitalised another nice guy two months later. I kind of preferred 1980s policing, DIY justice.

        Worse for my first employer, they'd hired a clean cut kid and the next month I turned up looking like a war veteran.

        I disagree with you about XR - I'm not a fan but I have donated kit and advice because I think they are correct on their cause. They are not terrorists - they couldn't scare a bairn if they tried, and they would not say boo to a baby. If the word terrorist and terrorism laws mean anything then reserve them for people who are intent on killing folk.

        1. Anonymous Coward
          Anonymous Coward

          Re: What the fuck is...no comment

          I'll agrre to disagree - threatening to fly drones over a live airfield could easily cause fatalities, doesnt take much for something to go wrong and cause FOD damage to an engine

          Ditto blocking a train and kicking at those who tried to pull him down off the train (don't agree with commuters giving him a kicking, but he did aim a good few kicks at people's heads and tried to stamp on hands)

          Blocking central London and putting people's lives at risk they claim they would have moved for an ambulance, but often seconds can matter the 10 minutes minimum it would have taken for them to move their rubbish off the road could have cost someone their life.

          just because someone is polite doesn't make them innocent or right, heck look at Greta Thungberg - her discovery wasn't "accidental" her "discoverer" had seemingly been trytng to recruit children for a School Strike for weeks with no success, rumours are that he had been her mother's friend for years and involved in the same groups, also multiple rumours about who is bankrolling her and why (and its not to save the planet, its about making money)

          Look at Hallam's statements and those of XR senior members, one of whom stated to the press that "XR is NOT an environmentalist movement" more an anti capitalist revolution, which puts my alarm bells into full on ring mode, low level activists might be innocent enough, but who is pulling their strings and whats their end game? This isn't about tackling the "Climate Emergency" as much as dismantling society in favour of something more akin to communtarianism or worse full blown communism - see demands for "citizens assemblies" to dictate policy agendas for starters....

    2. Joe 37

      Re: What the fuck is...no comment

      The issue isn't the cops - it's the government enabling them.

      Cop Strathclyde was notorious for being too big. So what did the Scottish Nazi Party do? They let Cop Weegie take over the rest of the cuntry. Which led to senior cops from Weegieland wander all over Scotland going. "That's nice, it'd going to Glasgow"

      Like all the horses and dogs. Which oddly enough are always needed in Glasgow regardless of the need elsewhere.

      Queen Nikki FOAD horribly.

      1. Anonymous Coward
        Anonymous Coward

        Re: What the fuck is...no comment

        I prefer Natzi party personally

    3. CommanderGalaxian

      Re: What the fuck is...no comment

      When Police Scotland was formed, the UK Gov/HMRC refused to make it VAT exempt (an issue that now appears to have been resolved - and an issue that was essentially nit-picking on technicalities by the UK Gov) - essentially because unlike the regional forces of Strathclyde, Lothian & Borders, etc., it was no longer a regional force that ultimately lay under the chain of command that ended at the MET/Whitehall - but now is classed as a national (i.e. Scottish) force.

      Police Scotland is now in theory (hopefully) answerable to Hoylrood - rather than Westminster/Whitehall.

      I have much (common) sympathy for your position and experience - however the issues with Police Scotland are largely inherited historic ones; in time, hopefully, things can be improved.

      1. Danny 2 Silver badge

        Re: What the fuck is...no comment

        I appreciate your comment, truly, but I think things are getting worse. As evidence I'd cite this article.

  18. Boo Radley

    People SUSPECTED of a Crime

    Does this include people merely suspected of a crime, or only those actually arrested? It makes a huge difference.

    1. Danny 2 Silver badge

      Re: People SUSPECTED of a Crime

      Also apart from being arrested there is being prosecuted and then being convicted, completely different things.

      I was once arrested on 'suspicion of conspiracy to commit criminal damage' at 'RAF' Menwith Hill. Released at the end of the day 70 miles away. You have to laugh at any crime called 'suspicion of conspiracy' no matter how much they deliberately endanger you.

      I've been prosecuted a fair few times, only convicted (well, admonished) once and that time I was actually guilty. Breach of the Peace, which basically means anything that isn't an actual crime but we still want to charge you for. The irony of charging a peace protestor with Breach of the Peace, well, I pled guilty and was still released.

      Never get arrested on a Friday, you are in the cells until Monday. If you smoke then put on a nicotine patch before your arrest, they confiscate nicotine chewing gum now.

      Edit: For US readers, I confessed to all my crimes to the cops here, and I know of people/protestors in the US who did far less than me there and are serving many years in your much more horrific prisons. You need to get a grip on that.

    2. CommanderGalaxian

      Re: People SUSPECTED of a Crime

      You don't need to be arrested for them to seize items as evidence.

  19. Anonymous Coward
    Anonymous Coward

    I'd be worried

    Considering the police force can't even get permission to download an iso from a 100% known good source (where i work) from their IT. Despite it being CCTV footage they fucking requested. Then the machine they are using to view said footage was low on space. Finally they provided me with a USB stick (I was sick of providing them myself and never getting them back as they were evidence). I'd hope they'd encrypted this stick last time they used it. Oh....no they hadn't. So I was able to restore the data that used to be on the stick. Someone else's CCTV footage from a month ago.

    Jesus fucking christ. I deleted said footage, encrypted the stick. Wiped it, encrypted it again, then put our footage on it.

  20. Anonymous Coward
    Anonymous Coward

    Once again with feeling....

    In their search for "bad guys", the Scottish plod seem to think that a successful hack into a smartphone will get them access to messaging which may or may not show just how bad the "bad guys" actually are. But suppose these "bad guys" have already encrypted their messaging BEFORE THE MESSAGE ENTERS THE CHANNEL. Isn't it very likely that sophisticated, well financed "bad guys" are already prepared for backdoors and phone hacks?

    *

    So....once again with feeling....here's a message in a private book cipher. The Scottish plod, and GCHQ are welcome to tell the readers of El Reg what this message really says. I know...I know...book ciphers are crap....so it should be easy to publish the plain text in an hour or two.

    *

    15cI0I4W0uuX0F5j13lQ0ueX0M141RXd0J=l1k8J

    0m$o1H3G0ta2104o10Ri1agm0RKt1Ytx1AGQ1EZJ

    0M1R1EXb0uuk1PZG1AL61gcb1Xn21XUu1PwY0NMg

    0yVK17YE04Xt1Nd10COn0qI=1alT1fda0MVX11Zp

    0ZJS0l071DoJ1WTF0TPy000$0L1X1Jj80U4u0=7F

    0rHP00XA1bj80Bj81O7Q0eGy0J6M16Z50MrH0LlA

    0bRt1Fsq04jW1J2j1gJu0tIj1GwJ08nm1aFa1LEK

    0cBb0CjA0v8G0h220C7p11US0nWB0byK0Aqw14K$

    1Bm10xFP10sD1OIM1SiI19jq1T=41hDN1F8X00jm

    1kxL0N5=1hK21AMT0T0B0M6l1Nrb1KMS0eJD14gr

    0Ihu1KK40XTn0j2$0DAU0jyZ0oVn0iw=0Fvr1luY

    1VcR015s02=O1WdZ0UtS0knx0UbX1NFk

    *

  21. SonOfDilbert

    Shirley you can't be serious?

  22. Toni the terrible

    Police

    Isnt it just wishful thinking but I do want the Police and their Spooky Pals to at least obey the Law and not go after 'Powers' they dont really need. Why cant they just do their Jobs correctly?

  23. 2Fat2Bald

    I do wonder if such systems are only able to read data, or if they can write it as well?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020