this post was submitted on 16 Jul 2024
312 points (95.6% liked)

Technology

59314 readers
4798 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] Chozo@fedia.io 111 points 4 months ago (8 children)

Without knowing how they got into his phone, this is a non-story that is just a retelling of older stories. For all we know they just took his dead finger and put it on the reader. Or maybe he used the same 4-digit PIN for his debit card or lock box or something else that they were able to recover. Maybe some detective just just randomly entered the shooter's birthday, only to say "Hey sarge, you're never gonna believe this... first try!"

There's nothing useful that can be taken away from this story yet, until more details come out.

[–] 0x0@programming.dev 23 points 4 months ago

they just took his dead finger and put it on the reader.

My bet's on this.

[–] glowie@h4x0r.host 18 points 4 months ago

Or unknown NGO software was used. But you're right. A nothing burger for now.

load more comments (6 replies)
[–] TheReturnOfPEB@reddthat.com 106 points 4 months ago* (last edited 4 months ago) (7 children)

Our local sheriff is using some spy level shit in our county that he refuses to explain.

He keeps "happening" upon crimes just "on accident." yesterday it was "stopped to take a pee in public park and caught a baddie" and two days before that it was "just happen to follow and pull over a guy with lots of pounds of pot hidden in the car."

The US police are spying on Americans phones, internet, GPS, and everything with no judicial recourse because it is corporations spying and then "giving the info" to the police for money.

The US law enforcement has gone full STAZI but using capitalism as additional cover.

The US is dead.

[–] rottingleaf@lemmy.world 39 points 4 months ago (2 children)

Let's all apologize to Stallman.

[–] demonsword@lemmy.world 14 points 4 months ago (1 children)

the man has rarely been proven wrong in anything tech related he has said

[–] TimeSquirrel@kbin.melroy.org 15 points 4 months ago (3 children)

Good thing you put the "tech related" qualifier on there. He probably should have stayed in that lane.

[–] TheGrandNagus@lemmy.world 10 points 4 months ago

Indeed.

It's also a reminder of why we shouldn't mindlessly celebrate celebrity figures like they're deities.

Stallman has amazing views regarding FOSS, but yeah, some of his other opinions are... interesting.

load more comments (2 replies)
load more comments (1 replies)
[–] USSEthernet@startrek.website 22 points 4 months ago

They're probably just capturing SMS messages or regular calls. Which is still illegal without a warrant, but who watches the watchers? Use encrypted chats and encrypted calls if you're worried.

[–] remer@lemmy.world 18 points 4 months ago (2 children)
[–] corsicanguppy@lemmy.ca 6 points 4 months ago (1 children)

“on accident“ 🤮

I know. Who SAYS that? It's by accident. One doesn't plan these things.

load more comments (1 replies)
load more comments (1 replies)
[–] Maggoty@lemmy.world 11 points 3 months ago

That's also a red flag for a dirty cop getting information from criminal group A to go after competition.

You should probably move.

load more comments (3 replies)
[–] uriel238@lemmy.blahaj.zone 29 points 4 months ago

It's always a contest between security tools and penetration tools. The problem comes when law enforcement can do this without fair protections of privacy, say if they can easily establish probable cause ( My detection dog is signalling you have illegal data on your phone ) or they are allowed to get a warrant post-hoc for an otherwise illegal search.

...Or they do the illegal search and then engage in parallel reconstruction e.g. make a fake story about following up on an informant.

Once the police just seize and crack your phone on a whim, then the state no longer respects your privacy and autonomy, which means you can no longer consent to be governed, rather are controlled by gunpoint (surveillance and use of force). This is one of the critical ingredients to autocratic rule, since it does a lot to neuter the capacity of discontent turning into revolt.

[–] anlumo@lemmy.world 28 points 4 months ago

I’m pretty sure it used to be easier with phones that didn’t have full disk encryption.

[–] bdonvr@thelemmy.club 27 points 4 months ago (13 children)

Good chance it was just putting the dead dudes finger on the scanner lmao

load more comments (13 replies)
[–] 0x0@programming.dev 15 points 4 months ago

The article does mention Cellebrite.

[–] henfredemars@infosec.pub 14 points 4 months ago (2 children)

Easier is a very relative term. It’ll be really expensive to use a genuine zero-day to do it. Such exploits are few and far between.

[–] dwindling7373@feddit.it 10 points 4 months ago* (last edited 4 months ago) (5 children)

How is it expensive? It is if it eqates to the zero day becoming of public domain, and this is not the case here. They can say they guessed the password while in fact they exploited some unknown vulnerability...

load more comments (5 replies)
[–] catloaf@lemm.ee 4 points 4 months ago (1 children)

But known exploits that have been patched, but not applied because they didn't update their phone, are plentiful enough.

Update your phones. Reboot them regularly, too.

load more comments (1 replies)
[–] umbrella@lemmy.ml 12 points 4 months ago (2 children)

stingrays, people.

they sell the exploits and are all hush hush about it.

[–] GamingChairModel@lemmy.world 10 points 4 months ago (2 children)

Stingrays don't do shit for this. That's mostly real time location data focused in by tricking your phone into reporting its location to a fake cell tower controlled by an adversary. That doesn't get into the data in your phone, and even if someone used the fake tower to man in the middle, by default pretty much all of a phone's Internet traffic is encrypted from the ISP.

The world of breaking disk encryption on devices is a completely different line of technology, tools, and techniques.

load more comments (2 replies)
load more comments (1 replies)
[–] Maggoty@lemmy.world 10 points 3 months ago (1 children)

This is the would be assassin's phone.

They gave that to the NSA or FBI Counter Intel guys who are hooked in with NSA.

Your phone is not going there.

However I would be on the lookout for that tech coming down the pipelines.

[–] LodeMike@lemmy.today 5 points 3 months ago* (last edited 3 months ago) (4 children)
load more comments (4 replies)
[–] randomaccount43543@lemmy.world 7 points 4 months ago (8 children)

Do they say what phone it was?

load more comments (8 replies)
[–] chemicalwonka@discuss.tchncs.de 6 points 4 months ago (4 children)

Can they access Pixel 8 with GrapheneOS? I think not

load more comments (4 replies)
[–] autotldr@lemmings.world 6 points 4 months ago

This is the best summary I could come up with:


Just two days after the attempted assassination at former President Donald Trump’s rally in Butler, Pennsylvania, the FBI announced it “gained access” to the shooter’s phone.

Cooper Quintin, a security researcher and senior staff technologist with the Electronic Frontier Foundation, said that law enforcement agencies have several tools at their disposal to extract data from phones.

The bureau famously butted heads with Apple in late 2015 after the company refused to help law enforcement get around the encryption on the San Bernardino, California shooter’s iPhone.

Early in the following year, Apple refused a federal court order to help the FBI access the shooter’s phone, which the company said would effectively require it to build a backdoor for the iPhone’s encryption software.

“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor,” Cook wrote.

Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, said the Pensacola shooting was one of the last times federal law enforcement agencies loudly denounced encryption.


The original article contains 1,208 words, the summary contains 180 words. Saved 85%. I'm a bot and I'm open source!

[–] mechoman444@lemmy.world 5 points 3 months ago (1 children)

Never keep anything on your phone that would require you to lock it.

I've never locked my phone.

[–] explodicle@sh.itjust.works 4 points 3 months ago (1 children)

It's true, I have their mom's phone number.

[–] mechoman444@lemmy.world 4 points 3 months ago

Son of a bitch! Stop calling so late!

[–] communism@lemmy.ml 5 points 4 months ago (1 children)

For GrapheneOS full disk encryption, am I correct in understanding that the disk is encrypted when my phone is locked and decrypted when I unlock it? So I don't need to turn it off for it to be encrypted, as long as it's locked it's encrypted?

[–] todd_bonzalez@lemm.ee 11 points 3 months ago (1 children)

The disk is encrypted when the phone is off, and it is decrypted after you turn it on and authenticate locally.

load more comments (1 replies)
[–] TheReturnOfPEB@reddthat.com 4 points 3 months ago

A 2020 investigation by the Washington, DC-based nonprofit organization Upturn found that more than 2,000 law enforcement agencies in all 50 states and the District of Columbia had access to mobile device forensic tools (MDTFs).

load more comments
view more: next ›