Comments on: Android screen lock bests FBI

By: OoerictoO

OoerictoO — Mon, 19 Mar 2012 16:09:00 +0000

or they could have just compelled the user to reveal their password/pattern. recent precedents show this does not fall under 5th amendment protection. which is a farce, IMO. and yeah, what others said about recovery mode backup…

didn’t we have this conversation last week?

By: Deep Thought Lab

Deep Thought Lab — Sat, 17 Mar 2012 17:09:00 +0000

Hey, we found a simple way to gain unlimited attempts at gesture unlocking an Android phone and shot a video walk-though. If the FBI had done this, they would not have to have subpoenaed Google for the phone owner’s credentials. Here’s our write-up: http://blog.deepthoughtlab.com/2012/03/how-to-gain-unlimited-android-gesture.html

By: conor rynne

conor rynne — Sat, 17 Mar 2012 02:02:00 +0000

could it possibly be hosted at Google?

By: liveTexas

liveTexas — Fri, 16 Mar 2012 23:53:00 +0000

Why is everyone pointing out Their “unlocking strategy”?
Write an App & use AdWords or something !

By: wysinwyg

wysinwyg — Fri, 16 Mar 2012 20:01:00 +0000

RTFA.

Entering repeated incorrect patterns will cause a lock-out, requiring a Google e-mail login and password to override. Without the Google e-mail login and password, the cellular telephone’s memory can not be accessed. Obtaining this information from Google, per the issuance of this search warrant, will allow law enforcement to gain access to the contents of the memory of the cellular telephone in question.

By: Mattias Björkas

Mattias Björkas — Fri, 16 Mar 2012 18:24:00 +0000

I have always wondered why the Android phone lock is designed the way it is. Even if you catch an unintentional glimpse of the screen when it’s being unlocked by someone, the colourful, graphichal representation of the swipe pattern simply becomes etched into your retina, after which you can easily replicate the swipe. This is a fun feature if the person unlocking is a friend, but if not, I only feel uncomfortably tempted to move into the world crime.

By: Eugene Medvedev

Eugene Medvedev — Fri, 16 Mar 2012 17:39:00 +0000

From the digital forensics POV this should be the preferred method in the first place, since software can’t decide the phone is compromised and wipe everything if you imaged the whole thing.

By: lyd

lyd — Fri, 16 Mar 2012 16:28:00 +0000

The lockout after 5 attempts prompts you to reset the lock by entering your google account creds. Why wouldn’t the FBI just subpoena google to surrender the account info?

By: phisrow

phisrow — Fri, 16 Mar 2012 14:50:00 +0000

The key to the encrypted blob is still on the phone somewhere(the swipe-unlock doesn’t provide enough entropy for a crypto key, so most or all of the key has to be stored somewhere).
Now, depending on implementation, the stored key might be in tamper resistant memory of some kind, and liable to nuke itself if you start poking around where you don’t belong…

By: failquail

failquail — Fri, 16 Mar 2012 13:26:00 +0000

I was about to post something similar myself.

It’s quite easy to dump image files of the internal storage to sdcard.
Of course then it’s a bit more involved getting the data you want from that, but certainly not impossible.

By: SamSam

SamSam — Fri, 16 Mar 2012 12:15:00 +0000

Yeah… that’s totally like that movie, where the FBI didn’t know the guy’s password and I was like “Really FBI? I saw the guy type “swordfish” in the first five minutes of the movie!!! Weren’t you guys paying attention?”

By: jackie31337

jackie31337 — Fri, 16 Mar 2012 10:45:00 +0000

Really, FBI? My daughter was able to defeat the screen lock on my husband’s tablet when she was 7. She just watched him unlock it and copied the pattern. His finger grease on the screen probably helped, too.

By: Eugene Medvedev

Eugene Medvedev — Fri, 16 Mar 2012 10:05:00 +0000

I don’t understand how exactly did they manage not to open it, am I missing something?…
Encrypted storage or not, all Android phones can boot into recovery mode. While in recovery mode, a custom recovery image, usually used when rooting and customizing, can be installed. That custom recovery image allows one to back up the entire internal memory onto the SD card, and it also allows you to mount the SD card and get that backup off it without ever booting far enough to get the pattern lock. And you usually can just remove the SD card and read it separately.Even without replacing the recovery image, with most models you should be able to backup all the data with ADB once you boot into recovery mode and unlock debug functions with the ADK, why couldn’t they do that?

By: digi_owl

digi_owl — Fri, 16 Mar 2012 09:36:00 +0000

reminds me of the old trick about the worn out buttons on a keypad. Sure, your missing the sequence. But you have strongly reduced the number of combinations.

By: Steve Mayne

Steve Mayne — Fri, 16 Mar 2012 09:31:00 +0000

Not to mention that modern Android phones have the option to encrypt their entire storage – so dismantling the phone wouldn’t get them any closer to their goal.

By: elix

elix — Fri, 16 Mar 2012 04:09:00 +0000

I guess they haven't heard of the crescent wrench cipher...

By: Shashwath T.R.

Shashwath T.R. — Fri, 16 Mar 2012 03:45:00 +0000

No, that’s not security by obscurity – a password is a secret, but the method by which it works is not obscure by any means.

Using (say) RSA keys is not security by obscurity, but using your own made up cryptographic system would be…

By: jhoosier

jhoosier — Fri, 16 Mar 2012 02:21:00 +0000

Only if you hadn’t done anything after unlocking it. It’s easily solved by wiping it on your pants, shirt, palm, whatever.

By: MelSkunk

MelSkunk — Fri, 16 Mar 2012 01:03:00 +0000

This is exactly why I clean my phone screen often.

By: Douglas Gardner

Douglas Gardner — Fri, 16 Mar 2012 00:50:00 +0000

Couldn’t they just look at the grease smears invariably left on the phone?

By: Daniel Friesen

Daniel Friesen — Fri, 16 Mar 2012 00:22:00 +0000

Every security system relies on some form of obscurity. Passwords, keys, and patterns are not security by obscurity.

That said… the real downside to pattern unlock is sometimes you can find out the pattern just by looking at the grease smudges on the phone.

By: haineux

haineux — Thu, 15 Mar 2012 23:33:00 +0000

Even if they are, technically, “Security by obscurity,” sufficiently difficult computer security schemes rapidly cause people to switch to another attack mode, in this case, judicial.