Apple can decrypt iPhones for cops; Google can remotely "reset password" for Android devices

Apple apparently has the power to decrypt iPhone storage in response to law-enforcement requests, though they won't say how. Google can remotely "reset the password" for a phone for cops, too:

Last year, leaked training materials prepared by the Sacramento sheriff's office included a form that would require Apple to "assist law enforcement agents" with "bypassing the cell phone user's passcode so that the agents may search the iPhone." Google takes a more privacy-protective approach: it "resets the password and further provides the reset password to law enforcement," the materials say, which has the side effect of notifying the user that his or her cell phone has been compromised.

Ginger Colbrun, ATF's public affairs chief, told CNET that "ATF cannot discuss specifics of ongoing investigations or litigation. ATF follows federal law and DOJ/department-wide policy on access to all communication devices."

...The ATF's Maynard said in an affidavit for the Kentucky case that Apple "has the capabilities to bypass the security software" and "download the contents of the phone to an external memory device." Chang, the Apple legal specialist, told him that "once the Apple analyst bypasses the passcode, the data will be downloaded onto a USB external drive" and delivered to the ATF.

It's not clear whether that means Apple has created a backdoor for police -- which has been the topic of speculation in the past -- whether the company has custom hardware that's faster at decryption, or whether it simply is more skilled at using the same procedures available to the government. Apple declined to discuss its law enforcement policies when contacted this week by CNET.

It's not clear to me from the above whether Google "resetting the password" for Android devices merely bypasses the lock-screen or actually decrypts the mass storage on the phone if it has been encrypted.

I also wonder if the "decryption" Apple undertakes relies on people habitually using short passwords for their phones -- the alternative being a lot of screen-typing in order to place a call.

Apple deluged by police demands to decrypt iPhones [Declan McCullagh/CNet]

(via /.)


    1. Blackberry. Noone’s broken their encryption yet, and if try and fail to crack the password a certain number of times the device is bricked. The manufacturer and your carrier will cooperate with police under certain circumstances (subpoena) but their very limited in what they can do. From what I understand there’s one guy in Russia who claims he can defeat the encryption, and he charges like $20,000 per device to do so. Which means its not worth the expense for most people to bother. But I recently heard it’d been confirmed as a scam. 

      Also with the newest iPhones Apple is apparently attempting to compete with RIM. Encryption haven’t been broken yet. Although Apple might be a different case, typically companies will not cooperate with law enforcement without a subpoena.

      1. …because nobody gives a shit about BB. You make it sound like people can’t decrypt them because its too hard. They just have no motivation to do it. 

        1. I’m sure that nobody has ever had the motivation to try and decrypt a phone used by nearly every western government and major corporation in the world. What possible secrets could they have that anybody would want?

          1.  I imagine there’s a reason French Gov officials aren’t allowed to use Blackberries, perhaps their Intel agencies know the RIM servers are open to US intel agencies

          2. You might be surprised. The Cisco VOIP are used by nearly every western government and major corporation, but it wasn’t until recently that someone found out that they are ridiculously easy to hack:

            The scariest part of that excellent talk was that they found a large portion of the IOS internal calls could cause a crash – meaning there were probably 30+ possible trivially-hackable entry points in what is supposed to be a secure operating system that’s been in use in high-security operations for 18 years.

          3. I wasn’t arguing that RIM encryption couldn’t be cracked. Any system can be broken, it’s just a matter of how long it would take vs timeliness of the information that you would obtain.

            I was responding to the “nobody uses BB so nobody has even tried” argument, which is clearly ludicrous. There is a lot of *extremely* valuable information protected by BB security. Imagine how much money you could make if you were able to snoop on a corporate executive’s emails, prior to an earnings call for example.

            There is no lack of motivating reasons to try and hack BlackBerry security.

        2. No, it really is much harder – RIM started out marketing to corporations first, and so took a more security-first approach to their design and architecture.

          Apple and Google marketed first and foremost to individual consumers, and so took a more shiny-first approach.

          The market seems to be demonstrating that shiny wins  – but BB is still in a very real way the most secure of the three platforms.

          1. Right, encryption is  basically the only thing keeping RIM going at this point. The minute some one else matches or beats them on that mark their business in corporate and government areas goes away. 

    2. So what phone can we use to avoid this?

      Well, people were saying to use iPhone 4S or higher.


      But now that it appears that Apple has an Orwellian, exploitable backdoor, I guess the iPhone is now useless.  God only knows which corporate hackers already have access to this backdoor as well.

      And, with Android it appears that at least you may be informed or clued in that the government wants to dig into your phone first by a password reset, but they seem to have a backdoor as well…

      I guess that really leaves nothing because there’s no reason to trust Blackberry either.

       Welcome to 1984 in 2013.

    3.  Use open software. In case of mobile, use Firefox OS (which soon will gonna release this year), or Ubuntu Phone (will be released next year).
      Similarly on desktop use Ubuntu or any other flavor/distro of Linux.

      Geeksphone is first company selling Firefox OS developer preview devices. You can check it out here:

      You can check Ubuntu Phone here:

      You must also read this to understand why Firefox OS is better than iOS and Android :)

    1.  I suspect even if you install a fully open-source ROM (e.g. Cyanogen or some such), where at least in principle you can be sure there are no backdoors, you’re not safe.  There’s always the possibility of a factory resest, and while you lose your files when you do that, I doubt the reset actually does any sort of scouring of the memory chips; the files and filesystem structure are still there on the card, just no longer with a pointer to them from the root of the filesystem.

      If you use a fully open-source ROM and a fully open-source filesystem encryption tool (and multiple independent people have looked at the source code to both and agree that it doesn’t have backdoors), then you could be in better shape; it would probably take NSA-level computation to decrypt the system.  (By the time you get to that, it’s easier for them to threaten you with prosecution and long-term imprisonment for any of a number of crimes (that we’re all constantly guilty of in today’s legal environment) to get you to give you your password.)

      I don’t know if any such encryption tools for Android exist.  Myself, I merrily go through my day with my metaphorical fingers in my ear thinking that despite documented abuses, mostly the USA is still free for most people, and “it won’t happen to me”.

      1. This is correct – if you use the encryped FS feature on Cyanogen you are probably good to go (unless/until someone finds an exploit).  If you are concerned about security this is way better than iPhone and somewhat better than the semi-closed source code in some Android loads.

        1. The only 100% safe method is physical destruction of memory-I expect that there are some models of phone (not available to us mere civilians) out there that upon a receipt of a specific packet / SMS sequence to support this. A cheaper alternative might be a special extended battery case equipped with an isolated hardware system lined with thermite that triggers when oustide of the range of a unique coded NFC tag.

          1.  I recall someone working IT for the Australian Army.  On the underside of the laptop is a sticker with a target that shows where to shoot to destroy the hard drive platters.

    2. Dunno, the OS is encrypted by default with the same level of protections that desktop Windows gets. Unless there are backdoors in that OS as well?

    3.  According to MSFT, Windows Phone 8 defualts to an encrypted file system, however no mention is made as to whether or not key recovery was part of the spec. WP8 uses a numeric keypad as its screen lock source, and I suspect that it is not used in any part of the phone’s memory encryption process.

    1. You might as well go the Stallman route and stop owning a phone altogether. The government has shown that they can track feature phones as well.

      1. As long as you don’t have a phone that didn’t implement E911 then the most acurate location that they can find you is what tower  you’re at-and then only if the phone is on.

        What would be truly mind-blowing is if a SIM can be 100% cloned so at one time it appears somewhere in Iowa, an within 30 minutes the phone shows up as registered in California,

    2. I think everyone has to remember that the Constitution says nothing about freedom of the phone.  Just that we can own lots of guns and judges can send salty old print journalists to jail for not revealing their sources. (fortunately, 100% of the internet avoids reliable sources)

      1. “The right of the people to be secure in their persons, houses, papers,
        and effects, against unreasonable searches and seizures, shall not be
        violated, and no Warrants shall issue, but upon probable cause,
        supported by Oath or affirmation, and particularly describing the place
        to be searched, and the persons or things to be seized. ” fourth amendment to the constitution. freedom of phone is covered under “effects” (that is your belongings)
        the government sidesteps this by requesting the data, but not ordering it, since that would require a warrant. and also by arguing that you do not own your data (though that could be included under “papers” given the time of the writing, papers would be your personal correspondence (people still wrote letters) and your personal records) you merely “lease” it

        also the meaning of “unreasonable” has also been a big source of contention, it ultimately comes to the judge to decide what IS and ISN’T reasonable…which is kinda sad..

        1. It’s big sad. The other thing that government and corrupt private enterprise must really fear is assembly, and it’s SPEED of assembly, Used to be it took weeks/months/trad journalism to shine a light on bad guys. Now, it’s hours or minutes. And the upswell is frightening.

        2. Anything that isn’t specifically mentioned isn’t covered. Antonin Scalia told me.

        3.  I take issue with the “kinda sad”. Who do you trust to make the decisions? A sitting judge is supposed to be fair and impartial. While I agree that some judges are less than impartial, I assume that the system, either through appeals or other methods, will weed out the bad.

          Also, recall that not everyone lives in the USA.

          1. it’s a fair point, as my last remark was kinda flippant, my only point really was that i wish it was more explicit and less dependent on individual judges to determine what is and isn’t reasonable (also,to my knowledge, you can’t really appeal a warrant.) when should the government be allowed to invade your privacy and search your belongings is a difficult question. one i’m afraid i don’t know the answer to (which also makes me kinda sad)
            so the sad thing i suppose is that there may not be a better method.(to note: it’s definitely better than writs of assistance)

  1. The iOS process is simple. There’s a check on the USB bus during boot for a particular device, if device is present, it checks for auth keys, if auth keys are present it initiates a disk dump to attached storage. Same process used for debugging, really.

    The disk image isn’t encrypted. The backup you make to your computer can be encrypted but – again, with a key generated by Apple’s device and readily available to Apple.

    The lock screen and lock-screen unlock-to-sync is just a screen door, to which apple has a spare key.

  2. So, if you turn off the Wifi on your Nexus 7, the password can’t be remotely reset (maybe by NFC, so turn that off too), so the police is thwarted, no? 

    Keep the sensitive stuff on your tablet, and encrypt it.

    1. But it would need to be turned off FOREVER, as the tablet would be waiting for the corrupted update the next time it connects to the net. This severely restricts the utility of your tablet — you basically have an ebook reader and mp3 player. 

      I THINK you could still use Bluetooth and in fact are better off doing so, as BT only allows pairing to one device at a time, so that if anyone tries a sneaky pair/clone or file upload it would knock you off your headphones.

      This is all a bit useless once the device is in the authorities’ hands. Methods described above such as using file encryption prevents opposition from reading your files even if they take the tablet from your cold, dead, hands.

  3. The value of whole disk encryption on iPhones is that you can delete the data on the phone quickly and easily using remote wipe. This deletes the encryption key. I don’t think that Apple would be able to recover data if a remote wipe has occurred. It should be obvious that your phone’s data is not actually encrypted using the four digit passcode. That would be incredibly weak.

    1. Wipe your phone, but don’t do it after you’ve been called upon to give it up.  If you do, you are obstructing justice. 

      1.  Wiping the phone doesn’t guarantee that they can’t recover the previous state-your only option is physical memory destruction. 

        1. If the encryption key is wiped (I presume Apple does this in a sensible way that overwrites the key) then the data will be unrecoverable.

      2. If we’re going down that route then they can probably demand you unlock it anyway. I’m simply explaining that the point of the encryption is only to facilitate remote wipe.

        1.  I am wondering, if a cop is demanding your phone and you initiate the self-destruct sequence right there on the spot… I doubt that at that very moment it’s obstruction.  I could be wrong, but I’m wondering.

    2. Apple recovered Mat Honan’s data after his idevices were stolen and remotely wiped so I wouldn’t be so sure.

  4. Last I heard, there was no encryption on android. Apparently now there is, on newer phones.
    So, this is good news. Yay :)

    1. It has always been available to apps so if you have sensitive data you can use them with AES encryption or similar (aka Google can’t even do anything)

  5. Lets not forget that there WAS a nearly fool-proof third party whole-device-encryption system for Android Phones call Whispercore. This software, from developer Moxie Marlinspike, encrypted the entire device, system and data, with a user supplied key at boot time. Sadly the software was only for the Nexus One and Nexus S phone, and has was taken down after Moxie went to work for Twitter.  

    A recent tweet from him seemed to indicate that he has restarted the project. 

    1. the irony there is that a legal system was established because humans were untrustworthy without them.   (in the west chiefly in business matters; the notion of justice for a run-over peasant came later.  and lost again in the states circa

    2. Hahaha, what.

      Governments are legal entities too, not humans. Trust no government, either, then, right? They’re the one asking corporations to do this; they’re the ones who’ve given themselves this power.

      1.  You trust your government?  The one that wants to read your private data without a warrant?  Not me, coach. 

        1. Fuck no; trust no one. I’m pointing out the myopia in your singling out of corporations — who have to cooperate within the law — and not government, who make the law.

    1. Let me expound upon that cryptic denial:

      Airplane mode instructs the hardware radios in the device to not /transmit/. They can, and often do, still /receive/ signal from the various sources around them. All it takes is a properly coded broadcast message – the radio will pick it up unacknowledged, and execute the accompanying instructions (which may be to pass an encapsulated packet further up the comms stack).

      The various US TLA’s have the ability to turn on the mic and various other attached hardware on a phone/device without the user’s knowledge, remotely. They have the ability to reset passwords, remotely. They have the ability to request the contents of whatever directory, remotely.
      You don’t want the US authorities in your phone, don’t turn it on in the US (or NATO treaty signatory. Or Australia. Or …)

      1. Sources?  Airplane mode turns the radios (and gps, bluetooth, etc) off completely.  There’s no tinfoil hat needed to prevent reception.

        Care to refute?  Post your sources!

  6. If you are trying to protect the sensitive incriminating data on your phone, you’re doing it wrong…. There shouldn’t -be- sensitive incriminating data on your phone. 

    1. It’s not just about incriminating information, it’s about the corporation that will cheerfully hand over anything on the device when someone with a badge asks for it.

      Apple isn’t law enforcement and they shouldn’t be made a part of the process.

      1. I’d say you’re both right. If I had any juicy secrets I definitely wouldn’t trust them to my phone. But the privacy issue isn’t about me, it’s about all of us.

      2. Apple might be a different case (because Apple is fucking strange), but on the whole device manufacturers, carriers, ISPs or any other company your data and communications go through won’t cooperate with law enforcement unless compelled to do so by court order. A lot of them will try to avoid doing so even once subpoenaed. It’s in their interest both from a liability standpoint and a business standpoint to avoid breaching customer’s privacy. There also needs to be pretty compelling evidence of a crime to even get the court order in the first place. 

  7. This is precisely why I back up my phone to my computer and not to iCloud. Who needs the device if all your critical data is on someone else’s server?

  8. We should get the EFF to host private keys to all devices. Suppose the FBI or the NSA, or state police produce a legitimate warrant to access the data on an encrypted device; then the EFF decrypts the device key using the private key they hold, and publishes the warrant on a website of devices revealed to law enforcement. That way, there is not unlimited access to data, but there is still a means for law enforcement to get data off devices when a legitimate need has been demonstrated to a judge.

    1. One better: We should have it so that only the owner of the device has the private key.

  9. I guess the only way to stay safe is the good old “burner phone”. Switch every week for a cleaner, safer and probably untapped conscience. That’s if you are really paranoid. 

    Although I’ve heard that IM-services that are sent using encryption is causing problems for the authorities to listen in as well. Didn’t FBI ask Apple to give them access to theirs?

  10. It is not a question of breaking Apple’s or RIM’s encryption at all.

    I used to crack games and other programs in my early days. I never once tried to find out what the encryption was; instead all I had to do was find where the program’s own decryption function was and how to invoke it.

    i.e. If you encrypt yours filesystem, your own phone can decrypt it is. Ofcourse, it can. That’s how you see your files. Google or Apple only need to invoke the same function which will read the key that you entered which the phone already has and presto!

  11. This is terrible and sad, it appears that if you own an electronic device you immediately forfeit your right to privacy. I may have to write a “Scrotie MacBoogerBalls” type piece of literature to store on my kit so anyone who wants to read my stuff without my permission can at least violently puke on their laps and monitors. Setec Astronomy is no longer a required company.

  12. As far as I know can’t Google just disable or bypass the pin/password/pattern, nor disable encryption on your device/decrypt it.
    What Google can do however is change your Google account password, now what does this have to do with your phone you may wonder? Well, if you enable a pin/password/pattern on your phone you have to use that to unlock your phone. When you enter the pin/password/pattern wrong 10 times it requires you to login using your Google account.

    Now since Google can change the password of your Google account, they can grant access to your phone by changing your password, entering the pin/password/pattern wrong 10 times and then login using your Google account.

    Please remember that Android (AOSP) is open-source, and you can check Android for backdoors if you want, or, as people mentioned earlier, you can install an open-source custom rom.

    I hope I helped a bit, somehow..

    Have a nice day!

Comments are closed.