The FBI has been unable to access a Washington Post reporter’s seized iPhone because it was in Lockdown Mode, a sometimes overlooked feature that makes iPhones broadly more secure, according to recently filed court records.
The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device.
“Because the iPhone was in Lockdown mode, CART could not extract that device,” the court record reads, referring to the FBI’s Computer Analysis Response Team, a unit focused on performing forensic analyses of seized devices. The document is written by the government, and is opposing the return of Natanson’s devices.
Archive: http://archive.today/gfTg9
This news sparks joy. It’s a shame the FBI is wasting their time on petty political bullshit like this instead of going after real crime. What a shameful chapter for the FBI, and that’s really saying something given their illustrious history.
You act like there’s a cabal of kid rapist running the world.
The “funny” thing is that anybody thinking that a mere 5 years ago would have been deemed a conspiracy nutter.
If they had any decency at all they should be arresting the president.
But hell would need to freeze over first. 😡
They did that, twice. Even got a trial and 34 felonies. Repercussions? None. Honestly if you do your job and not only see nothing come of it but said felon has an impact on your job now I can sympathize a bit.
He would have been fucked if he had lost the election, and money won the election, money and the markets is the only thing Trump cares about.
Scott Galloway has the right idea
no one is gonna arrest the president for you.
you are gonna have to band together and do it yourselves.
Right!?
Like ohhh. So important to see if someone liked a post. Meanwhile tech espionage and terrorists take over the world.
How dare we ‘radicalize’ over the idea of free Healthcare.
Absolute sham of ‘protection’.
Honestly I don’t even believe this stuff anymore. I feel like our government would set up shit just to make it look like they don’t have as much control as they really do.
Just a nice little theater act to try to make people think privacy can still be a thing.
Always, always default to the simplest answer being the most likely to be true. In context, the government is too incompetent to manage such a thing.
Social contract is breaking.
No need to see any legitimacy in this government or its goons.
It’s really great, isn’t it? But I’d leave you with one theoretical angle to consider…
What if the FBI actually did get into the phone? If so, then why would this information have been made public?
The only reason why, that I can think of right now, is that the FBI wants more people using Lockout. If so, the only reason I can possibly imagine for that is—there are actually some good commonly available techniques to keep them out of your devices, of which Lockout is insufficient. They’d want more people assuming that it is sufficient, and this news could accomplish that.
Purely theoretical… but the bigger point here, whether that framing is strategically true or miraculously over-thinking things, is that something does work. No matter what, you know something works.
It’s not like it was a press release, it was gleaned from a court document. I suppose they could be happy with what info they got off of it enough to let this prosecution fail if they can follow up the chain, but I’m still skeptical. Who knows, maybe they have a functional quantum computer they don’t want to advertise
You create a great story but violates K.i.S.S.
- not saying they got in means they can’t use it as evidence. Sometimes there’s still due process
- even if they can get into lockdown mode, it’s clearly harder than not lockdown. Why conspire to make it harder?
Yes, probably so. I haven’t seen the designs of lockdown mode, but I get the case for my hypothesis being far fetched. Wasn’t trying to start any conspiracies. Please, ignore my shenanigans.
Best advertisement I’ve heard for an iPhone ever. Now that Android moving to the same walled garden business model…
Graphene OS
You can lockdown an Android phone too. At least I can on my Pixel 8a.
And the FBI can’t get in? I doubt that. It has always been notoriously easy for law enforcement to get in to Android phones.
Obligatory XKCD.
Under Kash Patel, I’d be surprised if the FBI could unlock a Mime’s door, let alone a phone.
Haha, very true. Loyalty over competency.
Even if you turned the phone off? It should be secure on a cold boot before entering the password, as nothing is unencrypted yet.
You know, I have not kept up. Things may have improved recently. But historically there’s always been flaws in the security.
Yes, that’s advertising allright.
The FBI just wants the public to think their phone is secure. I got news for you, it’s not secure. Look up Snowden.
Reminder that none of your data is safe on a cloud. Law enforcement can get a judge to sign off and make Google/Apple decrypt your cloud data and give it to them.
If you really want your data private you have to put it on an encrypted hard drive. Recommend Veracrypt.
Recommend Veracrypt.
Or Luks which is well integrated with Linux. Are there significant advantages with Veracrypt?
It depends on which cloud. US cloud services are inherently unsafe. Some other countries have more respect for privacy.
and even then, unless you unlock it for law enforcements upon request. you will serve lifetime in imprisonment or until you agree to unlock it and whatever if any crime is within the locker to continue imprisonment. so safeguarding data really doesn’t matter in the end anyway because any sensitive data kept anywhere will be used against you either by the law or by criminals. which often times seems to be one and the same.
unless you unlock it for law enforcements upon request. you will serve lifetime in imprisonment or until you agree to unlock it
I’m like 99% sure that isn’t how that works. Held in contempt of court, maybe, but lifetime imprisonment, doubt it.
Can you provide any statute or reporting to indicate a person can be jailed indefinitely over not unlocking a device?
for the US, check the somewhat recent Joseph Gelfgatt case.
Snowden was pre-lockdown mode but yeah.
One shortcoming of lockdown mode, as far as I can tell: you can pair your phone and watch so locking your phone will lock your watch as well, but you can’t do the reverse. It seems more likely that a hostile party would get access to your phone first while you still (temporarily) have control of your watch, so being able to lock your phone from your watch would be extremely useful. (Or for that matter, set lockdown mode to trigger automatically if your watch is removed or your watch and phone move to different locations.)
Swallow it.
“Can I cook mine?”
“No, you must eat it raw.”
That seems like a very simple problem to just not need to worry about.
Just don’t buy a smartwatch.
It’s not that the watch is an added vulnerability (there’s no info accessible via the watch once the phone is locked)—it’s just a missed opportunity.
You need to re-read what he said.
Stop requiring accounts just to view content.
Fucking scumbags
Here are the instructions to enable and description of how it works. Seems really complete.
Feature set seems like an improvement, honestly. In particular:
Game Center is also disabled.
I tried GrapheneOS on my Pixel, and it’s pretty cool, but unfortunately I want my phone to have full functionality. I’ll sacrifice some privacy and just practice digital minimalism, which ultimately is the best form of privacy.
What didnt work for you?
I just got tired of everything being a hack. I simply need my phone to work and I also see a bit of irony installing play services just to receive proper notifications. I know I know the whole app sandboxing bit. But still, it seems counterintuitive I don’t have to worry if my phone’s going to let me down if I’m driving a need to download some obscure parking app or if I need tap to pay to function which in the United States I do. One time I was at Costco, renewing my membership, they needed me to download the app real quick to do something on the account. But because the app wouldn’t function right, my wife had to do it.
I needed to buy some ribs the other day, but I forgot my wallet. If I had tapped to pay on my phone, that wouldn’t have been an issue.
they needed me to download the app
They wanted you to, but i get your point.
receive proper notifications. I know I know the whole app sandboxing bit
Still worth it for the sandbox
You don’t NEED tap to pay. I literally never use it, ever, unless I have a card with a bad chip (happened once).
Forgetting your wallet like a dummy doesn’t mean you NEED tap to pay, it means you need to remember to bring your wallet.
Also, there is nothing you NEED the Costco app for, an org like that can’t lock things behind an app to function because their customer base is too broad, they will inevitably have old people with T9 Nokia bricks still. It might have been the most convenient way to achieve it, but it’s not a requirement - even if that particular sales associate didn’t know how and would have to phone a friend.
All that to say I’m not trying to convince you to use gOS; I fully recognize that security is on one end of the spectrum from convenience, and we all choose where we want to be on that spectrum. But I felt the need to counter your claims… Nobody NEEDS tap to pay smh. If you care about privacy at all you wouldn’t be linking cards to apple or Google, adding yet another layer of giant data collection to some of your most intimate data.
Well, since the reporter does not really own the phone, the FBI will now turn to Apple ordering them to disable that false sentiment of security.
If you don’t hold the keys, it’s not encrypted.
If a person is using lockdown mode they more than likely also have Advanced Data Protection enabled. This removes iCloud keys on Apple’s side and is only stored on device.
In that case you hold the keys and it’s encrypted.
And if you don’t think there are backdoors then I have a bridge to sell you.
The best you can hope for in any case is increased friction. Because if you have pissed off a government org to the point they declare you an actual national security threat… you start realizing why israel et al tend to be known to have tools that can crack a few generations back.
Which is why journalists, when they talk about stuff like this, are pretty adamant that they don’t trust those devices at all. One of the more common tactics is to have completely separate devices for sensitive communication that are kept physically isolated from any of their personal devices… and preferably in a place that a trusted associate knows about. If someone gets taken away in a black van? Someone else goes for a walk with a power drill for no apparent reason at all.
Well those back doors don’t seem to be working in the actual case happening currently. What you’re saying is assumptions.
Also you’re the second commenter today to say they have a bridge to sell me. Is this old saying making a comeback or is it bots?
Bridge market must be having a boom.
…
Yes, the reason multiple people accused you of being gullible is because they are bots.
*so Apple claims. Is it possible to verify the key is un-recoverably deleted? The more reasonable approach (when it comes to security) would be to never upload a key in the first place.
deleted by creator
Yes you do. In fact Apple warns you several times to keep copies of the key secure because there’s no way for them to help if it’s lost.
Yup… How can anyone even trust these massive companies anymore? Everyone just gives their freedom and privacy away.
We sacrifice everything at the altar of convenience and comfort. It won’t be long before people realize how bad of a decision that has been, and not because they’ll broaden the minds. More like, reality has a habit of shoving the truth into our faces and holding it there.
deleted by creator
