this post was submitted on 15 Jul 2024
296 points (98.4% liked)

News

23287 readers
3657 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious right or left wing sources will be removed at the mods discretion. We have an actively updated blocklist, which you can see here: https://lemmy.world/post/2246130 if you feel like any website is missing, contact the mods. Supporting links can be added in comments or posted seperately but not to the post body.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source.


Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.


7. No duplicate posts.


If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners.


The auto mod will contact you if a link shortener is detected, please delete your post if they are right.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 1 year ago
MODERATORS
 

Federal investigators are analyzing device’s content, although it is unclear how agency gained access

The FBI has gained access to the phone of the suspected gunman who opened fire on Donald Trump’s rally and is analyzing the device’s contents, the agency stated in a press release on Monday afternoon. The shooting, which killed one audience member and left Trump bleeding from one ear, is being investigated as an assassination attempt.

Authorities have been working to determine the motive behind the attack at Trump’s campaign rally on Saturday, but no clear picture has yet emerged. The gunman, identified as 20-year-old Thomas Matthew Crooks by the FBI, was shot and killed in the incident.

Federal investigators announced on Sunday that they had obtained Crooks’s cellphone, but had issues with bypassing its password protections to access the data within. FBI investigators then shipped the phone to a lab in Virginia, where agents successfully gained access, per the bureau’s press release.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 86 points 4 months ago (5 children)

Something sus about how quickly they can unlock phones when it's attempted murderer killed dead and murder victims killed dead.

[–] [email protected] 91 points 4 months ago

Cracking a phone is pretty doable. Cracking phones in a way that will hold up in a court trial, much more formal.

[–] [email protected] 30 points 4 months ago* (last edited 4 months ago) (2 children)

look into celebrite

I think there's videos on youtube.

they can plug in most phones and have access to everything through an easy gui

[–] [email protected] 7 points 4 months ago (2 children)

I would definitely not call Cellebrite an "easy GUI" and they definitely don't get into most devices. Ive seen devices take months to unlock, if ever.

load more comments (2 replies)
[–] [email protected] 6 points 4 months ago

Cellebrite machines were used to copy contacts and messages and call logs from one phone to another, back in the day before Android and iPhone. There was little to no security on dumb phones back then... and you still needed the customer to put the PIN in and unlock their phone before using the Cellebrite. They came with a million different kinds of USB -> phone proprietary adapters, because mini and microUSB hadn't bee adopted yet as a standard.

Source: I used to do this sort of thing on a Cellebrite.

[–] [email protected] 23 points 4 months ago (2 children)

Most phones are locked with a four digit numerical PIN. The current technique is taking an image of the flash memory, and reflashing the memory after every few attempts.

It still takes a bit longer than straight brute force without a temporal lockout, but it’s still pretty trivial.

[–] [email protected] 15 points 4 months ago

If it was biometric login, even easier. Would've gotten in before thebody even got cold.

[–] [email protected] 14 points 4 months ago (1 children)

15 years ago, yes, nowadays especially on iPhone this does not work at all

[–] [email protected] 22 points 4 months ago* (last edited 4 months ago) (4 children)

It does when you have physical access to the RAM and storage, and a disassembly lab expressly configured for this purpose.

This is the backbone for a number of forensic services offered to law enforcement, and an entire cottage industry. I know with certainty it was still feasible as of the iPhone 12, which is well inside of 15 years. I don’t believe the architecture in the 13 or 14 has changed significantly to make this impossible.

With slightly earlier phones, tethered jailbreaks are often good enough, though law enforcement would more likely outsource to a firm leveraging Cellebrite or Axiom as the first step.

load more comments (4 replies)
[–] [email protected] 14 points 4 months ago (6 children)

If it used face unlock, just have the dead body and prop the eyes open and you’re in?

load more comments (6 replies)
[–] [email protected] 7 points 4 months ago (7 children)

Dude... my niece can unlock my phone while i sleep by putting my finger on the sensor.

I wouldn't be surprised if it would recognize my face while sleeping too

load more comments (7 replies)
[–] [email protected] 66 points 4 months ago (3 children)
[–] [email protected] 21 points 4 months ago

Asking the real questions here

load more comments (2 replies)
[–] [email protected] 41 points 4 months ago (2 children)

I wonder if they stuck his thumb on there. He is dead after all.

[–] [email protected] 19 points 4 months ago (2 children)

I get the feeling I'm the only person who doesn't use fingerprint readers (due to this and just some bad experiences with them not working right in their earlier days on phones).

[–] [email protected] 6 points 4 months ago (2 children)

I also don't, but I'm also not planning on committing crime.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 13 points 4 months ago (1 children)

It says they had to send the phone to a lab in Virginia, so obviously not.

[–] [email protected] 35 points 4 months ago (3 children)

So you cut off the thumb and ship it

Or make a casting

There's a million ways they could do it

[–] [email protected] 31 points 4 months ago (2 children)

Or you load the whole body into your passenger seat and drive it over there. Bonus points that this approach lets you use the carpool lane.

[–] [email protected] 8 points 4 months ago

Weekend at Crook's : one thumb up

load more comments (1 replies)
[–] [email protected] 9 points 4 months ago (1 children)

Fuck, Fuck, FUCK!

Screams the agent as heating up a frozen finger with a lighter put it on fire.

load more comments (1 replies)
[–] [email protected] 8 points 4 months ago

Walter:
You want a toe? I can get you a toe, believe me. There are ways, Dude. You don't wanna know about it, believe me.

The Dude:
Yeah, but Walter...

Walter:
Hell, I can get you a toe by 3 o'clock this afternoon... with nail polish.

[–] [email protected] 30 points 4 months ago (3 children)

they watched a youtube video by a guy from India on how to unlock it.

Seriously though, some of those videos actually work. I had a Samsung Galaxy that I got from some flea market for like $20. it was locked due to the FRP so I didn't have access to the email or phone number. I just wanted to use it as a headset mounted gyroscope thing for war thunder (yeah, ask me about that one). Watched a youtube vid by some guy in India who went through the most bizarre way to unlock the phone and it worked. I was scanning QR codes and installing the samsung file manager app and a bunch of weird crap and was surprised that it worked. Dudes on reddit were deadset that it was impossible, impossible I tells ya, to bypass the FRP. it is possible. and you don't need to download any of the scammy 'unlock your phone' programs either.

load more comments (3 replies)
[–] [email protected] 30 points 4 months ago* (last edited 4 months ago) (6 children)

Anyone know what kind of phone they reported they cracked? This should bring fear to anyone who cares even a little about privacy.

Otherwise, it will become normal to question why you take a shit with the door closed (what are you hiding in there?) slippery slopes and what-not.

[–] [email protected] 36 points 4 months ago (9 children)

There's devices sold to law enforcement that will allow them access to most phones by plugging them in. Believe it or not, Israel is the biggest exporter of exploits and hacks.

load more comments (9 replies)
[–] [email protected] 17 points 4 months ago (1 children)

It doesn’t matter. If a nation state is a wants access, they’re gaining access.

It’s probably an exploit from that Israeli cyber company that I forget the name of.

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago) (2 children)

Cellebrite is the name, I think.

Or are you thinking about pegasus?

[–] [email protected] 5 points 4 months ago (1 children)

NSO Group I was thinking of. They make Pegasus.

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 9 points 4 months ago

On the scale of privacy concerns, anything that starts with "they took physical possession of my device" ranks pretty low on my list.

[–] [email protected] 7 points 4 months ago

Any (western designed) phone. It doesn't matter. All your data belongs to us. Them.

[–] [email protected] 7 points 4 months ago

Bro,

https://en.wikipedia.org/wiki/Cellebrite

Makes them look incompetent to work so hard to get in

load more comments (1 replies)
[–] [email protected] 28 points 4 months ago (1 children)

Investigators couldn’t get in with 1234, so they shipped it to their lab to try 5678

Wonder if this was one of the latest flagships or something older

load more comments (1 replies)
[–] [email protected] 15 points 4 months ago (1 children)

Bro forgot to turn off his phone before they shot him.

[–] [email protected] 14 points 4 months ago (6 children)

If he had fingerprint unlock it would be pretty easy to get in considering they have access to his fingers. Facial recognition... less successful in this case.

[–] [email protected] 10 points 4 months ago (1 children)

Most phones actually require pin/password on boot, and only let you use fingerprint/face unlock to unlock later in the session, as a security feature. So if he turned his phone off, even that wouldn't work.

load more comments (1 replies)
load more comments (5 replies)
[–] [email protected] 13 points 4 months ago (1 children)

I hate when that happens. Now they'll have to take it to one of those repair places.

load more comments (1 replies)
[–] [email protected] 12 points 4 months ago (3 children)

Crooks, who left behind no immediately available manifesto or record of the attack, unlike many other modern assassination plots or mass shootings. He was registered as a Republican voter and donated $15 to a Democratic-allied organization but did not maintain a large online presence.

Well this is thoroughly unhelpful.

[–] [email protected] 11 points 4 months ago (2 children)

Someone with the same name made the donation. At this point, we do not know if it was the assassin who made the donation, or an 80 year old with the same name.

[–] [email protected] 15 points 4 months ago (1 children)

IIRC the donation had his address on it, they do in fact know it was him.

[–] [email protected] 7 points 4 months ago (1 children)

Or GrandPa Crooks.

In any case, I’m still trying to figure out how closely-related the organization was. “Democrat allied” or whatever could be almost anything.

[–] [email protected] 7 points 4 months ago (1 children)

The organization was ActBlue.

ActBlue Charities Inc. is an American political action committee and fundraising platform established for serving left-leaning and Democratic nonprofits and politicians.

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 7 points 4 months ago

He donated money when he was 17. It was $15.

load more comments (1 replies)
load more comments
view more: next ›