New Report on Police Decryption Capabilities

There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it.

This report documents the widespread adoption of MDFTs by law enforcement in the United States. Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia. We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant. To our knowledge, this is the first time that such records have been widely disclosed.

Lots of details in the report. And in this news article:

At least 49 of the 50 largest U.S. police departments have the tools, according to the records, as do the police and sheriffs in small towns and counties across the country, including Buckeye, Ariz.; Shaker Heights, Ohio; and Walla Walla, Wash. And local law enforcement agencies that don’t have such tools can often send a locked phone to a state or federal crime lab that does.

[…]

The tools mostly come from Grayshift, an Atlanta company co-founded by a former Apple engineer, and Cellebrite, an Israeli unit of Japan’s Sun Corporation. Their flagship tools cost roughly $9,000 to $18,000, plus $3,500 to $15,000 in annual licensing fees, according to invoices obtained by Upturn.

Tags: , , , ,

Posted on October 23, 2020 at 8:47 AM25 Comments

Comments

yet another Bruce October 23, 2020 9:48 AM

I am surprised that the tools are so inexpensive.

In the case of the San Bernardino shooters, Reuters reported “FBI Director James Comey last week said the agency paid more to get into the iPhone than he will make in the remaining seven years and four months he has in his job, suggesting the hack cost over $1.3 million, based on his annual salary.”

I note that James Comey may not be a 100% reliable source.

Winter October 23, 2020 10:59 AM

“Don’t ask “is this device secure?”
Rather, ask “which set of intelligence services has access?””

Do not as ”is this car secure?”. Rather ask “are the roads safe?”.

mark October 23, 2020 11:56 AM

sigh
And given what we know of too many of the police and sheriff departments in the US, there are much cheaper ways of unlocking the phone: gee, isn’t it a shame that the surveillance camera looking at you in the cell broke down before the officers came into the cell?

Winter October 23, 2020 12:07 PM

“On the safest roads, overpriced Tesla cars ignite spontaneously while journalists like Michael Hastings have “unfortunate accidents.””

36,000 people die on US roads each year. That is not igniting Teslas or murdered journalists. Neither are these the results of car failures. The large majority of the fatalities are the consequences of traffic and drivers.

Same with mobile phones. These work on networks. Your safety on these networks depends more on the “traffic” conditions than on your mobile.

Paul Erdos October 23, 2020 12:51 PM

Clean up the roads? Your metaphor is flawed.

Mobile devices are designed to betray their users. Convenience is the lure.

Of course, all those billionaires in the tech industry would rather deflect blame elsewhere. Hire out retired tech celebrities to write apologias for their monopolist abominations.

Don’t hate the sinner, hate the sin. Don’t blame big tech, blame the Internet…

stine October 23, 2020 1:38 PM

Gwinnett County Police have one… I know this because my phone has connected to it. It makes for excessive battery drain and interrupted calls at 3am…

xcv October 23, 2020 1:47 PM

We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant. To our knowledge, this is the first time that such records have been widely disclosed.

Why aren’t the results of these “cell phone extractions” disclosed on the record in criminal court cases? If so, why aren’t the public defenders and professional defense attorneys raising any objections to the constitutionality of the illegal searches and seizures being conducted without a warrant?

Why aren’t the law enforcement officers involved being held accountable for their petty thefts, invasion of privacy, stalking, sexual misconduct and other violations of human rights?

And if the data from the “cell phone extractions” are being improperly disclosed to the judge in chambers with or without representation of the defense, then why aren’t the judges being impeached, removed from office, tried at court-martial, and convicted of high treason for their fraternization?

Is there some kind of “due process” here, or has the rule of law been abdicated to total anarchy throughout the United States?

vas pup October 23, 2020 2:04 PM

That is just “1984” on steroids.
LEAs of levels should get court order to justify such action except when owner of the phone is unknown or suspect of the crime under Title 50 USC.

Procedure is the key. The more intrusive tools we provide to LEOs, the more strong procedure of their application should be.

I wish that all developers become subject of application towards them their inventions – just to get the taste of medicine they provided to the government.

jones October 23, 2020 2:11 PM

@xcv

<

blockquote>Why aren’t the results of these “cell phone extractions” disclosed on the record in criminal court cases?

<

blockquote>

One technique used to avoid legal problems during the discovery process involves a technique called “parallel construction.”

Dave Rudling October 23, 2020 2:25 PM

@Bruce
Your headline is, unusually for you, rather misleading. The report should best be described as:-
New Report on Police Mobile Device Search Capabilities
rather than
New Report on Police Decryption Capabilities

Yes, decryption is included and for those who use a 6 digit or more stupidly a 4 digit passcode the decryption capability is quickly guaranteed. Equally if a typically weak password is used the decryption time can be alarmingly short. If a proper strong password is used the decryption is much more problematic according to the report. There is nothing noteworthy about the decryption process for a mobile device in this sense. Of course any particularly sensitive date should be separately encrypted and not just rely on the whole-device encryption if it absolutely MUST be stored on a mobile device although why one would choose to do that is something I personally cannot envisage. In your home would you expect a safe made of mild steel to be a strongly armored repository?
What is important from the report is the widespread ease with which all the unsecured metadata can be extracted and the importance of what I still prefer to refer to as traffic analysis is often wildly underestimated. The place of encryption in overall security engineering risks being overstated by your headline.
Sorry, I think this is my first whinge at one your generally excellent posts.

xcv October 23, 2020 4:48 PM

@Chris

@ xcv,

“Anarchy” != “statism”

Statism is indeed anarchy when it’s a disorderly mob of statist enforcement thugs.

Clive Robinson October 23, 2020 4:52 PM

@ Chris, xcv,

“Anarchy” != “statism”

And Anarchy is not what many are told it is either.

For instance there is no reason why Anarchy should be considered bad, unless of course your pay packet depends on the opposite of Anarchy.

The Mirriam-Webster definition of “an absence of government” was apparently first used in 1539.

Other dictionaries effectivrly say it is a society in a state being free of not just a governing body but also without authorities, in effect “freely constituted.

More interestingly others say It also may refer to a group of people or society that rejects a hierarchy in all it’s usuall forms.

None of the definitions say anything about violence or crime or enemies of the state, or all that orher nonsense you get told.

More interestingly compare and contrast what “libertarians” claim with the three definitions.

Further if you think about it a sufficiently moral society needs no Government or Authoritarian hierarchy or even guard labour.

But without the distorted and abusive government with it’s guard labour, how could some people become at best “rent seekers” or rapers of the public purse…

So when you hear the cries of the disaster anarchy would be, follow the old advice and “follow the money” because the chances are the people giving such voice are making false claims to hide their self interest in having a gouernment hierarchy they can manipulate for their own benifit.

Sadly after fourty years of finding out just what a disaster hierarchical systems are in privacy, security and safety. We still cling to them like a small child to it’s comforter. Maybe COVID-19 will have woken a few enough to pull their heads out of the sand.

Thus realise that a society needs a government, like a fish needs a pair of roller skates.

Jonathan Wilson October 23, 2020 5:54 PM

Why aren’t device manufacturers like Apple finding ways to get hold of these tools, pulling them apart to figure out how they work and closing any exploits or vulnerabilities that the tools are using to get in? (including anything that makes cracking the passwords easier)

Clive Robinson October 23, 2020 6:16 PM

@ Paul Erdos,

Mobile devices are designed to betray their users. Convenience is the lure.

I tend to put it the other way around as,

“Mobile devices are,designed for user convenience and so betray them.”

Put simply due to the poor design of smart devices an attacker can reach around the security end point in the application to the “plaintext” user interface. So if the user looks on the device then the plaintext can be captured as they do it.

But the biggest security weakness realy is the “user” they do things for “convenience” such as biometrics and short numeric PIN/password, they also want the convenience of “recovery” if their phone gets broken or stolen…

Thus security goes under the front wheels of the bus as the user hops on and gets taken for a ride…

Unlike many people I do not use “security apps” on smart devices and probably never will. If some one insists, they can buy me a smart device and pay for the service provision because I will only ever use it with them.

The reason is their convenience is of zero interest to me, and I see no reason why I should make myself a target for their convenience. If they want or need to communicate with me securely then they can do it my way or not at all. Personally not at all suits me better in this day and age of “record it all, and store it forever” and legislation so broad much more than breathing lightly is effectively a hanging offense.

I would have thought the EuroChat debacle would have made people realise that modern smart devices are nor going to be secure as long as they are used for convenience…

There are ways you can have any level of message contents security you want but that means a degree of inconvenience… Oh and with the way the networks currently work you can not have either meta-data security or traffic security… As has been pointed out before traffic analysis can tell rather more almost instantly than cracking message security. But… For LEO’s traffic analysis is not something they want to take in front of a jury or most judges. Because whilst it’s mostly legal it’s confusing to present mostly not realy upto being even circumstantial evidence, and way to open to challenge by a half way switched on defense team…

@ ALL,

That’s why the LEOs want “message contents” or viable “parallel construction”…

rrd October 24, 2020 10:39 AM

@ Winter

Very well said, indeed.

Anarchy is merely the regression to the ebbs and flows of sub-group moralities. As you correctly say, history has generally shown to lead to very bad outcomes.

There are cases, however, where — especially in times of great trouble, such as natural disasters — people actually activate their higher instincts and come together to selflessly serve their entire community. In such situations, our having been shocked out of the normal survival-stress-free complacency our technological societies provide serves as the necessary activation energy.

Ultimately, what determines how such disasters are handled is the level of cooperation verses competition the local societies inculcate in their citizens from childhood. Competitively-tuned people tend to capitalize on such situations to seek greater advantage over their perceived enemies. For societies that encourage a cooperative ethos, working together comes much more naturally and easily.

Ultimately and unfortunately, in our current world situation, the homogeneity of each locality’s population will likely determine which direction a society in distress trends toward, as we have still as yet failed to overcome our innate mammalian perspectives related to ethnic and minor cultural differences. For such semi-peacefully coexisting sub-cultures, the volcano of violence is often merely lurking beneath the surface.

That is why our personal moral imperative is so very important to our individual and collective survival, for only with a firm personal moral foundation of selfless cooperation can we ever hope to erect moral structures within our societies and governments, themselves.

Winter October 24, 2020 11:54 AM

@rrd
“There are cases, however, where — especially in times of great trouble, such as natural disasters — people actually activate their higher instincts and come together to selflessly serve their entire community.”

This is the normal situation. People are social and will collaborate to the common good. This is a “Good Thing” in smaller communities.

However, in larger communities, this will devolve into Us against Them competition. Then the “Greater Good” of Us is the detriment of Them.

This is why I think “No One Rules” is not a stable form of society. Some group will organise against the rest.

rrd October 24, 2020 12:28 PM

@ Winter

This is only the case in societies that fail to self-evolve themselves beyond their mammalian defaults. At this point in history, very few of the societies — especially the large, resource-rich, dominant ones — across our Earth are doing any such thing.

You said:

This is why I think “No One Rules” is not a stable form of society.

But, the reality is that WE EACH RULE our own inner world of attitudes, thoughts and deeds. And when groups of like-oriented folks gather together, their collective free wills create inertia in the events of this world, for sometimes better but very often for worse.

All the traits you describe are the direct result from our competition born of our mammalian instincts, which are driven by our individual and collective vices as understood by we who have the ability to discern right from wrong, selfless from selfish, helpful from oppressive, honest from deceitful, kind from mean, loving from hateful, …

It’s our choice,
each of us,
each day,
to learn
what needs to be better,
how to make it better,
and then
to actually make it better,
starting with
our own dammed selves.

Only once one goes within themself and connects with the Ineffable do we begin to understand how the following is not only possible, but the right thing to do, the only direction to orient ourselves, for everyone’s peace, everyone’s security, and everyone’s happiness, world-effing-wide:

On Earth as it is in Heaven

Selfless, compassionate, generous love is the only path that leads to that glorious destination.

No one achieves a difficult goal without embracing honesty as their primary modus operandi, because if we aren’t honest with ourselves, how will we manage to be honest with the project’s progress and what we perceive of it?

“When a man lies, he murders some part of the world.”
–Merlin in the movie “Excalibur”

“Love, baby. Love. Yeah, that’s the secret.”
–Pops

xcv October 25, 2020 2:53 PM

@jones

One technique used to avoid legal problems during the discovery process involves a technique called “parallel construction.”

The Fourth Amendment has it that no Warrants shall issue, but upon probable cause, supported by Oath or affirmation …

So your “parallel construction” would involve lying under oath about the probable cause by which a search or seizure was conducted, which is not a bright idea in federal court.

Witnesses for the prosecution will have to answer under cross-examination, “How did the investigators or law enforcement officers in this case first become aware that a crime had taken place?”

Clive Robinson October 25, 2020 5:00 PM

@ xcv,

The Fourth Amendment has it that no Warrants shall issue, but upon probable cause, supported by Oath or affirmation …

And what about LEO activities that do not require a “warrant”?

Traffic cops can pull you over any time, effectively based on their “opinion”. They can claim to smell something funny the next thing you know the K9 is chewing your upholstery in response to a half hidden hand signal from it’s handler and you are starting in on a world of pain be it physical, emotional, financial or all three.

Most LEO’s know which games to play, whilst the rest of us can only guess what they are actually upto and on who’s orders / behalf.

The best advice is do nothing say effectively nothing untill you get proffessional advice, which is usually –unless you are rich is,– “cop a plea deal”…

It’s not at all difficult to find stories of what police do…

https://www.foxnews.com/us/breonna-taylor-ex-boyfriend-codefendant-plea-deal-organized-crime-syndicate

https://edition.cnn.com/2020/10/11/us/breonna-taylor-police-documents/index.html

xcv October 25, 2020 6:15 PM

@ Clive Robinson

And what about LEO activities that do not require a “warrant”?

Traffic cops can pull you over any time, effectively based on their “opinion”. They can claim to smell something funny the next thing you know the K9 is chewing your upholstery in response to a half hidden hand signal from it’s handler and you are starting in on a world of pain be it physical, emotional, financial or all three.

I am not suggesting that the Fourth Amendment leaves room for lawlessness. Crimes such as a violent robbery in open day do not require a warrant in cases of “hot pursuit” immediately from the scene of the crime at the time at the time it is committed and immediately apparent without detective work.

Some people are scared of dogs, and dogs and other animals tend to hate drugs used recreationally by humans. The hidden hand signals from a K9 handler are a myth. Dogs aren’t that educated, and cops don’t want dogs that are violent or aggressive. They “run and play” as soon as they get about 20 feet from the handler, and return on command. Cops observe the behavior of the dog and its reaction to situations, and may use a dog to “break the ice” in social situations, or lessen the probability of violence in interactions with the public.

Clive Robinson October 26, 2020 2:35 AM

@ xcv,

… do not require a warrant in cases of “hot pursuit” immediately from the scene of the crime …

Which is my point. The LEO’s on knowledge from otherwise private communications, know where and when you are going to be somewhere and they “engineer” a crime for you to be in. They then by the simple process of escalation by using “In plain sight” and similar notch it up.

With regards,

Some people are scared of dogs

The LEO’s do not care one jot if you are scared of a dog. If it makes you nervous then they will push it as that just makes it easier for them to sling in a “resisting arrest” or similar charge.

The hidden hand signals from a K9 handler are a myth. Dogs aren’t that educated, and cops don’t want dogs that are violent or aggressive.

Hand signals to control a dog are very far from a myth, somebody I know trains not just dogs but other animals to respond not just to voice commands but hand and other signals. I’ve seen her get a border collie to follow basic hand signals in half a day such that it will do basic performance in public, not just sit and down but go left and right and through hoops etc.

The hand signals are not hidden from the dog but from a vehicle owner simply by the K9 officer positioning themselves to stand with their body blocking the signal from the vehicle owner not the dog.

cops don’t want dogs that are violent or aggressive.

That depends on the type of cop and the job being done and your definition of violent or aggressive and which end of the dog is pointed at you at the time. Some dogs are trained to half crouch and bark and growl at people, which looks extreamly aggressive to the person who is subject to it. Other dogs are trained to grab people using their teeth to “bring them down” to stop them escaping etc which for the person is violent behaviour.

But even well trained family dogs can look agressive when at play with a toy or with a food item such as a bone or just playing with their owner. It does not mean the dog is aggressive or violent just that it’s enthusiasm can look that way. In the UK we have an expression about it when someone is being over enthusiastic we say they are “At it like a dog worrying a bone”.

As for how “educated” dogs can be well hardly a year goes by without scientists showing that they are smarter than we previously thought.

For instance we now know that certain breeds of dog can not just smell a person is ill before the person knows it, the dogs behaviour indicates it is trying to tell the person. Recent tests have shown that dogs can be trained to recognize people that have COVID-19 very soon after they’ve become infected, they give us a “30 second test” which has the same kind of false positive and negative rates as expensive tests that take an hour or so to give results. Thus people can be pre-screened into different groups quickly and further testing applied. So speeding testing up and significantly reducing not just the cost but risk of cross infection.

fajensen November 3, 2020 9:18 AM

The hidden hand signals from a K9 handler are a myth. Dogs aren’t that educated,

A professional trainer, using a “professional” breed, like Alsatians and Belgium Sheepdogs, could absolutely teach a dog a magick gesture or word! I would think that a police dog handler is a professional, at the Danish police he/she keeps and trains their police dogs, they are paid to do it. They have a “curriculum” but the dog can learn more.

I have done it, with my dog – not the tearing into upholstry and people, but:

I have a Flatcoated retriever, who, like the breed in general, is a pretty happy, stupid and silly dog but also friendly and easy to train with a soft attitude and positive reinforcement.

Being a gun-dog she understands hand signals (so I don’t have to yell 300 meter out), and she understands “sentences” when I put “command-words” into them. She understands when to stay put and when to run over to people and slobber all over them based on my body language – she always looks at me before doing anything.

She never runs away when out walking in the forest without a line and she knows where the garden borders are and will rarely cross them (unprovoked, for cats and squirrels must be chased as a matter of principle).

I am not a professional dog trainer in any way. Just an amateur.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.