21 votes

How police are “breaking phone encryption”

9 comments

  1. [2]
    rkcr
    Link
    I've heard recommendations to restart your phone if you ever know you're about to come into contact with the police (like a traffic stop).

    I've heard recommendations to restart your phone if you ever know you're about to come into contact with the police (like a traffic stop).

    9 votes
    1. joplin
      Link Parent
      Yeah, this would have the effect I intended in my reply to teaearlgraycold.

      Yeah, this would have the effect I intended in my reply to teaearlgraycold.

      1 vote
  2. [4]
    teaearlgraycold
    Link
    One important fix for this would be to allow Siri to turn off your iPhone. I would love to have a shortcut called “Unlock my iPhone” that turns it off. Then you’re in the BFU state. Importantly...

    One important fix for this would be to allow Siri to turn off your iPhone. I would love to have a shortcut called “Unlock my iPhone” that turns it off. Then you’re in the BFU state. Importantly this means you can’t use face or touch ID either.

    7 votes
    1. [3]
      joplin
      Link Parent
      In case you aren't aware, you can hit the side button 5 times to put it into that state. This is fairly easy to do if you're handing it to someone else, but obviously can't be done once you've...

      In case you aren't aware, you can hit the side button 5 times to put it into that state. This is fairly easy to do if you're handing it to someone else, but obviously can't be done once you've handed it over.

      Also, you can pair-lock your iPhone so that it won't give up info to devices connected directly to it. It will only ever respond to the device you locked it to. (This can be a problem if the other device ever dies, but if you're at the level where state actors are out to get you, it's a worthwhile precaution to take.)

      4 votes
      1. [2]
        Moonchild
        Link Parent
        This comment indicates otherwise.

        you can hit the side button 5 times to put it into that state

        This comment indicates otherwise.

        4 votes
        1. joplin
          Link Parent
          Ah, I see. Yeah, I guess that makes sense. It just makes it so they can't point it at your face to unlock it. Good to know!

          Ah, I see. Yeah, I guess that makes sense. It just makes it so they can't point it at your face to unlock it. Good to know!

          1 vote
  3. RapidEyeMovement
    Link
    So my take away from this, the phone is 'pretty secure' in Before First Unlock (BFU) mode. In an After First Unlock(AFU) mode your phone can be broken into using 'Off the Self' police tools. In...

    So my take away from this, the phone is 'pretty secure' in Before First Unlock (BFU) mode. In an After First Unlock(AFU) mode your phone can be broken into using 'Off the Self' police tools.

    In any interaction w/ the police, at least restart the phone. It would be nice if the Camera functionality worked in this BFU mode.

    1 vote
  4. [2]
    JXM
    Link
    Since this is only for the iPhone, does anyone know of a similar breakdown for Android phones? Or does it vary so widely by make and model that you'd have to do it for each phone?

    Since this is only for the iPhone, does anyone know of a similar breakdown for Android phones? Or does it vary so widely by make and model that you'd have to do it for each phone?

    1 vote
    1. RapidEyeMovement
      Link Parent
      There is a linked paper that goes into depth about Android ecosystem along with the iPhone.[1] Reading the 'Executive Summary' and 'Conclusion' might be worth it to you. Skimming through in...

      There is a linked paper that goes into depth about Android ecosystem along with the iPhone.[1] Reading the 'Executive Summary' and 'Conclusion' might be worth it to you.

      Skimming through in regards to Android, it is what I would expect. Androids late to the party with strong encryption, and the fragmented ecosystem that often doesn't see updates. But the same basic bone structure is there, in regards to encryption. Meaning that if you haven't unlocked your device, most 'off the self' police equipment wont be able to access your data.

      In Android we find strong protections emerging in the very latest flagship devices, but simultaneously fragmented and inconsistent security and privacy controls, not least due to disconnects between Google and Android phone manufacturers, the deeply lagging rate of Android updates reaching devices, and various software architectural considerations. We also find, in both platforms,exacerbating factors due to increased synchronization of data with cloud services.[page 1]


      encryption can be summarized in brief: is the data encrypted using a strong cipher, and wherea re the keys? We find that while much data on iOS and Android is stored encrypted, the keys are often available in memory. This creates an opportunity for a compromised OS kernel to exfiltrate data as we see in various forensic tools and bypasses. Further, in Android we find that many widely-used but outdated versions of Android offer even more limited coverage of encryption, up to as weak as only encrypting data when the device is off. While modern versions offer strong and more granular file-based encryption, older models are relegated to disk encryption; disk encryption is wholly unprepared for the stronger adversaries we consider in our threat model, where running devices may be seized at any time. In the cloud, both platforms extensively store user data on behalf of devices, and while there are options for end-to-end encrypted content such as app developer opt-in backups on Android and certain data categories on iOS, this coverage is limited due to design decisions by Apple and Google[page 77]

      Strong Caveat: It should be assumed that All State Level actors will be able to gain access to any device if they have physical access to said device. And if you are a high value target they can probably do it remotely too. (see the Bezos hack for proof) You need to understand your personal threat model when making any decisions about your data security, some random dude on the internet cannot do that for you.

      3 votes