Good idea. Digital equivalent to having to break down the door and change the locks. - works but messy enough to keep LE honest.
On Sat, May 11, 2013 at 2:20 AM, Steve Pirk <[email protected]> wrote: > I like Google's approach, resetting the password and then supplying that > the LE. You definitely get notified. I am wondering what happens when you > have two factor author enabled? I imagine you would receive an SMS the > first time LE tries to log in. You could then reset the password and make > them go through the whole process again. :-) > On May 10, 2013 7:00 PM, "Jeffrey Walton" <[email protected]> wrote: > >> Why break it when you can go around it.... >> >> >> http://news.cnet.com/8301-13578_3-57583843-38/apple-deluged-by-police-demands-to-decrypt-iphones/ >> >> Apple receives so many police demands to decrypt seized iPhones that >> it has created a "waiting list" to handle the deluge of requests, CNET >> has learned. >> >> Court documents show that federal agents were so stymied by the >> encrypted iPhone 4S of a Kentucky man accused of distributing crack >> cocaine that they turned to Apple for decryption help last year. >> >> An agent at the ATF, the federal Bureau of Alcohol, Tobacco, Firearms >> and Explosives, "contacted Apple to obtain assistance in unlocking the >> device," U.S. District Judge Karen Caldwell wrote in a recent opinion. >> But, she wrote, the ATF was "placed on a waiting list by the company." >> >> A search warrant affidavit prepared by ATF agent Rob Maynard says >> that, for nearly three months last summer, he "attempted to locate a >> local, state, or federal law enforcement agency with the forensic >> capabilities to unlock" an iPhone 4S. But after each police agency >> responded by saying they "did not have the forensic capability," >> Maynard resorted to asking Cupertino. >> >> Because the waiting list had grown so long, there would be at least a >> 7-week delay, Maynard says he was told by Joann Chang, a legal >> specialist in Apple's litigation group. It's unclear how long the >> process took, but it appears to have been at least four months. >> >> [Image and excerpt from ATF affidavit, which says Apple "has the >> capabilities to bypass the security software" for law enforcement.] >> >> The documents shed new light on the increasingly popular law >> enforcement practice of performing a forensic analysis on encrypted >> mobile devices -- a practice that can, when done without a warrant, >> raise Fourth Amendment concerns. >> >> Last year, leaked training materials prepared by the Sacramento >> sheriff's office included a form that would require Apple to "assist >> law enforcement agents" with "bypassing the cell phone user's passcode >> so that the agents may search the iPhone." Google takes a more >> privacy-protective approach: it "resets the password and further >> provides the reset password to law enforcement," the materials say, >> which has the side effect of notifying the user that his or her cell >> phone has been compromised. >> >> Ginger Colbrun, ATF's public affairs chief, told CNET that "ATF cannot >> discuss specifics of ongoing investigations or litigation. ATF follows >> federal law and DOJ/department-wide policy on access to all >> communication devices." >> >> In a separate case in Nevada last year, federal agents acknowledged to >> a judge that they were having trouble examining a seized iPhone and >> iPad because of password and encryption issues. And the Drug >> Enforcement Administration has been stymied by encryption used in >> Apple's iMessage chat service, according to an internal document >> obtained by CNET last month. >> Bypassing Apple's security >> >> The ATF's Maynard said in an affidavit for the Kentucky case that >> Apple "has the capabilities to bypass the security software" and >> "download the contents of the phone to an external memory device." >> Chang, the Apple legal specialist, told him that "once the Apple >> analyst bypasses the passcode, the data will be downloaded onto a USB >> external drive" and delivered to the ATF. >> >> It's not clear whether that means Apple has created a backdoor for >> police -- which has been the topic of speculation in the past -- >> whether the company has custom hardware that's faster at decryption, >> or whether it simply is more skilled at using the same procedures >> available to the government. Apple declined to discuss its law >> enforcement policies when contacted this week by CNET. >> _______________________________________________ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. >> > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. >
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
