Skip to main content

View Diary: Police violate Fourth Amendment in order to get their hands on nifty gadgets (305 comments)

Comment Preferences

  •  It is even worse than that. The Stingray (21+ / 0-)

    acts as a microcell which means it can capture all the voice, text, and data information from any cell phone in range.  You can bet that all the phone calls that got recorded and other data such as all the websites visited and text messages sent that got collected is going into some huge police database despite the fact that the police are not allowed to tap phones (whether voice or data) without a warrant.  Oh, and apparently it is fairly easy for anyone to turn a Verizon range extender into such a device with full wiretapping capability.  Note that while the hardware is available to anyone the bootloader exploit and custom firmware* has not been publicly released by the security researchers who did it.

    *Essentially, those devices are locked down so that only Verizon approved firmware (software) can be run on them.  However it is possible to bypass those locks with something called a bootloader exploit and install custom software modified to allow such wiretapping.

    You have watched Faux News, now lose 2d10 SAN.

    by Throw The Bums Out on Thu Mar 06, 2014 at 06:39:15 AM PST

    •  The proper modification of any what was once (4+ / 0-)
      Recommended by:
      mrblifil, gerrilea, Skyye, FarWestGirl

      termed a wireless device can do the same. Just need to feed it to a digital system.

      •  Yeah, but the femtocell has the advantage (3+ / 0-)

        of having all the hardware and software including decryption keys right there.  All that has to be broken is the signed bootloader process.  Of course, jailbreaks and bootloader unlocks are all over the place and even the mighty Xbox 360 fell though that required a hardware mod (the reset glitch hack).

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Thu Mar 06, 2014 at 07:31:12 AM PST

        [ Parent ]

        •  I've been told by people who know (1+ / 0-)
          Recommended by:
          gerrilea

          how these devices work that hacking into the decryption code within them isn't quite so easy as you suggest. I have no idea if they knew what they were talking about or were being honest, but that's what I was told. Do you know, for a FACT, that they were wrong, whether intentionally or not?

          "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

          by kovie on Thu Mar 06, 2014 at 08:06:43 AM PST

          [ Parent ]

          •  Yes, if you check the CNN link below you (0+ / 0-)

            will see that the hacked device was able to decrypt it as they actually used it to record and play back a call for the reporters.  That would not be possible if what you say is correct.

            You have watched Faux News, now lose 2d10 SAN.

            by Throw The Bums Out on Thu Mar 06, 2014 at 03:15:07 PM PST

            [ Parent ]

            •  Linkee (0+ / 0-)

              I don't feel like wading through all the comments to find a link to a CNN video that misrepresents how easy it supposedly is to hack one of these things into being able to listen to anyone's cell call. Forget CNN. Can you give me links to credible tech sites like ars technica or slashdot that claim this?

              "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

              by kovie on Thu Mar 06, 2014 at 05:16:35 PM PST

              [ Parent ]

        •  But how does the technology work... (0+ / 0-)

          if the battery is out of the phone.  It would be a completely passive device.

          •  It doesn't. The device acts like a small (0+ / 0-)

            cell tower which then routes the calls, texts, and data to Verizon over the internet.  When the bootloader is cracked and modified firmware is installed it can be used to wiretap just like the phone company does with a warrant only you don't need a warrant or anything like that.

            You have watched Faux News, now lose 2d10 SAN.

            by Throw The Bums Out on Fri Mar 07, 2014 at 12:26:24 AM PST

            [ Parent ]

    •  I thought these devices used the same encryption (2+ / 0-)

      as do regular tower cells, where the encryption takes place on the phone before the signal is transmitted, and isn't decrypted until it reaches the other phone (or the local landline switch office if that phone is a landline phone) making them as hard (or easy) to hack as them. If so, don't they simply allow one to narrow down one's targeting of phones to a much smaller vicinity, but still leaving one with the same problem of decryption?

      Plus, how likely is it that even with today's technology one handheld device is going to be able to capture, store and possibly even decrypt dozens if not hundreds of data streams simultaneously, and not be so expensive as to be unaffordable by most police departments, especially if they want hundreds of such devices to be distributed to multiple squad cars? I'm sure that the NSA and CIA and probably FBI has such devices, but a local PD?

      "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

      by kovie on Thu Mar 06, 2014 at 06:51:48 AM PST

      [ Parent ]

        •  And? (2+ / 0-)

          Perhaps that would allow it to offload captured data streams for later decrypting, but that would still leave the problems of one, can a device this small actually capture all those streams at once (storage is no longer an issue of course) even if it wasn't able to decrypt them in real time, and two, whether local PDs had the technology to do offline decryption (leaving aside the addition matter of the legality of doing so, especially since many of the calls in question likely cross state lines and are thus out of their jurisdiction)?

          I'm sure that there are devices that can do this, but they're probably very expensive and out of the reach of most PDs, and much more expensive if they can do real-time decryption (no doubt federal orgs have and can afford them). And what's the use of eavesdropping for PDs if not done in real time, at least for crime prevention (as opposed to crime investigation)?

          "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

          by kovie on Thu Mar 06, 2014 at 07:19:27 AM PST

          [ Parent ]

          •  I use a USB to stream all kinds of stuff. (2+ / 0-)
            Recommended by:
            Throw The Bums Out, sillycarrot

            What is on the shelf for us to buy is twenty years behind USA techno INC.

            •  I wouldn't be so sure about that, the (4+ / 0-)

              dsniff suite was way ahead of the Carnivore system.  Of course, that wasn't exactly from the shelf as you had to compile it yourself (but is ./configure --prefix=/usr/local, make, make install really that hard?) and it was all command line based.  Or to put it another way, think of all the talented people at Def Con, Blackhat, and CanSecWest and do you really think that the government can always be ahead?

              You have watched Faux News, now lose 2d10 SAN.

              by Throw The Bums Out on Thu Mar 06, 2014 at 07:29:26 AM PST

              [ Parent ]

            •  A USB what? (2+ / 0-)

              There are literally billions of devices out there that use USB. Be more specific. And whatever it is that you're referring to, can it capture 20, 50, 300 or even more streams at once, of high-bandwidth data?

              "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

              by kovie on Thu Mar 06, 2014 at 07:33:17 AM PST

              [ Parent ]

                •  No such comment (0+ / 0-)

                  You're being cryptic, no pun intended. Seriously, if you're going to discuss a topic, do so a bit more directly, not elliptically.

                  "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                  by kovie on Thu Mar 06, 2014 at 08:09:17 AM PST

                  [ Parent ]

                  •  I have seen with my own eyes (0+ / 0-)

                    The MIC bundle multiple cables in a Rube Goldberg manner in order to increase electron flow. I doubt they have changed their ways.

                    •  I don't know what this means (0+ / 0-)

                      If the point is to make a device portable enough that any cop can carry it in their squad car or on their person, then being able to expand its power by connecting it to other devices via USB cable kind of defeats that point, no?

                      There are surely all sorts of ways to build a device that can do all of these things, but I'm guessing that even today, to build one this portable is beyond the reach of most PDs, which is what we're talking about, not the feds.

                      Btw USB is but one way to connect devices, of which there are many, e.g. Firewire, SATA, Thunderbolt, SD, Bluetooth, ANT, WiFi, cellular, etc.

                      "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                      by kovie on Thu Mar 06, 2014 at 09:02:23 AM PST

                      [ Parent ]

              •  What are you doing that is 'high bandwidth'? (0+ / 0-)

                Most of what we do is actually pretty low bandwidth.  unless you're streaming video constantly, you're not using very much of the bandwidth available.  Certainly phone calls aren't that high, and things like texting and the handshaking that computers do to arrange visits to websites is very tiny.

                •  True, but when you're trying to capture (1+ / 0-)
                  Recommended by:
                  Bluefin

                  hundreds of simultaneous phone calls, texts, tweets, browsing, etc., with the additional overhead of encryption and meta data, I imagine that it can add up fast. Plus, with more people making either video phone calls, or audio-only phone calls, using VoIP and not just cellular (over either WiFi or a cellular data link), it gets kind of messy to capture all that, differentiate between all the different discrete data streams, AND decrypt it, no?

                  Again, I've no doubt that devices can be made, do exist, and are being used, that can do all this, but can your average PD really afford them, or even get access to one given the danger of their falling into the wrong hands due to one stupid and careless beat cop who had to go to the bathroom?

                  "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                  by kovie on Thu Mar 06, 2014 at 08:54:30 AM PST

                  [ Parent ]

      •  No, it is decrypted at the cell phone tower (8+ / 0-)

        (or range extender, or Stingray).  So by exploiting a security hole to jailbreak the range extender/femtocell box it is possible to turn it into a wiretapping device.  While that exploit has been fixed there are no doubt many others.  How do you think jailbreaking (iDevices) and bootloader unlocking (Android) work?  Here is some more info from CNN.

        And more info right from the horse's mouth: https://www.blackhat.com/...

        I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell

        I have a box on my desk that your CDMA cell phone will automatically connect to while you send and receive phone calls, text messages, emails, and browse the Internet. I own this box. I watch all the traffic that crosses it and you don't even know you're connected to me. Welcome to the New World, where I, not them, own the towers. Oh, and thanks for giving me the box... for free.

        This box is a femtocell, a low-power cellular base station given or sold to subscribers by mobile network operators. It works just like a small cell tower, using a home Internet connection to interface with the provider network. When in range, a mobile phone will connect to a femtocell as if it were a standard cell tower and send all its traffic through it without any indication to the user.

        The state-of-the-art authentication protecting cell phone networks can be an imposing target. However, with the rising popularity of femtocells there is more than one way to attack a cellular network. Inside, they run Linux, and they can be hacked.

        During this talk, we will demonstrate how we've used a femtocell for traffic interception of voice/SMS/data, active network attacks, and explain how we were able to clone a mobile device without physical access.

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Thu Mar 06, 2014 at 07:21:40 AM PST

        [ Parent ]

        •  I know about these devices (2+ / 0-)
          Recommended by:
          Mostserene1, Bluefin

          Sprint offers one called the Airvana, that my neighbor uses and through which many of my calls go since I live in a marginal signal area.

          However, it does actually alert when my calls go through it with three short beeps at the start of every call made or received. Plus, I can confirm that there's one in my vicinity by entering a special * code and then dialing. So it's not like this goes on without my knowledge or ability to know about it.'

          All bets are off of course with a hacked device that in theory could defeat these indicators, the difficulty of doing so being something I know nothing about although I'd like to believe that the FCC and perhaps DoJ and state and municipal laws make that very difficult and hugely illegal (which, of course, and sadly, tends to be of little concern to certain government agencies).

          All that said, there's still the matter of encryption and decryption, of which there are at least three cycles.

          First, the signal between your phone or other cellular device and the cell it's currently connected to (whether a standard one on a tower or building or a femto one in the apartment next door or some guy's lap). That is encrypted using one fairly robust protocol or another, whether the encrypted data is audio, video or more complex data such as in browsing.

          Second, the signal between the cell that your device is connected to and the end cell that's connected to the device on the other end of the "call" (whether a phone or other device) is encrypted, using some other presumably robust protocol or protocols. Most likely multiple protocols are involved, since virtually all signals go through multiple intermediary points before arriving at the intended destination. Some of these protocols are surely more robust than others, making this middle path the least secure one (and thus the one that the NSA appears to be using, for this as well as other reasons).

          And third, the signal between the final cell and the phone or device you're connected to. (There could be a fourth path, if that device is on yet another digital network, or no third path, if it's a landline).

          Presumably there's encryption at each and every one of these transfer points and on each and every one of the paths between them. The only points at which the data being transmitted could be in unencrypted are in the two end devices (e.g. two phones), and at each transfer point (be it a cell or other type of node), and those are, presumably, off-limits, at least to local PDs (the NSA is another story). So they'd have to be able to not only capture encrypted data at some point along its winding path from end to end, but be able to decrypt it.

          And I'm not convinced that most local PDs have the budget to afford the kind of technology to do that. We're not talking about capturing location and device ID data, i.e. metadata, but actual content. The NSA, CIA and likely FBI have such capabilities, but some podunk PD? I doubt it.

          "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

          by kovie on Thu Mar 06, 2014 at 07:54:22 AM PST

          [ Parent ]

          •  Well they actually demonstrated it by (0+ / 0-)

            recording a call for the CNN reporters and then playing it back for them so obviously the encryption and those other indicators weren't a problem.  What you are saying directly conflicts what those researchers did and demonstrated in person with an actual modified device.

            You have watched Faux News, now lose 2d10 SAN.

            by Throw The Bums Out on Thu Mar 06, 2014 at 03:16:29 PM PST

            [ Parent ]

        •  Bootloader unlocking is not always possible (2+ / 0-)
          Recommended by:
          Mostserene1, FarWestGirl

          things such as single-state fuses are used in the device, for example.  Best you can sometimes do is run a bootstrapped OS on the device, but that doesn't mean you're running the original OS and all it provides in terms of proprietary keys, etc.

          Sure, there's always going to be clever people and groups looking for weaknesses and exploits, but such things are slowly getting tougher when it comes to wireless devices, IMHO.

          "So, please stay where you are. Don't move and don't panic. Don't take off your shoes! Jobs is on the way."

          by wader on Thu Mar 06, 2014 at 07:56:11 AM PST

          [ Parent ]

          •  I wouldn't be so sure about that, if you (0+ / 0-)

            check over on xda-developers you will find unlocks for pretty much everything.  Not to mention every iOS release so far has been successfully jailbroken even on the newest iDevices.

            You have watched Faux News, now lose 2d10 SAN.

            by Throw The Bums Out on Thu Mar 06, 2014 at 03:13:35 PM PST

            [ Parent ]

            •  I'm an XDA member (2+ / 0-)
              Recommended by:
              kovie, Larsstephens

              and can rattle off names of many devices whose bootloaders are locked to the point of possibly hard-bricking if you try to overwrite those regions with improperly signed versions, unfortunately.  Manufacturers and service providers are getting more serious about locking bootloaders in manners which will inhibit the casual or serious hacker - often, claiming support cost avoidance, but that's flimsy.  They want to lock you into their device and their associated service plans, at the very least.

              I bet they aren't caring much at this moment about potentially illegal uses of devices which have been hacked, but probably have growing pressure from law enforcement and intelligence agencies in that regard . . . so two birds with one stone.

              Bootstrapping is a different path for such devices: you boot up a parallel OS on the same system, essentially bypassing the primary installation.  But, it doesn't always give you the keys to the kingdom from that original install.

              "So, please stay where you are. Don't move and don't panic. Don't take off your shoes! Jobs is on the way."

              by wader on Thu Mar 06, 2014 at 03:35:52 PM PST

              [ Parent ]

              •  Exactly (1+ / 0-)
                Recommended by:
                wader

                There's this weird misconception that getting root access to a device be it a phone or Unix server means that you also get access to any unencrypted data on it. Not at all true. I don't know how people come to this conclusion except that they're technically ignorant.

                If I break into your house, does that give me the access code to your home alarm or safe? Of course not.

                "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                by kovie on Thu Mar 06, 2014 at 05:13:15 PM PST

                [ Parent ]

                •  Yes it does, unless the device is using (0+ / 0-)

                  something fancy like SELinux with kernel module loading disabled and /dev/mem and /dev/kmem heavily protected and even then there are ways around it.  If I have root then I can just read any data in RAM by reading /dev/mem directly or just install my own kernel module.  Or to put it another way, if you break into my house you can install pinhole cameras and such to get the codes to my alarm and/or safe.

                  You have watched Faux News, now lose 2d10 SAN.

                  by Throw The Bums Out on Fri Mar 07, 2014 at 05:01:11 AM PST

                  [ Parent ]

              •  I am surprised that there aren't several (0+ / 0-)

                phones that will boot fine with an invalid bootloader then brick later.  In other words, they work fine for a while to make you think the bootloader unlock/crack worked but then stop working after a random delay of say 1-5 months.

                You have watched Faux News, now lose 2d10 SAN.

                by Throw The Bums Out on Fri Mar 07, 2014 at 06:51:40 AM PST

                [ Parent ]

                •  Take the example of my Samsung Galaxy S III (0+ / 0-)

                  I can root the phone at its latest level of Android OS from Samsung/Verizon, but the bootload chain is now signed and encrypted practically from start to finish - prior exploits which overwrote unsigned/unencrypted portions of the bootchain and allowed for installing+running custom recoveries are no longer available.

                  Boot time sigs/encryption are being checked by hardware, which means that reverse engineering the keys is, for all intents and purposes, impossible for mere mortals.  If I tried to overlay a custom recovery+OS which could use the hardware for pretty much any purpose imaginable, the processor will find an incorrect signature on bootup and it bricks, immediately.  Meanwhile, a flag gets tripped which cannot be unset and tells the service provider that the phone was compromised.

                  So, I can update my phone with slightly edited versions of the latest stock OS, but no other recoveries or OS versions.  There's still potential to get into some of its guts with root access, but there are now limits on how crazy anyone could go with this device.

                  Samsung isn't the first to do this, as Motorola has been doing this at behest of service providers for awhile.  Other manufacturers are following similar paths.

                  "So, please stay where you are. Don't move and don't panic. Don't take off your shoes! Jobs is on the way."

                  by wader on Fri Mar 07, 2014 at 08:27:16 AM PST

                  [ Parent ]

                  •  I thought you could downgrade to an (0+ / 0-)

                    earlier system through ODIN and then flash that bootloader that lets you run unsigned OSes from there.

                    You have watched Faux News, now lose 2d10 SAN.

                    by Throw The Bums Out on Fri Mar 07, 2014 at 09:23:52 AM PST

                    [ Parent ]

                    •  Instant brick due to what I described, (0+ / 0-)

                      since the latest Android OS update (r4.3).  For example, Verizon Wireless apparently asked Samsung to sign+encrypt previously exploited areas of the boot chain and also to kick off the Knox fuse when attempts to overwrite with wrong signature are made.  Unless someone exposes the security key(s) or provides an unsigned version of r4.3, Galaxy S and Note phones are locked down since upgrading to that stock OS level.

                      Motorola has had this situation for awhile (minus Knox).

                      "So, please stay where you are. Don't move and don't panic. Don't take off your shoes! Jobs is on the way."

                      by wader on Fri Mar 07, 2014 at 09:40:11 AM PST

                      [ Parent ]

                      •  Well then what do you make of (0+ / 0-)

                        this thread then?  It is apparently a way to install a custom recovery on 4.3.  

                        Interestingly enough it seems that when it "bricks" that does not disable ODIN mode, you would think that it would require at least that special SD card to recover from if not a JTAG for maximum security.

                        You have watched Faux News, now lose 2d10 SAN.

                        by Throw The Bums Out on Fri Mar 07, 2014 at 09:50:06 AM PST

                        [ Parent ]

                      •  Nevermind, that was for AT&T (0+ / 0-)

                        rather than verizon.  Looks like SafeStrap is currently the only option (though I don't see why kexec couldn't then be used to then boot a different kernel).

                        You have watched Faux News, now lose 2d10 SAN.

                        by Throw The Bums Out on Fri Mar 07, 2014 at 10:02:21 AM PST

                        [ Parent ]

    •  There's always a backdoor (8+ / 0-)

      No matter how secure someone tells you a system is, there is always, ALWAYS a backdoor that enables all the hardware features to be accessed.

      •  Yeah and security conferences like (4+ / 0-)

        Blackhat, Def Con, and CanSecWest are where they have all the nice presentations on how to do all that stuff.  From the femtocell wiretapping hack to how the Xbox 360 reset glitch was discovered and used to how the Wii U was cracked open to even a keystroke logger that can be plugged into any outlet in the house or even built into a power meter.  That's right, your cable box could be monitoring everything you type on your computer right now (ok, so the researchers were only able to get it working with PS2 keyboards but that was in 2009 and 4 years is plenty of time to make it work with USB keyboards as well)!

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Thu Mar 06, 2014 at 07:25:42 AM PST

        [ Parent ]

      •  Just because you've discovered a back door (3+ / 0-)

        to encrypted data doesn't mean that you can therefore decrypt that data. I find it hard to believe that RSA-level encryption can be defeated this easily. That's like finding a backdoor to a bank vault. You still have to open the vault!

        "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

        by kovie on Thu Mar 06, 2014 at 08:11:16 AM PST

        [ Parent ]

        •  Ok that is the most technical comment I (1+ / 0-)
          Recommended by:
          FarWestGirl

          have ever not understood. But seems really interesting.

          RSA?

          •  Assuming you're not being dismissively snarky (4+ / 0-)

            and really want to know what I meant, I meant that as I understand it, a digital "backdoor" gets you access to a given set of data or code, but doesn't necessarily give you the ability to understand or do much with it, just as getting access to a bank's locked safe doesn't mean that you've opened it.

            For example, every corporation in the world has computers and servers on which it stores vital confidential data. These devices are usually protected from access by unauthorized people by various physical and digital measures, e.g being in a locked and secure room, firewalls, passwords, audit trails, etc. But even if one somehow managed to get past all these safeguards to access these devices and the data on them, you'd still have to decrypt that data, and assuming they used RSA-level encryption (RSA is a commonly used and very secure encryption algorithm), that would be quite some challenge.

            Does this make sense, or were you, in fact, being dismissively snarky?

            "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

            by kovie on Thu Mar 06, 2014 at 08:35:12 AM PST

            [ Parent ]

            •  No not at all I rec'd you so you'd know (1+ / 0-)
              Recommended by:
              FarWestGirl

              I can type fast, understand quick but you guys were losing me.

              Also tried to give you caselaw below about fishing for decryption.

              Apparently there is a huge line at Apple to decrypt Iphones (which again is kinda strange) in addition to the things I noted. There were a bunch of articles about it last year.

              Strange that police need to go to Apple. Also, I'd think a lot are just to "see" an issue in itself.

              You get me on a murder rap. I don't see why you need to see what's on my computer too. But who knows I didn't read may be just in cases where it applies. Funny that sounds optimistic.

              •  Now I don't understand you :-) (2+ / 0-)
                Recommended by:
                ClevelandAttorney, FarWestGirl

                If you're a murder suspect, can't the police easily obtain a warrant to search your computer and other devices to find evidence implicating you in it?

                But in any case we're not talking about legitimate suspects and ensuing warrants, but surveillance that falls outside such circumstances and is thus of questionable legality. I'm guessing that both statutory and case law lag technology at present, and likely always will.

                "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                by kovie on Thu Mar 06, 2014 at 08:57:36 AM PST

                [ Parent ]

                •  Sorry, (2+ / 0-)
                  Recommended by:
                  kovie, FarWestGirl

                  yes I do see why if I am arrested. (You should be a lawyer you parse my words well and are good at creating grey matter).

                  I meant I don't know as I did not read the Iphone article, although there were a bunch of them "Apple says get in line to Police waiting to Decrypt".

                  My first assumption was - these people already are sentenced in SOME cases. And loosely commenting that if you have me behind bars for murder why do you need my pin number for my iphone? Or me to log into my computer?

                  Under the guise of finding something more or as an excuse?

                  Whereas yes I agree that in building a case discovery would probably get me a warrant for your phone and all your activity unless it serves no purpose whatsoever.

                  I would assume a lot are simply confiscated and being decrypted because we like info. Not to prove a smoking gun. But I don't know.  

                  I don't mean to confuse. I think you understand me.

                  •  Yes, I think I understand now (2+ / 0-)
                    Recommended by:
                    ClevelandAttorney, FarWestGirl

                    Again, IANAL but it seems fairly obvious to me that once someone has been convicted, unless a judge can be convinced to reopen a case, the police no longer have a good reason to search that person's property, even if it's still in their possession, with or without a warrant, unless it can be connected to another, still-open case, and a judge agrees.

                    Of course, that's the theory. In practice, no doubt PDs violate this all the time with impunity and judges let them get away with it.

                    "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                    by kovie on Thu Mar 06, 2014 at 09:32:51 AM PST

                    [ Parent ]

                    •  Yes exactly I think you are dead right (1+ / 0-)
                      Recommended by:
                      FarWestGirl

                      and I was commenting in passing although perhaps based on those articles if I read a bit more maybe we are not far off.

                      I do not see how there is a "line" for Apple to decrypt?

                      Also why would they need Apple?

                      •  I'm guessing that what's meant here (2+ / 0-)
                        Recommended by:
                        FarWestGirl, ClevelandAttorney

                        is that government entities such as local PDs, the FBI, NSA, etc., have asked Apple to help them get access to decrypted versions of certain data that Apple currently has possession of and the means to decrypt it, that these agencies cannot otherwise do on their own, at least lawfully. But that's just my guess.

                        "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                        by kovie on Thu Mar 06, 2014 at 10:13:29 AM PST

                        [ Parent ]

            •  Yes it makes sense (0+ / 0-)

              I can access it. But I don't speak that language. So it's a false assumption if I have a "back-door" that everything is there to be read without more? As getting in is only one step?

              •  In some cases, I'm sure, the "back door" (2+ / 0-)
                Recommended by:
                FarWestGirl, ClevelandAttorney

                grants you complete access to the data and code, to do with as you please. But these are increasingly rare, even on your average underprotected personal PC or device, which almost always come with SOME kinds of built-in protection (some required by law, other prudent for business reasons).

                Thus there's always at least two steps involved in such things.

                First, obtain the data you want, be it by "capturing" it if it's being transmitted, whether over the airways or via wire or fiber, or by "breaking into" the devices on which it's being stored (either physically and/or digitally)--all of which call for specialized and sophisticated devices, not always legal to own and use and often quite expensive and difficult to obtain and use.

                And second, be able to use the data in such a way as to make it of use to you, whether this means actual decryption, or being able to read a proprietary database scheme or file format in a way that makes sense to you.

                It's hard enough to do the former, but the second as well, makes it that much harder, more expensive, and of dubious legality.

                "Reagan's dead, and he was a lousy president" -- Keith Olbermann 4/22/09

                by kovie on Thu Mar 06, 2014 at 09:50:00 AM PST

                [ Parent ]

    •  I bet those cops have got SCMODS. (2+ / 0-)
      Recommended by:
      DerAmi, MusicFarmer

      Sure once I was young and impulsive, I wore every conceivable pin. Even went to socialist meetings, learned all the old union hymns. Ah, but I've grown older and wiser. And that's why I'm turning you in. http://www.youtube.com/watch?v=u52Oz-54VYw

      by SouthernLiberalinMD on Thu Mar 06, 2014 at 07:59:08 AM PST

      [ Parent ]

    •  asdf (2+ / 0-)
      Recommended by:
      MusicFarmer, happymisanthropy

      "Shit."
      "What?"
      "Rollers."
      "No."
      "Yeah."
      "Shit."

      Sure once I was young and impulsive, I wore every conceivable pin. Even went to socialist meetings, learned all the old union hymns. Ah, but I've grown older and wiser. And that's why I'm turning you in. http://www.youtube.com/watch?v=u52Oz-54VYw

      by SouthernLiberalinMD on Thu Mar 06, 2014 at 08:00:05 AM PST

      [ Parent ]

    •  The light was yellow, sir. n/t (1+ / 0-)
      Recommended by:
      MusicFarmer

      Sure once I was young and impulsive, I wore every conceivable pin. Even went to socialist meetings, learned all the old union hymns. Ah, but I've grown older and wiser. And that's why I'm turning you in. http://www.youtube.com/watch?v=u52Oz-54VYw

      by SouthernLiberalinMD on Thu Mar 06, 2014 at 08:00:18 AM PST

      [ Parent ]

    •  in other words (1+ / 0-)
      Recommended by:
      sillycarrot

      your cellphone is pretty much the modern equivalent of the old "party line" telephone.

      •  Not exactly. With a party line anyone else (0+ / 0-)

        using that line can listen in.  It is more like your cellphone being the equivelant of a PBX system (you know, those phone systems some companies have where you have to dial "9" to get an outside line?).  If it were like a party line then anyone with a hacked cell phone could listen in and that is not possible, you have to hack a cell phone tower (those range extenders are nothing more than a small cell tower and an ethernet card).

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Fri Mar 07, 2014 at 07:30:00 AM PST

        [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site