BC CRIME
Saved by @Mollyycolllinss

My students @maxzks and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/

 This was prompted by a claim from someone knowledgeable, who claimed that forensics companies no longer had the ability to break the Apple Secure Enclave Processor, which would make it very hard to crack the password of a locked, recent iPhone. 2/
We wrote an enormous report about what we found, which we’ll release after the holidays. The TL;DR is kind of depressing:

Authorities don’t need to break phone encryption in most cases, because modern phone encryption sort of sucks. 3/
I’ll focus on Apple here but Android is very similar. The top-level is that, to break encryption on an Apple phone you need to get the encryption keys. Since these are derived from the user’s passcode, you either need to guess that — or you need the user to have entered it. 4/
Guessing the password is hard on recent iPhones because there’s (at most) a 10-guess limit enforced by the Secure Enclave Processor (SEP). There’s good evidence that at one point in 2018 a company called GrayKey had a SEP exploit that did this for the X. See photo. 5/
There is really no solid evidence that this exploit still works on recent-model iPhones, after 2018. If anything, the evidence is against it.

So if they can’t crack the passcode, how is law enforcement still breaking into iPhones (because they definitely are)? 6/
The boring answer very likely is that police *aren’t* guessing suspects’ passcodes. They’re relying on the fact that the owner probably typed it in. Not *after* the phone is seized, in most cases. Beforehand. 7/
You see, iPhones can be in one of two states, which are respectively known as “Before First Unlock” (BFU) and “After First Unlock” (AFU). This is pretty self-explanatory.

When you turn your phone on and enter the passcode in the morning, you switch your phone from BFU->AFU. 8/
When you first unlock your iPhone after power-on, it uses your passcode to derive several sets of cryptographic keys. These stay in memory inside your phone, and are used to encrypt the file system. 9/
When you lock your iPhone (or press the button on the side, or leave it alone until the screen goes blank), exactly *one* set of keys gets “evicted”, ie erased from memory. Those keys are gone until you enter your passcode or use FaceID.

All of the other keys stay in memory. 10/
The key that gets evicted on lock is used to decrypt a subset of the files on the filesystem, namely the ones that have a specific protection class (NSComplete). The keys that don’t get evicted can be used to decrypt all the other files.

(This is all well-known so far BTW.) 11/
So the upshot of this is that, if police can capture your phone in the AFU state (yours is almost certainly in that state for 99% of its existence) *and* they have a software exploit that allows them to bypass the OS security measures, they can get most of the files. 12/
The real question is: what exactly does “most of the files” mean, and the corollary is “why not protect *more* than just a few of the files with that special key (the one that gets evicted)”. That’s where things get depressing. 13/
Apple *sort of* vaguely offers a list of the apps whose files get this special protection even in the AFU state. But notice how vague this language is. I have to actually decode it. 14/
Notice how this text simply reports that some app data is “protected through encryption” (this is vague and meaningless, since it doesn’t say whether it’s AFU or BFU) and other app data is explicitly only protected in the BFU state (before you first unlock.) Why so vague? 15/
Here is a version of the same text from back in 2012. Notice how it explicitly states that “Mail, App Launch images, and Location Data” are protected using the strongest type of encryption.

So it seems that Apple is actually protecting *less* data now than in 2012. Yikes. 16/
(Our most likely guess: Apple has weakened the protections on location data in order to enable fancy features like “location based reminders”. So they had to weaken the language in the security guide. This isn’t great.) 17/
But whether you look at the 2012 or 2020 data, the situation sucks. The built-in apps that definitely use strong AFU protection are:

Mail (which probably already exists on a server that police can subpoena, so who cares.)

App launch data (🤷‍♂️)

That’s not great. 18/
3rd party apps can opt-in to protect data using the strongest type of encryption, so this isn’t necessarily the whole story. But let’s list some data that *doesn’t* get AFU protection:

Photos
Texts
Notes
Possibly some location data

Most of what cops want. 19/
So this answers the great mystery of “how are police breaking Apple’s encryption in 2020”. The answer is they probably aren’t. They’re seizing unlocked phones and using jailbreaks to dump the filesystem, most of which can be accessed easily since keys are in memory. 20/
Oh my god my thumbs. 21/
Anyway, this leaves basically only one remaining question:

Why is so little of this data encrypted when your phone is AFU and locked? And the answer to that is probably obvious to anyone who develops software, but it still sucks. 22/
Most apps like to do things in the background, while your phone is locked. They read from files and generally do boring software things.

When you protect files using the strongest protection class and the phone locks, the app can’t do this stuff. It gets an error. 23/
Apple provides some tools to make this less painful: for example, they have a “write only” protection class.

But for the most part it’s annoying for software devs, so they lower protections. And if Apple *isn’t* using strong protection for its in-house apps, who will? 24/
If I could tell Apple to do one thing, I would tell them to figure this problem out. Because without protection for the AFU state, phone encryption is basically a no-op against motivated attackers.

Maybe Apple’s lawyers prefer it this way, but it’s courting disaster. 25/
For those who would prefer to read this thread in the form of a 65-page PDF that also discusses cloud backup systems and Android, here is our current paper draft: https://t.co/k3Qw0DNIoI

This will be on a pretty website soon. Thanks for not blocking me after this thread. // fin

More from Crime

File411
File411
@File411
ICYMI
Hate Crime Indictment
Jason DeSimas
Jason Stanley
Randy Smith
Daniel Delbert Dorson
-aiding & abetting
-punched & kicked a Black man -derogatory comments about his actual & perceived race
-assaulting 2 other men who intervened to protect the

What’s a bit amazing is this hate crime took place in December of 2018 and the 4 defendants were indicted nearly two year on the nose. Because the Defendants were indicted for a hate crime.
That’s a force multiplier or at a minimum an enhancement of 10 years (addition to)


At first glance you wouldn’t think this had anything to do with White Supremacy -read page 4-
Dorson falsely claimed that he had not planned to attend a white supremacist’s “Martyr’s Day” observance in the state of WA
he had not owned a “flight jacket“
https://t.co/yU8t1DkyZA


Doc # 16 Detention Motion by USA
https://t.co/sxaBEqDLWr

“DeSimas admitted that he was a member of Crew 38,
a support club of Hammerskin Nation, a white supremacists organization...DeSimas lied to the FBI, denying that neither he nor anyone else had used the “N” word...”


always read those footnotes
3 other co-defendants are in custody
-Daniel Delbert Dorson ordered detained & will be
transferred to this District
-Randy Smith is detained in the District of OR, on an unrelated federal case
-Jason Stanley is detained at the ID DOC an unrelated case
CRIME
Steve Layman
Steve Layman
@SteveLayman
A thread of the known timeline of the #nashvilleexplosion. At 1:22am on Christmas this RV was first recorded by surveillance cameras on Second Avenue in downtown Nashville. It then parked on the west side of the street right next to the AT&T Data Center. @NC5 1/15


At around 5:30am downtown residents heard gunfire on Second Avenue and calls were made to police. A short time later came another round of gunfire. When police responded they found the RV playing a recorded warning that there was a bomb inside. 2/15

At least six brave @MNPDNashville officers went door to door in the immediate area getting the people who were home on Christmas morning to evacuate. @JohnCooper4Nash called the officers “heroes” and says, “there would have been life lost if it wasn’t for their courage.” 3/15

4/15: At 6:30am, with the recorded warning still playing, the RV exploded.

5/15: At least 41 businesses on and around Second Avenue were damaged, many extensively. One building collapsed. The explosion was reportedly heard from Murfreesboro to Lebanon and the fireball was captured in this picture from I-24.
CRIME
Advertisement
The Chiefe
The Chiefe
@the_chiefe
Marxist Communist Harris-Biden's Great Reset #DeepState KILLUMINATI agenda

versus

CIA & Mossad #DeepState "Regime change in Iran" CRIME MINISTER Netanyahu TRAITOR-yahu's "Greater Israel Project" propaganda agenda?!?
CRIME
Jordan Novet
Jordan Novet
@jordannovet
https://t.co/WCcDjvSn89


https://t.co/GkI8ZnW8Fy


https://t.co/HyiZe1lwFt


https://t.co/xPHEZIz0j1


https://t.co/rHx7oDyXl0
CRIME
John Biggs
John Biggs
@johnbiggs
This is some true bullshit. A fully radicalized white man methodically builds and detonates a bomb like he saw in Speed complete with creepy music and a fresh, highly obvious target.

His girlfriend - who police considered mentally ill and didn’t shoot down in the street even as she sat next to guns on her porch - said he was building bombs.

The cops wandered over, knocked a bit, ran his name through a database and then said ¯\_(ツ)_/¯ welp I guess that’s that!

When a Black man or woman does any of these things it’s a damn festival. Bullets fly. Accusations rise. He was a follower of a militant preacher! He was a Muslim warrior!

And with this fucking turd its a mystery! Why did the skinny white dude drive an rv to downtown Nashville and try to blow up a telephone switch? Lord knows! Maybe he hated his service!?
CRIME

You May Also Like

\U0001f1fa\U0001f1f8I Support Our Military & Law Enforcement\U0001f1fa\U0001f1f8
🇺🇸I Support Our Milita...
@TheWiseOwl_AZ
1. There are more people added on the list of arrests and executions of famous people but no further intel is available at this time.

ARRESTS and EXECUTIONS OF FAMOUS PEOPLE 2020 UPDATED
Explanation of the latest military tribunal arrests and executions of famous people in 2020.

2. The tribunals are arresting these people in plain clothes. We saw the Obama’s arrest, although we didn’t know it was an arrest at the time. The arrest was done nonchalantly so as to not get noticed by the public.
All arrests of these famous people were done this way.

3. If the person is convicted of child sex trafficking, crimes against humanity or treason, they will be executed.
If the person arrested has evidence on someone else to help their prosecution, or is willing to help Trump, & they want to cooperate, they may be allowed to do so.

4. A sentence of execution down to life in prison may be accepted if their evidence is worth anything.
When a plea deal is done, the defendant must present evidence they have to make their sentence lighter. This information is given to the prosecution, defense, and to the judge.

5. If evidence is accepted, they are presented the plea deal. They will have to make a guilty plea to the crime with a video confession & written statement. That is how all plea deals work.

All famous people arrested were either treasonous or involved in satanic worship rituals.
CRIME
(\u3063\u25d4\u25e1\u25d4)\u3063 \U0001f499 \U0001d440\U0001d4b6rymo Belfast \U0001f499\U0001f331\U0001f340 \u24cb\U0001f397\ufe0f
(っ◔◡◔)っ 💙 𝑀𝒶rymo Belfa...
@MarymoBelfast
THREAD PART 1.

On Sunday 21st June, 14 year old Noah Donohoe left his home to meet his friends at Cave Hill Belfast to study for school. #RememberMyNoah💙


He was on his black Apollo mountain bike, fully dressed, wearing a helmet and carrying a backpack containing his laptop and 2 books with his name on them. He also had his mobile phone with him.

On the 27th of June. Noah's naked body was sadly discovered 950m inside a storm drain, between access points. This storm drain was accessible through an area completely unfamiliar to him, behind houses at Northwood Road. https://t.co/bpz3Rmc0wq


"Noah's body was found by specially trained police officers between two drain access points within a section of the tunnel running under the Translink access road," said Mr McCrisken."

Noah's bike was also found near a house, behind a car, in the same area. It had been there for more than 24 hours before a member of public who lived in the street said she read reports of a missing child and checked the bike and phoned the police.
CRIME
Advertisement
Formula 1
Formula 1
@F1
After 17 years and more than 300 races, it could be @alo_oficial's last F1 race on Sunday 😭 He's given us a lot over the years... including some superb GIFs!

Here we have a rare example of a GIF you can actually hear. TOMA. 💪


The Spanish Samurai


Never give up. 💪 #GraciasFernando


Winning is everything. #GraciasFernando
SPORT
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
Do you know?

Multiverse is mentioned in several of Hindu Scriptures.

In 1927 came a theory named 'Big Bang' which was a scientific effort to provide some explanation about how our Universe came into existence. It suggested that Universe started as a tiny, hot and dense...


...something that expanded rapidly from the singularity with a big explosion or Big Bang from which formed the galaxies, stars and the rest of the Universe.
However, the science in our Vedas explained these concepts since millennia. Rig Veda mentions Hiranyagarbha and Brahmanda..

...Visphotak which talks about a similar theory.
The concept of Parallel universes may be novel to the modern scientists but it rests very comfortably in ancient Hindu Cosmology. The Puranas are replete with descriptions of many worlds whose inhabitants are ruled by kings in...


...the human plane and Gods in a higher plane. The many Gods in turn belong to many different worlds and planes of existence. At the highest level of hierarchy are the trinity namely Brahma, Vishnu and Mahesha, ruling the divine Kingdoms. Brahma is the creator who dreams...


...the Universe into being, which is maintained by Vishnu. What Humans perceive as reality is in fact the dream of Brahma, misled by matter. Brahman( not to be confused with Brahma) is the ground of all reality & existence. Brahman is uncreated,external, infinite & all-embracing.
ALL
Joey Tawadrous \U0001f1ee\U0001f1ea
Joey Tawadrous 🇮🇪...
@joeytawadrous
1) Core attributes of a promising founder worth following:
- Progress/trajectory over time
- How well they lead a team &
- Make the vision happen
- Most impressed when someone is way ahead of where you thought they would be when you check up/see them a few months later.

2) Indie Makers have such a benefit of being small, fast, nimble workers in comparison to big companies.

We can easily pivot and vastly change a project of ours. We can change as we learn more about our users.

Big companies can take months/years for even the smallest of pivots.

3) Before you find a product market you can pivot your project as many times as necessary until you find something that works.

Then you only have one thing to do: scale, scale, scale.

4) Be obsessed with the little details.
- listen to every single person who uses your product
- reply to every single person who emails you about your product
- ask them what they like and do not like
- iterate your product, make changes, pivot if necessary

5) Paul Graham's (@paulg) name came up with a feeling of great admiration! Naturally! It was Paul who said:

In the early stages of a company just;
- write code
- talk/sell to customers to stress test your idea

Nothing else.
STARTUPS