BC CRIME
Saved by @Mollyycolllinss

My students @maxzks and Tushar Jois spent most of the summer going through every piece of public documentation, forensics report, and legal document we could find to figure out how police were “breaking phone encryption”. 1/

 This was prompted by a claim from someone knowledgeable, who claimed that forensics companies no longer had the ability to break the Apple Secure Enclave Processor, which would make it very hard to crack the password of a locked, recent iPhone. 2/
We wrote an enormous report about what we found, which we’ll release after the holidays. The TL;DR is kind of depressing:

Authorities don’t need to break phone encryption in most cases, because modern phone encryption sort of sucks. 3/
I’ll focus on Apple here but Android is very similar. The top-level is that, to break encryption on an Apple phone you need to get the encryption keys. Since these are derived from the user’s passcode, you either need to guess that — or you need the user to have entered it. 4/
Guessing the password is hard on recent iPhones because there’s (at most) a 10-guess limit enforced by the Secure Enclave Processor (SEP). There’s good evidence that at one point in 2018 a company called GrayKey had a SEP exploit that did this for the X. See photo. 5/
There is really no solid evidence that this exploit still works on recent-model iPhones, after 2018. If anything, the evidence is against it.

So if they can’t crack the passcode, how is law enforcement still breaking into iPhones (because they definitely are)? 6/
The boring answer very likely is that police *aren’t* guessing suspects’ passcodes. They’re relying on the fact that the owner probably typed it in. Not *after* the phone is seized, in most cases. Beforehand. 7/
You see, iPhones can be in one of two states, which are respectively known as “Before First Unlock” (BFU) and “After First Unlock” (AFU). This is pretty self-explanatory.

When you turn your phone on and enter the passcode in the morning, you switch your phone from BFU->AFU. 8/
When you first unlock your iPhone after power-on, it uses your passcode to derive several sets of cryptographic keys. These stay in memory inside your phone, and are used to encrypt the file system. 9/
When you lock your iPhone (or press the button on the side, or leave it alone until the screen goes blank), exactly *one* set of keys gets “evicted”, ie erased from memory. Those keys are gone until you enter your passcode or use FaceID.

All of the other keys stay in memory. 10/
The key that gets evicted on lock is used to decrypt a subset of the files on the filesystem, namely the ones that have a specific protection class (NSComplete). The keys that don’t get evicted can be used to decrypt all the other files.

(This is all well-known so far BTW.) 11/
So the upshot of this is that, if police can capture your phone in the AFU state (yours is almost certainly in that state for 99% of its existence) *and* they have a software exploit that allows them to bypass the OS security measures, they can get most of the files. 12/
The real question is: what exactly does “most of the files” mean, and the corollary is “why not protect *more* than just a few of the files with that special key (the one that gets evicted)”. That’s where things get depressing. 13/
Apple *sort of* vaguely offers a list of the apps whose files get this special protection even in the AFU state. But notice how vague this language is. I have to actually decode it. 14/
Notice how this text simply reports that some app data is “protected through encryption” (this is vague and meaningless, since it doesn’t say whether it’s AFU or BFU) and other app data is explicitly only protected in the BFU state (before you first unlock.) Why so vague? 15/
Here is a version of the same text from back in 2012. Notice how it explicitly states that “Mail, App Launch images, and Location Data” are protected using the strongest type of encryption.

So it seems that Apple is actually protecting *less* data now than in 2012. Yikes. 16/
(Our most likely guess: Apple has weakened the protections on location data in order to enable fancy features like “location based reminders”. So they had to weaken the language in the security guide. This isn’t great.) 17/
But whether you look at the 2012 or 2020 data, the situation sucks. The built-in apps that definitely use strong AFU protection are:

Mail (which probably already exists on a server that police can subpoena, so who cares.)

App launch data (🤷‍♂️)

That’s not great. 18/
3rd party apps can opt-in to protect data using the strongest type of encryption, so this isn’t necessarily the whole story. But let’s list some data that *doesn’t* get AFU protection:

Photos
Texts
Notes
Possibly some location data

Most of what cops want. 19/
So this answers the great mystery of “how are police breaking Apple’s encryption in 2020”. The answer is they probably aren’t. They’re seizing unlocked phones and using jailbreaks to dump the filesystem, most of which can be accessed easily since keys are in memory. 20/
Oh my god my thumbs. 21/
Anyway, this leaves basically only one remaining question:

Why is so little of this data encrypted when your phone is AFU and locked? And the answer to that is probably obvious to anyone who develops software, but it still sucks. 22/
Most apps like to do things in the background, while your phone is locked. They read from files and generally do boring software things.

When you protect files using the strongest protection class and the phone locks, the app can’t do this stuff. It gets an error. 23/
Apple provides some tools to make this less painful: for example, they have a “write only” protection class.

But for the most part it’s annoying for software devs, so they lower protections. And if Apple *isn’t* using strong protection for its in-house apps, who will? 24/
If I could tell Apple to do one thing, I would tell them to figure this problem out. Because without protection for the AFU state, phone encryption is basically a no-op against motivated attackers.

Maybe Apple’s lawyers prefer it this way, but it’s courting disaster. 25/
For those who would prefer to read this thread in the form of a 65-page PDF that also discusses cloud backup systems and Android, here is our current paper draft: https://t.co/k3Qw0DNIoI

This will be on a pretty website soon. Thanks for not blocking me after this thread. // fin

More from Crime

Emily of the State
Emily of the State
@EmilyGorcenski
Ok so there’s a conspiracy theory going around that this woman was faking her injury with an onion.

This is likely false. Onions are a folk remedy for pepper spray.


The theory, which has some merit, is that since onions make you cry, it helps flush the irritants from your eyes with natural tears.

However, this is not recommended as a treatment for pepper spray and is ultimately not very effective.

Pepper spray, tear gas, mace, CN, HC, and other agents are best removed with a flush of water or, if you have the proper mixture, saline. Nothing else.

We do not do chemistry in our eyeballs. We are not putting chemicals in our eyes. We are not putting produce in our eyes. We are removing the chemicals with safe, neutral water.
CRIME
Nomas21
Nomas21
@Ghost_411
Exposing the human trafficking NGOs

Seven non-government organizations have orchestrated with human traffickers to smuggle illegal immigrants into Greece, according to Migration Minister Notis Mitarachis.

The Greek minister told The Times that NGO’s from Somalia, Britain, Turkey and elsewhere assisted in the smuggling of illegal immigrants to Greece.

Mitarachi highlighted that the Norwegian non-governmental organization Aegean Boat Report, and the London-based Al-Khair Foundation assisted human traffickers.


Five other European NGO’s are also complicit in being human traffickers the crime and helping illegal immigrants enter the country.

“Contacts in Mogadishu facilitate transport to Istanbul, even paying for migrant airfare on Turkish Airlines,” the minister said. “From there, migrants are transported to key points along the Turkish coast, working with aid groups to push them to islands like Lesvos”, he said.
CRIME
Advertisement
Mayday
Mayday
@MaydayMatrix
And why is Justin Trudeau's father's Pierre Elliott Trudeau foundation show the near identical FBI confirmed "boy lover" pedophilia logo in the foundations 2015-2016 annual report document on page 2?
@TheoFleury14 @roccogalatilaw @joe_warmington @TPostMillennial @GenFlynn https://t.co/gLQVzJM8AQ
CRIME
Conor Gogarty
Conor Gogarty
@ConorGogarty
Got an FOI response almost three years late... a short thread

Back in December 2017, when I was a reporter for the Gloucestershire Echo, I went to a knife crime event where a police officer gave a talk mentioning he'd been running undercover stings on local shops - sending in underage teens to see whether the store would sell them knives.

That's an interesting story, I thought. So I asked the @Glos_Police press office for some details about the operation, and the shops which had fallen foul of it. They said they'd rather not give those details.

So I put in an FOI on December 5, 2017, hoping for a response within the 20 working day limit.

I got one on November 20, 2020, having forgotten all about it

It refuses to confirm or deny whether the info is held: "Whilst there is a public interest in providing reassurance that the Police Service are appropriately and effectively holding information of this nature, there is a stronger public interest in safeguarding national security"
CRIME
Katrin Bennhold
Katrin Bennhold
@kbennhold
A German soldier is arrested trying to retrieve a loaded gun from an airport toilet.
His finger prints lead to a Syrian refugee.
His cell phone leads to far-right extremist networks inside the military.
This is the tale of Franco A: 1/10

Franco A was a lieutenant in the German army.
He posed as a Syrian refugee – and got away with it.
For 16 months he lived a double life.
Prosecutors say he planned a terror attack that would be blamed on his refugee alter ego and unleash a national crisis 2/10

Franco A’s arrest was a wake-up call for the German authorities long blind to far-right infiltration of their institutions.
His superiors promoted him even after he detailed his views in a master’s thesis.
He spoke publicly at least once at a far-right event 3/10

When Franco A goes on trial for plotting terrorism in the spring, Germany will go on trial with him. How could a German soldier who didn't speak Arabic pass himself off as a refugee? And how could a far-right extremist rise through the ranks of the German military? 4/10

But the story of Franco A is bigger than his own. His family history grafts almost perfectly over German history. The story of his double life and evolution is in many ways the tale of today’s two Germanys. 5/10
CRIME

You May Also Like

Delilah S. Dawson
Delilah S. Dawson
@DelilahSDawson
So here is a secret: Not everything I write goes anywhere. I have at least 4 books completely written and edited that never went on submission. I have books that stalled out at 20k. I have docs on my computer with opening paragraphs I don't remember writing. But! 1/

Every now and then an idea sticks with me like that corner of tortilla chip that just won't go down your throat. It happened with SPARROWHAWK, which began as 40k of a YA story, died, and was reborn as a comic, thanks to @christopher_j_r and @boomstudios. And now... 2/

It's happening with THE WILLOWS, a short story that you'll see in @UncannyMagazine next year. This Southern Gothic horror story began as an attempt to sell my next Romance to @AbZurdity after the Blud books in 2014 or so. And she didn't buy it. Guess why? 3/

Turns out, it wasn't a Romance! It was Southern Gothic Horror. Even the bones of it screamed strangeness, not sexiness. I loved the taste of the world, but I hadn't found the right story yet. Tried to write it 2 more times and failed. Until I finally understood what it was. 4/

So I took the 50 pages I'd written and cut half of them, twisting the story around from a gothy Romance inspired by the band the Civil Wars and turned it into a spooky descent into madness. And it looked back at me from the abyss as if to say, DUH. Sometimes... 5/
WRITING
Gareth Harney
Gareth Harney
@OptimoPrincipi
1) The Temple of the Divine Claudius was a vast temple complex on Rome's Caelian Hill, overlooking the valley that would later be occupied by the Colosseum. Though almost nothing now remains of the structure, its scale and grandeur once rivalled anything in the city.. #LostRome


2) The 'Claudium' was intended as a sacred complex to revere Claudius and the imperial cult. Construction began soon after the death and deification of the emperor in 54 AD, initiated by his widow Agrippina who was likely responsible for his supposed death by poisoning. #LostRome


3) The sprawling temple complex sat on a gigantic podium that spread across the Caelian Hill, measuring 180 x 200 metres; with towering retaining walls of travertine that raised the structure 20 metres above the valley below. #LostRome


4) The elevated sacred area was likely entered by steps facing the temple on the west side. The temple itself had a projecting hexastyle porch and was surrounded by gardens and a grand portico, probably the 'porticus Claudia' mentioned in Martial's 'On the Spectacles'. #LostRome


5) Statues of both Agrippina and Claudius’ ill-fated young son Britannicus, sculpted in sumptuous dark Egyptian greywacke, were discovered among the ruins on the Caelian Hill in 1651 – and had almost certainly been displayed in the temple precinct. #LostRome
HISTORY
Advertisement
Noah Smith
Noah Smith
@Noahpinion
1/OK, I should really write another thread about university-centric regional development, because I think people often make some (very understandable) mistakes when thinking about this issue.

2/The biggest myth, I think, is that universities help regions by educating locals as undergraduates.

Skeptics of universities say: "But most of the people who graduate end up leaving."

3/In fact, most of what a university does for a regional economy is NOT about educating local kids.

Educating local kids is good for the nation, but doesn't help a region much.

The way a university helps a region is through

4/Undergraduates usually leave town after graduation.

But university RESEARCH pulls in OTHER smart people from other regions, and they stay there.

Here's a paper showing that this is the main way universities increase a region's human capital:

5/Research also pulls in business investment.

Companies want to partner with university labs, so they can commercialize the technologies the labs produce. So they invest in the labs, and sometimes they even put their offices in the town.
SOCIETY
Bartosz Ziembinski
Bartosz Ziembinski
@zmbnski
Still wondering about this 🤔


save as q
Q
Billy Bostickson \U0001f3f4\U0001f441&\U0001f441 \U0001f193
Billy Bostickson 🏴👁&👁 ...
@BillyBostickson
Enough Jaw Jaw, this is War!
1. People's Justice Courts to be set up worldwide
2. Citizens' arrests of all Identified Suspects
3. Lab Inspections
3. Harsh interrogation using MKULTRA
4. Public Show Trials video streamed live
5. Cross Questioning of suspects via Twitter & Zoom
6.


A growing list of suspects to be interrogated


Foul Traitors, Charlatans, Frauds, Bat Molesters! Frankensteins, Well Poisoners, Plotters, Deceivers!
Dr. Shipmans, Saboteurs, Devils in White Coats!


Organisations to be Investigated
WIV
Wuhan University IMA
WIBP
WCDC
BEIJING IPB
Nanjing Military Lab
SinoPharm
BARDA
NIH
EMERGENT BIOSOLUTIONS
BIOPORT
GILEAD
SIAC
QTEL
USAMRIID
FORT DETRICK
DARPA
DTRA
Metbiota
ONE HEALTH
GVP
ECOHEALTH
MITRE
BATTELLE
TUNNELL
LAURIMA GOV SERVICES


Suspects (1)
China
Zhengli Shi
Peng Zhou
George Gao
Deyin Guo
Major General Chen Wei
United States
ALEX AZAR
JONNA MAZET
ALISON O’TOOLE
ANTHONY FAUCI
BOYD YOUNT
DAVID FRANZ
DAVID KARESH
DENNIS CARROLL
DYLAN GEORGE
GEORGE PAINTER
IAN LIPKIN
JENS KUHN
JEROME HAUER
JONATHAN EPSTEIN
WORLD , ALL