New York City Partners With Cellebrite to Hack iPhones

· · Link

Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.

Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.

I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.

Amazon's Surveillance Company Partners With 400 More Police Forces

· · Link

Ring, the Amazon-owned surveillance company that sells doorbell cameras, is partnering with 400 more police forces across the U.S.

The partnerships let police automatically request the video recorded by homeowners’ cameras within a specific time and area, helping officers see footage from the company’s millions of Internet-connected cameras installed nationwide, the company said. Officers don’t receive ongoing or live-video access, and homeowners can decline the requests, which Ring sends via email thanking them for “making your neighborhood a safer place.”

Previous Ring coverage: Here, and here.

Don't Let Your Kids Download These Apps

· · Link

Kids lining up against the wall with smartphones

The Sarasota County Sheriff’s office compiled a list of 15 apps that they believe pose a danger to young children. Here are the apps on the list:

MeetMe, Grindr, Skout, WhatsApp, TikTok, Badoo, Bumble, Snapchat, Kik, LiveMe, Holla, Whisper, Ask.fm, Calculator%, Hot or Not.

Amazon Helps Cops Get Ring Surveillance Videos Without Warrants

· · Link

A couple weeks ago I shared news that Amazon is requiring police to promote its Ring surveillance cameras. Not that bad, I thought, because at least the police had to have the owner’s permission. But I was optimistic, because Amazon is giving police talking points on how to persuade owners, and even seizing the video footage if the owner said no.

As reported by GovTech on Friday, police can request Ring camera footage directly from Amazon, even if a Ring customer denies to provide police with the footage. It’s a workaround that allows police to essentially “subpoena” anything captured on Ring cameras.

Things like government surveillance and hacking are precisely why I will never buy smart home products. Update: A Ring spokesperson emailed me a correction: The reports that police can obtain any video from a Ring doorbell within 60 days is false. Ring will not release customer information in response to government demands without a valid and binding legal demand properly served on us. Ring objects to overbroad or otherwise inappropriate demands as a matter of course.

Amazon Requires Police to Promote its Ring Surveillance Cameras

· · Link

As part of a secret agreement, Amazon requires that police “encourage adoption” of its Ring doorbell surveillance cameras.

Dozens of police departments around the country have partnered with Ring, but until now, the exact terms of these partnerships have remained unknown. A signed memorandum of understanding between Ring and the police department of Lakeland, Florida, and emails obtained via a public records request, show that Ring is using local police as a de facto advertising firm. Police are contractually required to “Engage the Lakeland community with outreach efforts on the platform to encourage adoption of the platform/app.”

News+: Backpage.com Versus the Feds

· · Link

Backpage.com was a website modeled after the classifieds section of print. People could use it to post ads, and it also had a thriving section for adult ads. But the Feds seized it and arrested the owners. Christine Biederman wrote all about it.

The government indictment that triggered Lacey and Larkin’s arrests, United States v. Lacey, et al, includes 17 “victim summaries”—stories of women who say they were sexually exploited through Backpage. Victim 5 first appeared in an ad on the platform when she was 14; her “customers” made her “perform sexual acts at gunpoint, choked her to the point of having seizures, and gang-raped her.” Victim 6 was stabbed to death. Victim 8’s uncle and his friends advertised her as “fetish friendly.” The indictment accuses Backpage of catering to sexual predators, of essentially helping pimps better reach their target audiences.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

iPhones Aren’t Safe From Google’s Sensorvault Database

· · Link

Google has a database called Sensorvault. It contains location data of users and shares it with law enforcement—if they have a warrant, of course. Apple honors lawful requests as well. But Jennifer Valentino-DeVries wonders whether the database is too broad.

Google would not provide details on Sensorvault, but Aaron Edens, an intelligence analyst with the sheriff’s office in San Mateo County, Calif., who has examined data from hundreds of phones, said most Android devices and some iPhones he had seen had this data available from Google…

“It shows the whole pattern of life,” said Mark Bruley, the deputy police chief in Brooklyn Park, Minn., where investigators have been using the technique since this fall. “That’s the game changer for law enforcement.”

FBI: Encryption Infects Law Enforcement Community

· · Link

The FBI really really dislikes end-to-end encryption, saying that it’s a problem that infects the law enforcement community (paywall).

The so-called going-dark issue…is a problem [that] infects law enforcement and the intelligence community more and more so every day,” said Amy Hess, executive assistant director with the FBI, in an interview. Ms. Hess, who previously oversaw the FBI’s science and technology branch, testified to Congress on the problem during Apple’s 2016 clash with the bureau.

Apple and others are worried about Australia’s encryption ban, and it could be a test case for the rest of the Five Eyes.

Apple Doesn't Treat Roger Stone Any Differently

· · Link

During Robert Mueller’s investigation they discovered Paul Manafort had tampered with witnesses. How was this discovered? Unencrypted WhatsApp messages that were backed up to iCloud. Apple handed over Roger Stone’s iCloud data, and apparently some people are angry. Stephen Silver breaks the issue down and says there is no double standard.

The argument went that Apple had refused to create a backdoor for the iPhone in the case of the one of the San Bernardino shooters following the December 2015 shooting. Yet, they were perfectly willing to easily hand over Manafort’s iCloud data. Why protect the privacy of terrorists, when they won’t do it for everybody?

Cops Can't Force You to Unlock an iPhone via Face ID, Touch ID

· · Link

A U.S. federal judge has ruled that law enforcement can’t force you to unlock an iPhone or iPad via Face ID or Touch ID.

In the United States, a suspect’s property has the potential to be searched by law enforcement officials as part of an investigation, but some items are typically left alone. While people are protected from having to unlock their devices via a passcode, biometric security has been considered fair game for use by investigators, bypassing the passcode rules.

This will certainly set a precedent for the future. Although it doesn’t completely stop the investigation, it does give people a bit more freedom.