A judge recently ruled that law enforcement have the ability to search through DNA database GEDmatch, overriding the choice of its over one million users.
In the wake of that attention-grabbing case, GEDmatch changed its policies in May 2018 to make it less easy for police to access their data. Users now have to opt in to having their data made available to police; information they upload is set to private by default. Rogers told the NYT that as of October, less than 15% of current users, 185,000 out of 1.3 million, have opted in to sharing their data with police.
Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.
Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.
I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.
Ring, the Amazon-owned surveillance company that sells doorbell cameras, is partnering with 400 more police forces across the U.S.
The partnerships let police automatically request the video recorded by homeowners’ cameras within a specific time and area, helping officers see footage from the company’s millions of Internet-connected cameras installed nationwide, the company said. Officers don’t receive ongoing or live-video access, and homeowners can decline the requests, which Ring sends via email thanking them for “making your neighborhood a safer place.”
Previous Ring coverage: Here, and here.
The Sarasota County Sheriff’s office compiled a list of 15 apps that they believe pose a danger to young children. Here are the apps on the list:
MeetMe, Grindr, Skout, WhatsApp, TikTok, Badoo, Bumble, Snapchat, Kik, LiveMe, Holla, Whisper, Ask.fm, Calculator%, Hot or Not.
An app called what3words saved a group of friends after they got lost. Police told them to download the app and they were quickly found.
A couple weeks ago I shared news that Amazon is requiring police to promote its Ring surveillance cameras. Not that bad, I thought, because at least the police had to have the owner’s permission. But I was optimistic, because Amazon is giving police talking points on how to persuade owners, and even seizing the video footage if the owner said no.
As reported by GovTech on Friday, police can request Ring camera footage directly from Amazon, even if a Ring customer denies to provide police with the footage. It’s a workaround that allows police to essentially “subpoena” anything captured on Ring cameras.
Things like government surveillance and hacking are precisely why I will never buy smart home products. Update: A Ring spokesperson emailed me a correction: The reports that police can obtain any video from a Ring doorbell within 60 days is false. Ring will not release customer information in response to government demands without a valid and binding legal demand properly served on us. Ring objects to overbroad or otherwise inappropriate demands as a matter of course.
iPhone smuggler Jianhua “Jeff” Li was sentenced to three years in prison after being convicted of smuggling 40,000 iPhones into the U.S.
As part of a secret agreement, Amazon requires that police “encourage adoption” of its Ring doorbell surveillance cameras.
Dozens of police departments around the country have partnered with Ring, but until now, the exact terms of these partnerships have remained unknown. A signed memorandum of understanding between Ring and the police department of Lakeland, Florida, and emails obtained via a public records request, show that Ring is using local police as a de facto advertising firm. Police are contractually required to “Engage the Lakeland community with outreach efforts on the platform to encourage adoption of the platform/app.”
Backpage.com was a website modeled after the classifieds section of print. People could use it to post ads, and it also had a thriving section for adult ads. But the Feds seized it and arrested the owners. Christine Biederman wrote all about it.
The government indictment that triggered Lacey and Larkin’s arrests, United States v. Lacey, et al, includes 17 “victim summaries”—stories of women who say they were sexually exploited through Backpage. Victim 5 first appeared in an ad on the platform when she was 14; her “customers” made her “perform sexual acts at gunpoint, choked her to the point of having seizures, and gang-raped her.” Victim 6 was stabbed to death. Victim 8’s uncle and his friends advertised her as “fetish friendly.” The indictment accuses Backpage of catering to sexual predators, of essentially helping pimps better reach their target audiences.
This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.
As part of its annual transparency reports, for the first time Apple has released data for App Store government removal requests from 2018.
A New York teen sued Apple, saying its facial recognition in a store led to his false arrest. But Apple says it doesn’t use that tech.
Google has a database called Sensorvault. It contains location data of users and shares it with law enforcement—if they have a warrant, of course. Apple honors lawful requests as well. But Jennifer Valentino-DeVries wonders whether the database is too broad.
Google would not provide details on Sensorvault, but Aaron Edens, an intelligence analyst with the sheriff’s office in San Mateo County, Calif., who has examined data from hundreds of phones, said most Android devices and some iPhones he had seen had this data available from Google…
“It shows the whole pattern of life,” said Mark Bruley, the deputy police chief in Brooklyn Park, Minn., where investigators have been using the technique since this fall. “That’s the game changer for law enforcement.”
The Cellebrite hacking tool used to break into iPhones is being sold on eBay starting at US$100, and could contain data from legal cases.
The FBI really really dislikes end-to-end encryption, saying that it’s a problem that infects the law enforcement community (paywall).
The so-called going-dark issue…is a problem [that] infects law enforcement and the intelligence community more and more so every day,” said Amy Hess, executive assistant director with the FBI, in an interview. Ms. Hess, who previously oversaw the FBI’s science and technology branch, testified to Congress on the problem during Apple’s 2016 clash with the bureau.
Apple and others are worried about Australia’s encryption ban, and it could be a test case for the rest of the Five Eyes.
During Robert Mueller’s investigation they discovered Paul Manafort had tampered with witnesses. How was this discovered? Unencrypted WhatsApp messages that were backed up to iCloud. Apple handed over Roger Stone’s iCloud data, and apparently some people are angry. Stephen Silver breaks the issue down and says there is no double standard.
The argument went that Apple had refused to create a backdoor for the iPhone in the case of the one of the San Bernardino shooters following the December 2015 shooting. Yet, they were perfectly willing to easily hand over Manafort’s iCloud data. Why protect the privacy of terrorists, when they won’t do it for everybody?
A U.S. federal judge has ruled that law enforcement can’t force you to unlock an iPhone or iPad via Face ID or Touch ID.
In the United States, a suspect’s property has the potential to be searched by law enforcement officials as part of an investigation, but some items are typically left alone. While people are protected from having to unlock their devices via a passcode, biometric security has been considered fair game for use by investigators, bypassing the passcode rules.
This will certainly set a precedent for the future. Although it doesn’t completely stop the investigation, it does give people a bit more freedom.
Apple has blocked GrayKey, an iPhone hacking device used by law enforcement. The company designed iOS 12 with protection against it.
While suspects can be forced to unlock their iPhones, cops have been instructed not to look directly at iPhones to avoid Face ID lock out.
During an investigation, the FBI forced a suspect to unlock his iPhone with Face ID. This could be a significant precedent for law enforcement.
The portal will let law enforcement around the world to submit lawful requests for data, track requests, and get responsive data from Apple.