[Noisebridge-discuss] FBI, stumped by pimp's Android pattern lock, serves warrant on Google

girlgeek girlgeek at wt.net
Sat Apr 21 23:34:10 PDT 2012


I know nothing about Android, but in some systems with proper 
permissions you just enter a command like:
change password from  hash(8943DKSL) TO (ABC)
Then you procede on your merry way.  The password is now ABC.
Will the feds have the same sort of command available?
Claudia
On 4/21/2012 10:37 AM, Ben Kochie wrote:
> The funny part is, the feds are still not going to get the password to
> unlock the device.  Have fun with that hashed password.  Google's not
> stupid enough to store user passwords in plain text.
>
> On Sat, Apr 21, 2012 at 03:58, Nick Shapiro<me at nickshapiro.net>  wrote:
>> This is an everyday thing.
>>
>> When Google receives a legal American warrant (which they do) they follow
>> American law and provide the information.
>>
>> Including deleted gmail. Google, as required by law, keeps copies of deleted
>> gmail for at least 30 days so that it can provide the messages when
>> subpoenaed. Which they do.
>>
>>
>>
>>
>>
>> On Fri, Apr 20, 2012 at 8:34 PM, Jake<jake at spaz.org>  wrote:
>>>
>>> http://arstechnica.com/tech-policy/news/2012/03/fbi-stumped-by-pimps-androids-pattern-lock-serves-warrant-on-google.ars
>>>
>>> The FBI, which didn't have the right to search the phone without a
>>> warrant, obtained one on February 13, 2012. They took the phone from the
>>> parole agent and sent it off to an FBI Regional Computer Forensics Lab in
>>> Southern California. There, technicians attempted to gain access to the
>>> contents of the memory of the cellular telephone in question, but were
>>> unable to do so, said the FBI. They were defeated by, of all things,
>>> Android's pattern lock [not always notable for its high security].
>>>
>>> Technicians apparently mis-entered the pattern enough times to lock the
>>> phone, which could only be unlocked using the phone owner's Google account
>>> credentials. But Dears wasn't cooperating, and the FBI didn't have his
>>> credentials. So it was back to a judge with a new warrant application,
>>> filed on March 9, 2012. That application, which was apparently supposed to
>>> be sealed, was instead made public and was located today by security
>>> researcher Chris Soghoian.
>>> _______________________________________________
>>> Noisebridge-discuss mailing list
>>> Noisebridge-discuss at lists.noisebridge.net
>>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
>>
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
> -----
> No virus found in this message.
> Checked by AVG - www.avg.com
> Version: 2012.0.1913 / Virus Database: 2411/4949 - Release Date: 04/20/12
>
>



More information about the Noisebridge-discuss mailing list