There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

FBI cracks phone belonging to Trump rally shooting suspect

Federal investigators are analyzing device’s content, although it is unclear how agency gained access

The FBI has gained access to the phone of the suspected gunman who opened fire on Donald Trump’s rally and is analyzing the device’s contents, the agency stated in a press release on Monday afternoon. The shooting, which killed one audience member and left Trump bleeding from one ear, is being investigated as an assassination attempt.

Authorities have been working to determine the motive behind the attack at Trump’s campaign rally on Saturday, but no clear picture has yet emerged. The gunman, identified as 20-year-old Thomas Matthew Crooks by the FBI, was shot and killed in the incident.

Federal investigators announced on Sunday that they had obtained Crooks’s cellphone, but had issues with bypassing its password protections to access the data within. FBI investigators then shipped the phone to a lab in Virginia, where agents successfully gained access, per the bureau’s press release.

rozodru ,
@rozodru@lemmy.ca avatar

they watched a youtube video by a guy from India on how to unlock it.

Seriously though, some of those videos actually work. I had a Samsung Galaxy that I got from some flea market for like $20. it was locked due to the FRP so I didn’t have access to the email or phone number. I just wanted to use it as a headset mounted gyroscope thing for war thunder (yeah, ask me about that one). Watched a youtube vid by some guy in India who went through the most bizarre way to unlock the phone and it worked. I was scanning QR codes and installing the samsung file manager app and a bunch of weird crap and was surprised that it worked. Dudes on reddit were deadset that it was impossible, impossible I tells ya, to bypass the FRP. it is possible. and you don’t need to download any of the scammy ‘unlock your phone’ programs either.

JakJak98 ,

Do you mean like an eye tracking system for headsets in wt? I’ve always just used vr if I wanted that capability.

rozodru ,
@rozodru@lemmy.ca avatar

sort of. it was more like head tracking. so you move your head and you could look around your cockpit. It was essentially a poor mans way of head tracking. there was an app you could download to your phone and your pc that would connect to each other. then with your phones gyroscope it would track your head movements. So then I would take the phone and strap it to the top of my headset with like a hair tie. it worked for a few games. War Thunder, MechWarrior Online, Star Citizen, pretty much any sort of sim it would work.

Kanzar ,

Yeah FRP unlock for a while was definitely bypassable on several phones, I unlocked a few that way. Not sure if it is still possible now, haven’t bothered tinkering. 😅

Maeve ,

Something sus about how quickly they can unlock phones when it's attempted murderer killed dead and murder victims killed dead.

TeddE ,
@TeddE@lemmy.world avatar

Cracking a phone is pretty doable. Cracking phones in a way that will hold up in a court trial, much more formal.

SpacePirate ,

Most phones are locked with a four digit numerical PIN. The current technique is taking an image of the flash memory, and reflashing the memory after every few attempts.

It still takes a bit longer than straight brute force without a temporal lockout, but it’s still pretty trivial.

saltesc ,

If it was biometric login, even easier. Would’ve gotten in before thebody even got cold.

Magister ,
@Magister@lemmy.world avatar

15 years ago, yes, nowadays especially on iPhone this does not work at all

SpacePirate , (edited )

It does when you have physical access to the RAM and storage, and a disassembly lab expressly configured for this purpose.

This is the backbone for a number of forensic services offered to law enforcement, and an entire cottage industry. I know with certainty it was still feasible as of the iPhone 12, which is well inside of 15 years. I don’t believe the architecture in the 13 or 14 has changed significantly to make this impossible.

With slightly earlier phones, tethered jailbreaks are often good enough, though law enforcement would more likely outsource to a firm leveraging Cellebrite or Axiom as the first step.

OutsizedWalrus ,

No, it doesn’t. This is what the Secure Enclave is for.

You’re not storing these counters in system memory. You’re sending attempts to an isolated chip.

stetech ,

Yes, it does, if they have full access to the disassembled hardware and assuming research time & resources they could do practically anything. Such as emulating the Secure Enclave chip with a “fraudulent” version, changing all firmware running on any semiconductors in the phone, isolating storage, I don’t know the details, but let your imagination loose.

Physical, uninterrupted access is unlikely, yet bad news for anyone’s threat model.

experbia ,
@experbia@lemmy.world avatar

not only physical access, but the authority to get any information necessary from the manufacturers of every component in the device. there is no question to them how any component operates, from silicon to software.

WindyRebel ,

If it used face unlock, just have the dead body and prop the eyes open and you’re in?

Maeve ,

I shouldn't have, but I smiled.

I should clarify: I meant that if they're law enforcement does the killing, cracking the phone takes much less time than it does when the phone belongs to the murder victim.

Kraven_the_Hunter ,

Fingerprint unlock would be even easier.

Pacmanlives ,

https://lemmy.world/pictrs/image/b956075e-5962-447b-91f5-94c11805ab94.jpeg

Warl0k3 ,

If I remember right, samsung/iphone face unlock won’t work on a corpse since it relies (at least in part) on infrared constellations that incorporate patterns formed by subdermal capillary networks and death obviously disrupts those.

Skydancer ,

At the nation-state level with an ex-president target, pumping heated liquid through the arteries of a dead body isn’t much of an obstacle.

Probably not actually what they did, but seriously people - a single biometric security factor is not going to secure anything when a government has the body and actually cares about getting in.

WindyRebel ,

That’s very interesting if true! I didn’t realize it could be that advanced.

JohnOliver ,

Dude… my niece can unlock my phone while i sleep by putting my finger on the sensor.

I wouldn’t be surprised if it would recognize my face while sleeping too

dependencyinjection ,

iPhones require your eyes to be open and looking at it, so I imagine Androids have something similar.

JohnOliver ,

I sleep with my eyes mostly open… but the point is, that i am sure that the FBI are more creative than my niece

dependencyinjection ,

Your niece is a bigger threat. Most people are not on the FBI radar.

Corkyskog ,
@Corkyskog@sh.itjust.works avatar

Literally a growing threat too…

aStonedSanta ,

What. The. Fuck.

JohnOliver ,

TYL: en.wikipedia.org/wiki/Lagophthalmos

aStonedSanta ,

Damn that’s wild. Sorry to hear about that. Hope it’s not a burden.

QaspR ,

Bro forgot to turn off his phone before they shot him.

tacosplease ,

If he had fingerprint unlock it would be pretty easy to get in considering they have access to his fingers. Facial recognition… less successful in this case.

PsychedSy ,

Gotta turn the phone off so it makes you actually log in.

EatATaco ,

On my pixel the pin required lock is up vol and power > lockdown.

PsychedSy ,

Lmao. I don’t restart enough to have realized that’s an option. My failsafe was to chuck it so it restarts…

I do have my Nexus One hanging out somewhere in storage. Had to know all the tricks back then.

EatATaco ,

This comes up every so often and it was something I learned during the same conversation, so I always just pass it along.

For me the fingerprint unlock is just too convenient to not use, but it’s nice to know I can lock down my phone quickly if I need to.

PsychedSy ,

Yeah. Ty. The toss metod isn’t as guaranteed as it once was.

ImADifferentBird ,
@ImADifferentBird@lemmy.blahaj.zone avatar

Most phones actually require pin/password on boot, and only let you use fingerprint/face unlock to unlock later in the session, as a security feature. So if he turned his phone off, even that wouldn’t work.

lost_faith ,

My pixel 6 will randomly require me to put in the pin, even if its been on for weeks

BaroqueInMind ,

Anyone know what kind of phone they reported they cracked? This should bring fear to anyone who cares even a little about privacy.

Otherwise, it will become normal to question why you take a shit with the door closed (what are you hiding in there?) slippery slopes and what-not.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

There’s devices sold to law enforcement that will allow them access to most phones by plugging them in. Believe it or not, Israel is the biggest exporter of exploits and hacks.

BaroqueInMind ,

Unless you please provide sources, I don’t fucking believe a word anyone says on the internet, and assume you are full of shit. Apologies if I sound rude, but I hate how people say shit like what you say and we all simply must take your word for it.

Killing_Spark ,

Look Up NSO group for an example of an Israeli based company making their money with exploits. Their most famous product is Pegasus. It’s a zero click remote trojan for iPhones and android devices. It’s probably different from what was used here but I wouldn’t be surprised if other technology in this sector comes from the same region.

PriorityMotif ,
@PriorityMotif@lemmy.world avatar

There’s a fun podcast called darknet diaries that covers this kind of thing.

aStonedSanta ,

I need to start listening to that podcast. Seems right up my alley.

PrettyFlyForAFatGuy ,

This was big news not that long ago. Pegasus spyware created by the Israeli NSO group.

They discover or buy zero day exploits and rather than telling the manufacturer about them they incorporate them into their software and sell to governments around the world

Pegasus was mainly about remote code execution but you can bet your bottom dollar they also have shit for opening phones in their posession

lonerangers1 ,

en.wikipedia.org/wiki/Cellebrite

njm1314 ,

You sound rude cause you’re trying to. There were plenty of ways to write that without sounding like a dick.

ipkpjersi ,

People posted multiple sources so now you really just sound like a dick, even if you weren’t intending to, unless you were intending to.

homura1650 ,

On the scale of privacy concerns, anything that starts with “they took physical possession of my device” ranks pretty low on my list.

Redredme ,

Any (western designed) phone. It doesn’t matter. All your data belongs to us. Them.

dependencyinjection ,

It doesn’t matter. If a nation state is a wants access, they’re gaining access.

It’s probably an exploit from that Israeli cyber company that I forget the name of.

Quexotic ,

Cellebrite is the name, I think.

Or are you thinking about pegasus?

dependencyinjection ,

NSO Group I was thinking of. They make Pegasus.

Quexotic ,

Aaah right. I confused the company name with the product name thanks!

lonerangers1 ,

both of those are israeli

card797 ,

I more curious for the android iphone debate. What the more popular phone amongst presidential assassins?

lonerangers1 ,

Bro,

en.wikipedia.org/wiki/Cellebrite

Makes them look incompetent to work so hard to get in

card797 ,

I wonder if they stuck his thumb on there. He is dead after all.

catloaf ,

It says they had to send the phone to a lab in Virginia, so obviously not.

piecat ,

So you cut off the thumb and ship it

Or make a casting

There’s a million ways they could do it

andrew_bidlaw ,
@andrew_bidlaw@sh.itjust.works avatar

Fuck, Fuck, FUCK!

Screams the agent as heating up a frozen finger with a lighter put it on fire.

radivojevic ,

Jokes on them, I don’t have thumbs.

absquatulate ,

Walter:
You want a toe? I can get you a toe, believe me. There are ways, Dude. You don’t wanna know about it, believe me.

The Dude:
Yeah, but Walter…

Walter:
Hell, I can get you a toe by 3 o’clock this afternoon… with nail polish.

RvTV95XBeo ,

Or you load the whole body into your passenger seat and drive it over there. Bonus points that this approach lets you use the carpool lane.

uhmbah ,

“We could call the cops, Richard, but you know where we’d be spending our weekend. In some… goddamned hot police station answering questions we don’t know the answers to.”

Croquette ,

Weekend at Crook’s : one thumb up

tiredofsametab ,

I get the feeling I'm the only person who doesn't use fingerprint readers (due to this and just some bad experiences with them not working right in their earlier days on phones).

catloaf ,

I also don’t, but I’m also not planning on committing crime.

tiredofsametab ,

Hah, same. I would hope that part would go without saying.

PsychedSy ,

I mean, only small crime.

PsychedSy ,

I use them but know I can restart my phone to force a full login. Usually throwing it does the job.

chemicalwonka ,
@chemicalwonka@discuss.tchncs.de avatar

phone model?

Bruhh ,

Asking the real questions here

lonerangers1 ,

I think it was an apple.

PsychedSy ,

Hopefully they don’t keep it classified. Maybe one of his friends got a “shooter likes this” message?

FireTower ,
@FireTower@lemmy.world avatar

Crooks, who left behind no immediately available manifesto or record of the attack, unlike many other modern assassination plots or mass shootings. He was registered as a Republican voter and donated $15 to a Democratic-allied organization but did not maintain a large online presence.

Well this is thoroughly unhelpful.

Numenor ,

Someone with the same name made the donation. At this point, we do not know if it was the assassin who made the donation, or an 80 year old with the same name.

MonkRome ,

IIRC the donation had his address on it, they do in fact know it was him.

FuglyDuck ,
@FuglyDuck@lemmy.world avatar

Or GrandPa Crooks.

In any case, I’m still trying to figure out how closely-related the organization was. “Democrat allied” or whatever could be almost anything.

evidences ,

The organization was ActBlue.

ActBlue Charities Inc. is an American political action committee and fundraising platform established for serving left-leaning and Democratic nonprofits and politicians.

Bernie_Sandals ,
@Bernie_Sandals@lemmy.world avatar

ActBlue handles donations for several organizations and candidates.

The specific affiliated organization he donated to was the Progressive Turnout Project

Federal Election Commission records show that a donor listed as Thomas Crooks with the gunman’s street address gave $15 to Progressive Turnout Project, a Democratic-aligned political action committee, on Inauguration Day in January 2021, when Crooks was 17.

kromem ,

It literally has the address of his house on it.

Mountain_Mike_420 ,

He donated money when he was 17. It was $15.

imPastaSyndrome ,

It’s the same info we knew 2 days ago, so and nothing was added, from the phone

brbposting ,

Investigators couldn’t get in with 1234, so they shipped it to their lab to try 5678

Wonder if this was one of the latest flagships or something older

tootoughtoremember ,

Not 000000?

serenissi ,

unless brute force was done, it might be a cold boot, usb exploit or bootloader exploit by physically accessing the storage.

FlyingSquid ,
@FlyingSquid@lemmy.world avatar

I hate when that happens. Now they’ll have to take it to one of those repair places.

PunnyName ,

Look, we have a bastardized version of right to self repair, so they should just give it back to the owner. He might have problems fixing it, but still.

Omgboom ,

Can you the thumbprints of a dead person to unlock a phone?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •