Slashdot Mirror
How The FBI Easily Retrieved Michael Cohen's Data From Both Apple and Google (cnn.com)
Court documents unsealed Tuesday showed just how much information America's FBI was able to gather on Donald Trump's lawyer Michael Cohen -- from both Google and Apple products. An anonymous reader quotes CNN:
Notably, the FBI made use of Cohen's use of Touch ID and Face ID on his Apple devices, which allow users to quickly log into iPhones and computers by scanning their face or fingerprint rather than typing in a password... But that gives law enforcement an additional means to access those devices. In one warrant application for Cohen, an FBI agent requested authorization "to press the fingers (including thumbs) of Cohen to the Touch ID sensors of the Subject Devices, or hold the Subject Devices in front of Cohen's face, for the purpose of attempting to unlock the Subject Devices via Touch ID or Face ID...."
One warrant requested not simply access to three of Cohen's Gmail accounts, as well as other email accounts, but also some of the wide array of information Google keeps for its users by default, including search history, web cookies associated with an account, device information, and a host of other metadata categories. One affidavit describes how the FBI narrowed down Cohen's temporary location at the Loews Regency Hotel in New York through his cell phone location data. Agents then used a "triggerfish" -- a reference to a stingray, or IMSI catcher, a suitcase-sized device that mimics a cell tower to convince a cell phone to connect and reveal its location...
Prosecutors also made use of a new law that Trump recently signed. Investigators in the Southern District of New York compelled Google to turn over some documents on Cohen, but the tech giant initially "declined to produce data that it stored on computer servers located outside of the United States," according to an affidavit submitted to the court by an FBI agent working on Cohen's case. Weeks later, Trump signed the CLOUD Act into law, which gave US law enforcement more legal pathways to pursue data stories overseas.... In an April 2018 affidavit, the FBI agent argued that "providers are required to disclose data even if it is stored abroad" under the new law. The judge approved the new search warrant later that day, giving investigators access to additional information from Google, including Cohen's emails, attachments, address book and files stored on Google Drive.
One technology law expert told CNN that police now seek access to more and more information.
"I think any of the electronic debris that people leave online on these services is all potentially subject to being used against you."
One warrant requested not simply access to three of Cohen's Gmail accounts, as well as other email accounts, but also some of the wide array of information Google keeps for its users by default, including search history, web cookies associated with an account, device information, and a host of other metadata categories. One affidavit describes how the FBI narrowed down Cohen's temporary location at the Loews Regency Hotel in New York through his cell phone location data. Agents then used a "triggerfish" -- a reference to a stingray, or IMSI catcher, a suitcase-sized device that mimics a cell tower to convince a cell phone to connect and reveal its location...
Prosecutors also made use of a new law that Trump recently signed. Investigators in the Southern District of New York compelled Google to turn over some documents on Cohen, but the tech giant initially "declined to produce data that it stored on computer servers located outside of the United States," according to an affidavit submitted to the court by an FBI agent working on Cohen's case. Weeks later, Trump signed the CLOUD Act into law, which gave US law enforcement more legal pathways to pursue data stories overseas.... In an April 2018 affidavit, the FBI agent argued that "providers are required to disclose data even if it is stored abroad" under the new law. The judge approved the new search warrant later that day, giving investigators access to additional information from Google, including Cohen's emails, attachments, address book and files stored on Google Drive.
One technology law expert told CNN that police now seek access to more and more information.
"I think any of the electronic debris that people leave online on these services is all potentially subject to being used against you."
You realize he isn't stuck in Mar-a-lago, right?
Yikes.
Sealed Indictment :An indictment can be sealed so that it stays non-public until it is unsealed. This can be done for a number of reasons. It may be unsealed, for example, once the named person is arrested or has been notified by police.
Even Fox News agrees with me : Fox News’ Chris Wallace: Rudy Giuliani ‘Awfully Optimistic’ To Think Mueller Probe Is Over
The attorney’s conclusion that the special counsel’s report is good news for President Trump is premature, the Fox News host warned.
Bring lube, traitor, when they come for you with the shiny bracelets. Keep mentioning Hillary when you go to prison, try for a crazy defense. Keep trying to fuck your ugly daughter meanwhile I guess.
Before they take you off to die in prison a traitor.
Understand what is now a legal search and seizures.
How to use your OS to ensure your digital "papers" stay secure from unreasonable search attempts.
When and how your rights stay protected.
Domestic spying is now "Benign Information Gathering"
Sealed Indictment :An indictment can be sealed so that it stays non-public until it is unsealed. This can be done for a number of reasons. It may be unsealed, for example, once the named person is arrested or has been notified by police.
Even Fox News agrees with me : Fox News’ Chris Wallace: Rudy Giuliani ‘Awfully Optimistic’ To Think Mueller Probe Is Over
The attorney’s conclusion that the special counsel’s report is good news for President Trump is premature, the Fox News host warned.
Bring lube, traitor, when they come for you with the shiny bracelets. Keep mentioning Hillary when you go to prison, try for a crazy defense. Keep trying to fuck your ugly daughter meanwhile I guess.
Before they take you off to die in prison a traitor.
He's not going to be buried under Mar a Lago, lol.
End to end crypto is not breakable. Rubber hose up the nose is what done it.
is this someone I should know?
Conspiracy theory. May keep US liebruls or trumpttards busy years after it was proven baseless.
So what country hosted the servers (owned by foreign subsidiary of Google) which they raided with only a US, not foreign warrant?
I mean, I'm pretty sure Google has subsidiary in whatever country they actually have servers which is the formal direct operator,
and normal countries should have some sort of privacy laws restricting companies from just turning data over to US government.
You sound defensive! Lol, we all were laughing at you the entire time and now you flail like a downs kid in a whirlpool lmao
Spam: repeatedly posting the same stupid crap in the hope that something stupid repeated 100 times will happen.
You must be the Republicans are all faggots dying in jail guy.
It really would be better for your soul if you just acknowledged you wasted 2 years of your life trolling thousands of posts which were all lies you swallowed hook line and sinker and just killed yourself already.
Oh, and btw... LMAO! MAGA! Trump 2020! Hillary for prison! NO INDCITMENTS! (Sealed or otherwise...NONE!)
I am going to head back to the NYT comments section to wallow in the conspiracy theory, agony, and tears.
Oh yes, those delicious Marxist tears! So yummy!
The winning just never stops (unless you are Marxist scum).
Just put up a Miranda Warning. Makes more sense
“He’s not deformed, he’s just drunk!”
With biometric authentication, you are only protected by the 4th amendment. Your finger/face/etc. are akin to a key, and a warrant can compel you to unlock the device with it.
With a password, it can be argued that divulging it would constitute self-incrimination, which keeps you protected by the 5th amendment as well, even if they get a warrant. Case law is unclear on the matter, at least, with contradictory rulings.
This is true in the USA at least. UK has a law that mandates divulging passwords, although I don't recall hearing about it being used much.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
We already knew that, in the US, a person can be compelled to unlock his/her phone if it can be done with a fingerprint or by showing their face.
If you're really paranoid you need to turn all that off, require a complex passcode to be entered on any of your electronic devices, and be willing to put up with a little inconvenience on a regular basis.
Personally, I'm not that paranoid - I'm aware that I'm simply not that important of a person.
#DeleteChrome
Do you have a specific source about the (lack of) indictments? Can you post it?
It was one of those "anonymous sources" that the Trumpers tell us not to trust.
It's OK when they tell you trust them, apparently.
Seriously, people, your phones have back-doors, front-doors, compromised apps, malware, etc. on them and send data into insecure clouds. Do not trust your phones. The only way you could ever trust your phones was is there was strong legal protection for your data. There is not. Thanks to the raising authoritarians and proto-fascists in the West, there is the opposite.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You are cheering for the downfall of your own country? Fascinating.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Me? I'm from Russia. /AC
So, do you carry notebooks written in Linear A and B? Are all your chips home-made?
And why would I do that? Are you stupid? (Well, you are an AC, so the question is redundant...)
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
What about: "Lock Her Up!" or "No Collusion"? Apparently, it DOES work!
"R"etard.
With a simple two button squeeze you can do as you take your phone out of your pocket. Then your phone will only unlock with the password (if you care about security, you use a passWORD, not a passcode)
Of course if the Feds bust down your door with guns drawn reaching into your pocket is probably a really bad idea, but they don't do that unless they already have so much other proof that keeping what is on your phone from them probably doesn't help you that much.
Don't use your index finger to unlock your phone.
At least on my phone, 5 incorrect finger print attempts locks out the finger print unlock until you enter the passcode.
It also won't let you use your finger print to unlock from a reboot.
acts like another bar on our prison cell. A new law or constitutional change won't prevent wrong doing by police. Companies also assume their patrons have broken some law and make their account, transactions, and video interaction easily available to the police, and even easier upon reasonable suspicion.
strong legal protection does not go far enough.. making it illegal to peek in my windows won't make me take down my drapes.
He is cheering the absolute opposite...
So you're the one who stole the election from Hillary. Damn you, russian hacker! IT WAS HER TURN!!!
Where are the goofy libtard comments?
I only clicked this uninteresting article in the hopes of reading some nutballs rant about Trump.
Disappointing.
Maybe people should exercise their 2nd amendment rights... that's what the president has previously said about opponents.
Do you vote? Do you buy stuff? Do you form opinions on any matter. What makes you think you're unimportant? You certainly express opinions on Slashdot. Being grey enough to not be worth spying on is very difficult when the price of spying on someone reaches zero. Worse, it reaches zero because YOU HELP THEM spy on you.
------
Look, what if Trump had been competent?
He has access to every US secret, and enough laws have been written to use a loyal FBI to spy on his political opponents. If he'd been a proper trojan President, USA would be p0wned now.
Putin would own 5 eyes countries. The Republicans would limp around covering for Trump, Nunes would leak away secrets on demand from the Whitehouse, Mitch McConnell would block any oversight. He'd plug Putin into all that data and all that surveillance network on the excuse of fighting ISIS, and you've lost everything.
The only thing that saved you this time was Trump's incompetence.
If Trump had been a proper Elop figure, you're lose everything.
What about
I thought you libtards were against "whataboutism", but there you go... As for the rest of your rant, you seem to be confirming what I say. "Lock her up" obviously hasn't worked very well for those who use it, and "no collusion" appears for the moment to be simply a factual statement along the lines of nabla dot B = zero, you can repeat it or not, it ain't gonna be any less true.
Seeing your very paranoid self online, one naturally wonders what kind of magic are you using to access those Internets. Your computer isn't much safer from your phone, yet here you are.
If you use a password or code to unlock your encrypted devices and data then (according to quite a few different court rulings) you are protected by the 5th amendment and can't be forced to give up the password or code (although exactly how far that protection extends depends on which court ruling(s) apply in your jurisdiction). No such protection exists when it comes to things like fingerprint or facial recognition or other biometrics.
Plus its a lot easier for bad guys (whoever they may be) to defeat biometrics. Not only are there all sorts of examples of how to defeat fingerprint recognition (including the Mythbusters busting all the fingerprint scanners they tried) but its a lot easier for a bad guy who wants to get at your data to grab you, grab your device and force your finger onto the sensor (or hold your face in the right place for the facial recognition to work) than it is for those same bad guys to force you to give up your secret code.
I personally do not use biometrics for anything (actually there is one place I do volunteer work at where they use a fingerprint scanner to scan people in and out but that's not for security, its only so they can verify who is in the building if something goes wrong) and will not do so in the future if I can avoid it (e.g. if my next phone has biometrics I will turn it off and not use it)
oh thats bad my final review https://myfinalreview.com/
Being dumb does change reality. Although dumb people are known to not get that. Well, I look forward to morons like you saying dumb things like "How could we have known?" and "It was xyz that ruined it!"
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Are you deranged? Why would I not use anything just because it is not trustworthy? Listen, moron, here is how you do it: You use it but you do not trust it. Takes two brain cells to rub together to see that though and you clearly do not have them.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Biometrics are notorious for being easy to fool, even the emerging 3D-face-scanning stuff coming out is going to be as bad, because the sensors can't be integrated into the chips themselves, in turn you could always just remove the sensor, replace it with a serial line, and spoof whatever signal it expected to see from a "3D" scan using an image.
Two-factor authentication is a joke when biometrics are involved, because the biometric component negates any other component. Security can't be about something someone has (e.g. CAC cards) and is (e.g. biometrics) alone - the something someone knows (e.g. password) is the most critical factor because it can't be stolen, it can't be spoofed, and in extreme cases it can't even be cut off with a saw or scooped out of an eyesocket with a spoon (at least, not directly.)
Making biometrics a part (yes, even a part) of a security deployment of any kind is akin to making everyone set up their full name as a username with their social security number as their password - it's fucking dumb to use public information (no matter how convoluted to spoof, because if it can be done it will be done) for security.
Well, who cares if government has more and more and more access to your "papers" as long as political factions aren't using it in violation of the 4th and 5th amendment to harm their political opponen...OH FUCK
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Problem is even if you get rid of your phone, pretty much every device nowadays is littered with sensors and internet access. TVs, cars, fitness devices, furniture etc. . Even if you got rid of everything in your own room, its even possible to spy on you from adjacent rooms (Wifi).
Privacy has competed with humans need for comfort and lost.
and the rising authoritarians in China and Russia, although admittedly they had a head start.
India is not far behind, nor Pakistan. Cuba was always in the vanguard ever since Castro decided to be la Suprema.
This is the event that made me realize digital privacy is important to anyone, not just those who know they are doing something they need to hide. There was a case a few years ago where some guy left his toddler in the carseat instead of dropping him off at daycare and the kid died. The police went through his online history and found he was talking to prostitutes and engaging in other extramarital, sexually deviant behavior. On that alone, they gave him life in prison because a jury believed he intentionally left the child to die based on that alone. I have no idea if that's what truly happened or not, maybe there was other evidence that really connected those dots. But based on what was in the news, I found that to be way outside of what a reasonable person would consider proving beyond reasonable doubt. It sounded more like a moralistic judgement based on his online activity that had nothing to do with the death. This is the problem as I see it; who gets to defines what 'normal' online behavior is? If you get accused of a crime you didn't do and it's discovered that you watched graphic accidents on LiveLeak, or perused escort ads, or looked at extreme pornography etc, there's no frame of reference for how "normal" or common that behavior is. Until that is better understood by the general public, any prosecutor can convince a group of 12 mediocre idiots off the street to convict you on any charge they want based on character assassination alone.
Rudy's on a train to nowhere, halfway across the line...
It was amazing how all of the media outlets took one "anonmous source" *cough* Rudy Giuliani *cough* and started echoing off each other to the point where it's now taken as fact. Of course doing it in the hopes it subconsciously works is good for ratings, so who cares about factual accuracy, right?
So, Trump signs the anti-privacy law that allows investigators to more uncover more of his crimes?
https://www.youtube.com/watch?v=q9RAZxNdCk8
I never said to get rid of it. Whatever gave you that idea? Just do not put stuff on it you want to keep secret.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Indeed. But the West was supposed to be the model that showed everybody how it could be done differently. Seems that failed and the whole world is going to hell. Again.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
It's all being used as smokescreen. Republicans keeping Trump safe long enough to get what they want from him. This border wall garbage has conveniently overshadowed the fact that we still have a $22 trillion national debt. We are all being played, and we will all throw our vote away again in 2020 just like we all did in 2016. Welcome to the new reality.
I'm a "Russian troll" and I don't care that you're being played. Just relax and try to enjoy it.
I don't own a smartphone, I don't search with Google, I keep my inbox to zero messages as often as possible and I never use biometrics. Man, it's too bad Trump didn't have me working for him! They'd have found nothing on me.
Are you talking to yourself again?
In this case the phones were unlocked because of the use of biometrics instead of password only protection. If they were locked only with passwords and Cohen didn’t cooperate, the FBI would have had to employ hackers.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Sasha, you obviously need to get laid. Surely SOMEWHERE in Kiev you can find a toothless crackwhore who will give it up for you.
You're wasting your time. The AC seems like a police-state apologist.
I would never own an "internet connected" vehicle. I may purchase one and then rip out the wifi/GSM module. But the sad part is the normies don't even understand what they are doing to their self. They think "OH LOOK I can browse facebook faster in my car now that I have car wifi!!" when in reality they are just helping track their family and children. The internet has been destroyed since the non nerds took over. I want it back damnit!
Yes to both. I am trying to follow George Charlin's advice to "just not give a shit" about ACs, but I clearly have some way to go still. Stupidity just sets me off.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
That's a red herring. The phone isn't so much a storage device itself, as it is conduit to all of your online data.
Learning HOW to think is more important than learning WHAT to think.
Since you are listening (well, as far as you are capable, which is clearly rather pathetic), obviously not.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I'm curious - why are you so quick to call anyone who questions your comment or respectfully disagrees with you stupid (or other ad hominem insults that aren't germane to the discussion )?
-Turkey
You give them more detail of the inner workings of you, when you play with their broken toys. You are mapping out more of your tiny little brain by trying to fool the collection pile. Think you can outsmart a pile? They are not looking at your data live, while you are inputting or taking actions. They collect the everything. They process what is in it, from every direction, once they finally gain interest in you. (thinking "Eww, I will search for "cats" at midnight, that will fool them. They will totally not know, and will think I like cats." They find later, "yeah, he searched for cats trying to play or something. It was his adjusted typing profile, and twenty seconds after he used his password on twitser. He also kept holding it at the same height in the air.)
It is due to way-too-smart-for-everyone rubes like you that bought the broken tech toys, allowing the collectors to mass produce, instead of waiting for the discussion on data safety.
Your little quirks and habits will stand out in the data, like your bad breath, and non-wiped bottom. Not like hygiene is expected with people like you that don't care about that with which you touch and play.
Lol, that's how I use your daughters. But only when I'm really drunk.
With biometric authentication, you are only protected by the 4th amendment. Your finger/face/etc. are akin to a key, and a warrant can compel you to unlock the device with it.
iOS devices auto-lock after eight hours after the last use of the device:
* https://www.macworld.com/article/3072181/new-touch-id-rules-why-you-have-to-enter-your-passcode-when-you-wake-up.html
See also the "cop button":
* https://www.imore.com/how-quickly-disable-touch-id-when-you-need-extra-security
But they didn't get enough.
You have no clue how things actually work. They do most decidedly not "collect everything". That would cause numerous problems, among them that their collection methods would be far too easy to detect. This is not a game that works well with a big ego (which you have in spades), bit one that requires some actual insight (of which you have none).
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Ah, no? It is not?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I take it English is not your first language? Why is it that uneducated rubes are the first to call people idiots and fools?
They do most decidedly not "collect everything"
Hahaha, the stupid guy thinks himself a privy to the inner workings of the intelligence services.
their collection methods would be far too easy to detect.
LOL, the stupid guy must have missed the stories about NSA having those little taps to all the telecom communications infrastructure, from the warmth of the offices of the telecom companies themselves to the cold of the bottom of the ocean. And we're not even touching their antenna business.
You must be really, really stupid to think that someone will go to these lengths to collect data and then don't collect and keep all of it. In an age when even a private company keeps all they can, even after a user asks for it to be "deleted"?
You're not just stupid, you're a certified idiot with less than amoeba intelligence and zero critical skills.
Lol, looks like we have a true badass over here...
I may purchase one and then rip out the wifi/GSM module
You obviously have not seen modern car electronics. Or ever opened a car hood.
the normies don't even understand
I have bad news for you, "nerd", you're one of them "normies". You're not Neo, not Morpheus, not even Cypher, just a larva of an agent stuck in a vat, probably not even a solitary vat ;)
Khuev is not in Russia, George. Khuev is a dirty hellhole manufactured by the prowestern Ukrainian "democrats", errr oligarchs.
If you think there inst an ESP8266 or equivalent somewhere in that PCM you dont understand how electronics work. Once you found the module you could easily disable it numerous ways. If it would cause the vehicle to stop working, well you return it as garbage and laugh at the poor fuck that has to push onto the lot after the AAA driver drops it in the middle of the driveway at my request. You seem to be the internet warrior going on about, well whatever it was that i could tell was a waste of time reading. glfh.
he should have used huawai
You went from telling of the concerns and danger of the collectors' toys, to arguing there is no danger "if you're smart", within a few exchanges with the AC. You even flustered your response, seething hate, but not actually saying anything more that was useful.
The collector is not one party, as everyone collects their little parts. The pile, and "the everything" is not a single collection. However, telling a questioning person, that does not seem to have a grip on how anything works, to go ahead and use the broken toys, is not a plan for the future. It was that geek excitement that got the idiots of the world interested in those dangerous things, before they were ready, much less safe.
You say everything is not saved, but you have no clue what is, and isn;t kept and for how long by any party, including the chips on your devices that cannot really delete completely. You disbelieve the government entities keep encrypted streams off the backbone lines, as long as they can, hoping to break it one day, but allowing parties to be connected while unreadable. All of that is nothing. Due to the various, and even innocuous, data being kept, something within it will become at least embarrassing, and possibly illegal, in the future near enough to cause you or someone you care for, pain, suffering, or time.
You think your computer and security activities and interests, make you all knowing, but they make you dangerous when seen by others. Slow down your roll. Your one liner responses seem to say you have a bit of stress built up, and it is affecting your responses. Don't add more over this.