The exact circumstances around the search are not known. But activist Samuel Tunick is charged with deleting data from a Google Pixel before CBP’s Tactical Terrorism Response Team could search it.
Always turn your phone offer before deplaning and don’t turn it back on until you’ve cleared customs. You can refuse a search and even if they take your phone they still don’t have a method of decrypting a phone that’s encrypted at rest after being turned off and all biometrics are disabled on start up until a password is entered (most phones).
You’ll most likely lose your phone and a few hours but that’s what you have backups for.
You should read up on Celebrite. They most definitely can get into a wide variety of phones from a cold boot. GrapheneOS seems to be one of the only ones that make their job hard.
They can and still will run it through a password cracker with a dictionary provided the phone has some method of either exposing the password hash or can be bruteforced on device similar to PIN bruteforcing.
You can refuse a search
Which can lead to an up to 24 hour detainment which CBP has been allegedly doing, so do know the consequences.
Curious, how does that work? 10000 possibilities aren’t many but you get 30s break every 3 failed attempts then 5 more then its every single failed attempts so that’d be ~5000minutes so that’s about 3 days. Assuming they get “lucky” it’s about 1.5 day. I don’t know though what happens after 20 failed attempts, maybe it’s 1min break or 20min break.
Basically, does PIN bruteforcing actually work and if so on what timeframe?
I think Apple has fixed this, but they would remove the battery, hook it up to external power. When unlocking, there was a pause/dimming on the phone to show it was wrong, and the computer hacking it would kill the power before the phone wrote that there was a bogus attempt, so you got infinite attempts.
I don’t think infinite attempts is the issue, I think the timing of those attempts is what practically limit the usefulness of the attack. Here in the Apple example I imagine rebooting the phone takes longer than 30s. Also if one goes to the length of removing the battery of an iPhone to crack it, this is a pretty serious attempt. One better have proper protections in place.
Reminder that Apple/Google will absolutely give law enforcement all your cloud data if presented with a warrant. I know this for a fact. Most people’s phone data is synced to the cloud. Be careful out there folks.
And this is why encrypted backups should become the norm. Sure, they could always try to crack the encrypted file after it gets turned over, but (assuming you have a good password set for your account) we’re talking about a scale somewhere between “a few billion years” and “the heat death of the universe” with conventional (non quantum) computers.
That’s also why I have advanced protection turned on. Granted they could always get the encrypted blob and try to crack it at that point, but there has to be some point you’re willing to draw the line.
Always turn your phone offer before deplaning and don’t turn it back on until you’ve cleared customs. You can refuse a search and even if they take your phone they still don’t have a method of decrypting a phone that’s encrypted at rest after being turned off and all biometrics are disabled on start up until a password is entered (most phones).
You’ll most likely lose your phone and a few hours but that’s what you have backups for.
I always wipe my phone before traveling.
There’s nothing in my phone that I’d be the least bit worried about “getting out” but it’s the principle of the thing.
You should read up on Celebrite. They most definitely can get into a wide variety of phones from a cold boot. GrapheneOS seems to be one of the only ones that make their job hard.
*presuming you have a strong password set
They can and still will run it through a password cracker with a dictionary provided the phone has some method of either exposing the password hash or can be bruteforced on device similar to PIN bruteforcing.
Which can lead to an up to 24 hour detainment which CBP has been allegedly doing, so do know the consequences.
Curious, how does that work? 10000 possibilities aren’t many but you get 30s break every 3 failed attempts then 5 more then its every single failed attempts so that’d be ~5000minutes so that’s about 3 days. Assuming they get “lucky” it’s about 1.5 day. I don’t know though what happens after 20 failed attempts, maybe it’s 1min break or 20min break.
Basically, does PIN bruteforcing actually work and if so on what timeframe?
I think Apple has fixed this, but they would remove the battery, hook it up to external power. When unlocking, there was a pause/dimming on the phone to show it was wrong, and the computer hacking it would kill the power before the phone wrote that there was a bogus attempt, so you got infinite attempts.
I don’t think infinite attempts is the issue, I think the timing of those attempts is what practically limit the usefulness of the attack. Here in the Apple example I imagine rebooting the phone takes longer than 30s. Also if one goes to the length of removing the battery of an iPhone to crack it, this is a pretty serious attempt. One better have proper protections in place.
Reminder that Apple/Google will absolutely give law enforcement all your cloud data if presented with a warrant. I know this for a fact. Most people’s phone data is synced to the cloud. Be careful out there folks.
And this is why encrypted backups should become the norm. Sure, they could always try to crack the encrypted file after it gets turned over, but (assuming you have a good password set for your account) we’re talking about a scale somewhere between “a few billion years” and “the heat death of the universe” with conventional (non quantum) computers.
That’s also why I have advanced protection turned on. Granted they could always get the encrypted blob and try to crack it at that point, but there has to be some point you’re willing to draw the line.
I would fully expect any cloud provider to do the same given a warrant, but I’ve heard some will provide data simply because it was requested.
at this point just leave your phone at home or get burner for this exact purpose