12mo ago

FBI cracks phone belonging to Trump rally shooting suspect

www.theguardian.com

Federal investigators are analyzing device’s content, although it is unclear how agency gained access

The FBI has gained access to the phone of the suspected gunman who opened fire on Donald Trump’s rally and is analyzing the device’s contents, the agency stated in a press release on Monday afternoon. The shooting, which killed one audience member and left Trump bleeding from one ear, is being investigated as an assassination attempt.

Authorities have been working to determine the motive behind the attack at Trump’s campaign rally on Saturday, but no clear picture has yet emerged. The gunman, identified as 20-year-old Thomas Matthew Crooks by the FBI, was shot and killed in the incident.

Federal investigators announced on Sunday that they had obtained Crooks’s cellphone, but had issues with bypassing its password protections to access the data within. FBI investigators then shipped the phone to a lab in Virginia, where agents successfully gained access, per the bureau’s press release.

92 comments

Something sus about how quickly they can unlock phones when it's attempted murderer killed dead and murder victims killed dead.
- Cracking a phone is pretty doable. Cracking phones in a way that will hold up in a court trial, much more formal.
- look into celebrite
  I think there's videos on youtube.
  they can plug in most phones and have access to everything through an easy gui
  
  I would definitely not call Cellebrite an "easy GUI" and they definitely don't get into most devices. Ive seen devices take months to unlock, if ever.
  
  Cellebrite machines were used to copy contacts and messages and call logs from one phone to another, back in the day before Android and iPhone. There was little to no security on dumb phones back then... and you still needed the customer to put the PIN in and unlock their phone before using the Cellebrite. They came with a million different kinds of USB -> phone proprietary adapters, because mini and microUSB hadn't bee adopted yet as a standard.
  Source: I used to do this sort of thing on a Cellebrite.
- Most phones are locked with a four digit numerical PIN. The current technique is taking an image of the flash memory, and reflashing the memory after every few attempts.
  It still takes a bit longer than straight brute force without a temporal lockout, but it’s still pretty trivial.
  
  If it was biometric login, even easier. Would've gotten in before thebody even got cold.
  
  15 years ago, yes, nowadays especially on iPhone this does not work at all
- If it used face unlock, just have the dead body and prop the eyes open and you’re in?
  
  Fingerprint unlock would be even easier.
  
  If I remember right, samsung/iphone face unlock won't work on a corpse since it relies (at least in part) on infrared constellations that incorporate patterns formed by subdermal capillary networks and death obviously disrupts those.
  
  I shouldn't have, but I smiled.
  I should clarify: I meant that if they're law enforcement does the killing, cracking the phone takes much less time than it does when the phone belongs to the murder victim.
- Dude... my niece can unlock my phone while i sleep by putting my finger on the sensor.
  I wouldn't be surprised if it would recognize my face while sleeping too
  
  iPhones require your eyes to be open and looking at it, so I imagine Androids have something similar.
phone model?
- Asking the real questions here
- I think it was an apple.
- Hopefully they don't keep it classified. Maybe one of his friends got a "shooter likes this" message?
I wonder if they stuck his thumb on there. He is dead after all.
- I get the feeling I'm the only person who doesn't use fingerprint readers (due to this and just some bad experiences with them not working right in their earlier days on phones).
  
  I also don't, but I'm also not planning on committing crime.
  
  I use them but know I can restart my phone to force a full login. Usually throwing it does the job.
- It says they had to send the phone to a lab in Virginia, so obviously not.
  
  So you cut off the thumb and ship it
  Or make a casting
  There's a million ways they could do it
Anyone know what kind of phone they reported they cracked? This should bring fear to anyone who cares even a little about privacy.
Otherwise, it will become normal to question why you take a shit with the door closed (what are you hiding in there?) slippery slopes and what-not.
- Unless you please provide sources, I don't fucking believe a word anyone says on the internet, and assume you are full of shit. Apologies if I sound rude, but I hate how people say shit like what you say and we all simply must take your word for it.
- It doesn’t matter. If a nation state is a wants access, they’re gaining access.
  It’s probably an exploit from that Israeli cyber company that I forget the name of.
  
  Cellebrite is the name, I think.
  Or are you thinking about pegasus?
- On the scale of privacy concerns, anything that starts with "they took physical possession of my device" ranks pretty low on my list.
- Any (western designed) phone. It doesn't matter. All your data belongs to us. Them.
- Bro,
  https://en.wikipedia.org/wiki/Cellebrite
  Makes them look incompetent to work so hard to get in
- I more curious for the android iphone debate. What the more popular phone amongst presidential assassins?
- Do you mean like an eye tracking system for headsets in wt? I've always just used vr if I wanted that capability.
- Yeah FRP unlock for a while was definitely bypassable on several phones, I unlocked a few that way. Not sure if it is still possible now, haven't bothered tinkering. 😅
Investigators couldn’t get in with 1234, so they shipped it to their lab to try 5678
Wonder if this was one of the latest flagships or something older
- Not 000000?
Bro forgot to turn off his phone before they shot him.
- If he had fingerprint unlock it would be pretty easy to get in considering they have access to his fingers. Facial recognition... less successful in this case.
  
  Most phones actually require pin/password on boot, and only let you use fingerprint/face unlock to unlock later in the session, as a security feature. So if he turned his phone off, even that wouldn't work.
  
  Gotta turn the phone off so it makes you actually log in.
I hate when that happens. Now they'll have to take it to one of those repair places.
- Look, we have a bastardized version of right to self repair, so they should just give it back to the owner. He might have problems fixing it, but still.
Crooks, who left behind no immediately available manifesto or record of the attack, unlike many other modern assassination plots or mass shootings. He was registered as a Republican voter and donated $15 to a Democratic-allied organization but did not maintain a large online presence.
Well this is thoroughly unhelpful.
- Someone with the same name made the donation. At this point, we do not know if it was the assassin who made the donation, or an 80 year old with the same name.
  
  IIRC the donation had his address on it, they do in fact know it was him.
  
  It literally has the address of his house on it.
- He donated money when he was 17. It was $15.
- It's the same info we knew 2 days ago, so and nothing was added, from the phone
unless brute force was done, it might be a cold boot, usb exploit or bootloader exploit by physically accessing the storage.

92 comments