Michigan Cops Snoop On Cellphones

Not the same, because apparently it can be done secretly – with no physical connection. Which apparently means this thing can order your phone to transmit all its data.

I think Bricker was correct in an earlier post – the ACLU doesn’t know whether the police are using this or not. They are concerned how it might be used, but they are not aware of any specific instance where it has actually been used. Which isn’t surprising, since it is apparently designed to be used covertly.

Next question is: Is this a feature or a glitch?

Under what circumstances would a user want to transmit all of their data to someone/something? I can see syncing with a PC or another phone or something, so is this just exploiting that loophole? I mean, this looks way beyond syncing up your contacts list.
This seems like a valuable LE tool, but also something that could be very prone to abuse.

Except you wouldn’t file the information in the officers’ logs in the first place. You’d archive it with usage logs for the devices themselves (on what dates was this device issued/turned in/serviced/had data files accessed?).

I’m mindful of the fact that they (the MSP) have only been reported to have acquired a limited number of these devices. And I’d like to believe that they have only been deployed on a pilot basis and that only to the point of being used for training. But it should seem that such a response could have been made for free, and to back-up such an assertion shouldn’t cost anywhere near half a million dollars.

So I’m afraid the price tag is still a red flag.

I’m not sure what you mean by glitch? A bug? I can’t imagine something so powerful and comprehensive being an error.

And yes, I can see there might be a reason for a user to dump out all data at once – upgrading to another phone for instance – though I’m not sure whether the wireless part would be necessary for that.

This equipment that the MSP got can supposedly get any stored pics, text messages, the address book, and I don’t know what else. I suppose it could be said that the fact that this is possible means cell phone manufacturers didn’t close all the potential security holes. So in that way it could be said to be a glitch.

Or maybe this gear exploits some “back door” designed into cell phone technology for reasons as yet unknown. Since apparently works on a bunch of different kinds of cell phones… well, I can’t imagine they all have the same accidental security holes.

It’s the “back door” aspect that interests me. Is this a door users will now be able to slam shut, or will circumventing it violate a law we didn’t notice we had?

Here’s the device.

Seems to require physical access to the phone.

Undoubtedly this is the case, because if this device worked without physical access that would imply a security hole in the design of the cell phones so big that you could drive the shuttle launch vehicle through it.

By “secretly download the data,” they probably just mean that you can take everything off the phone in a few minutes, and after the owner gets the phone back, they’ll be none the wiser that this process occurred. Not exactly rocket science, really.

the webpage for the manufacturer had faraday bags so I bet if you put your phone in one they couldnt suck it … so you just have to lock it into a ‘bank deposit bag’ lined with faragay cage stuff, make sure that a drug doggie can sniff it clean, and bobs your uncle

So, if I wanted to know if the Michigan State Police used their radar guns in the last six months, it would cost $500,000.00?

Possibly, but presumably the Michigan Highway Patrol has hundred of radar guns. They have five of these phone-data-sucker things.

I don’t think it’s any big secret that the state police is using radar guns, or firearms, or patrol cars, or various other equipment. Is there a compelling reason why the MSP apparently will not reveal whether it is extracting cellphone data using these devices?

The ACLU letter makes six requests for information, only one of which arguably might require significant time and expense on the part of the state police (providing exact details of when the devices have been used over a set period of time). Other requests, including cost of acquisition, department policy regarding the circumstances under which such devices may be used and whether cellphone owners are notified that their data has been retrieved do not seem burdensome or involve secrets that the public has no business knowing.

Yeah, what I meant was what you hinted at; is this just a massive security flaw(glitch), or if this is just taking advantage of an otherwise useful feature (data dumping).

The link I pointed to lists what can be captured; basically anything on the phone including deleted call history.

I also briefly watched the instructional video. They do recommend connecting the phone via USB to the device, but say that you can use Bluetooth or infrared connectivity as well, which implies remote access (how remote, I don’t know).

Wonder if we’'l see apps or hacks that block, or at least indicate that this type of access has occurred.

It seems as if you’re correct, though I’m sure one of the links led to a document that said, “without your knowledge”, which I assumed to mean “remotely”. It seems to me if they physically take the phone out of your pocket, they could hardly swipe it’s data without your knowledge.

It’s all the more curious since if the police do physically seize the phone, even for a few minutes at a traffic stop to do a data dump, you’d think somebody would have complained. The ACLU would have had one or more specific dates/times/locations to specify in their FOIA requests.


http://www.cellebrite.com/forensic-products/ufed-physical-pro/ufed-physical-supported-phones.html has the supported phones, and what methods work.

My Nexus requires the cable, but some phones support bluetooth access. A simple fix is to turn off bluetooth, it shouldn’t be on unless you’re using it anyway for exactly these reasons.

Ah, here is the document I read, and from it I assumed this data dump could be done with wireless technology.

It is an ACLU press release. Among other things, it says:

If the police grab my phone, go back to their cruiser and plug it into some gizmo, I would be pretty damn sure they were getting data out of it. Even if they give it back to me later.

I responded to Bricker’s post before I saw this. IR requires line of sight, but could potentially done from, say, across a room.

Bluetooth, I don’t know much about. though it’s supposed to be very short range. Here’s a little blurb about Bluetooth security, including the fact that viruses can spread phone to phone via Nluetooth.

Ok, here’s anotherwhich says some Bluetooth devices (not specifically cell phones) have a range of up to 100 yard

I thought it was relatively routine for police arresting or even in some situations just detaining someone to do a search for weapons, at which time the items you have on you are separated out and gone over for drugs and other potential goodies of interest. If you’re sitting in the back of a cruiser, you may have no idea that your cellphone has been taken over to another officer who has a device extractor capable of downloading your records in a few minutes. Then (theoretically) it is returned to you and you are none the wiser.

I think it’s unlikely routine data dumps are performed on average Joes’ cellphones in this manner*, or that there’s a racist plot within the state police to single out black people and search their phone files to get evidence on which to accuse them of crimes. Is it feasible for the MSP to clarify what they’re doing, perhaps saying 1) We’re only studying the use of these devices and no one’s data will be accessed before guidelines for legal use are in place, or 2) Our policy is to permit use only in defined investigations of criminal suspects in accordance with state and/or federal laws, or 3) We can dump data off your cellphone any damn time or place we want to, whether or not you’re suspected of committing a crime, and there’s no law to stop us, bwa-ha-ha-ha!

I suspect #2 is the case, but we don’t seem privileged to know that yet.

*it’d take lots of time and manpower to sort through a zillion hours of boring bullshit to get to the interesting criminal stuff.

I wonder if they use it in accident investigations?
In my state, personal injury accidents seem to often have a description of call times and/or text logs if distracted driving or texting is suspected.

I imagine this info can be retrieved from the Telco, but the device describe here would seem to allow on the spot aquisition of the relevant facts. I wonder if they use it in this capacity?

In my opinion, the MSP is being clearly and obviously obstructionist in their response to the ACLU.

But I think the summary of facts as presented in the linked commentary provided by the link in the OP is wildly reckless. Note that this isn’t the ACLU’s fault: their words have been measured. But the commentators that read and rephrased the ACLU’s language have gone overboard.

So far as I can determine, the out-of-the-box Bluetooth configuration for many phones would not permit this to happen without some intervention at the phone itself – that is, even if Bluetooth is enabled, an attempt to connect to the phone via Bluetooth requires an affirmative step at the phone (“MSPHackerD00d is trying to connect. DO you want to allow this connection?”)

I don’t know that I can say that for every phone, or what percentage of phones might have had their default configuration changed to allow prompt-free Bluetooth connections.

But overall, I regard the possibility that the MSP has devices that can dump your phone’s data without ever having physical control of your phone to be highly remote.

No pun intended.

I’m fairly sure that the phone still needs to be paired to the device to work over bluetooth. They still need physical access for that. They support way too many phones over bluetooth to hack each device to work without pairing.