Michigan Cops Snoop On Cellphones

[Lightnin]

Bricker:

So far as I can determine, the out-of-the-box Bluetooth configuration for many phones would not permit this to happen without some intervention at the phone itself – that is, even if Bluetooth is enabled, an attempt to connect to the phone via Bluetooth requires an affirmative step at the phone (“MSPHackerD00d is trying to connect. DO you want to allow this connection?”)

I don’t know that I can say that for every phone, or what percentage of phones might have had their default configuration changed to allow prompt-free Bluetooth connections.

But overall, I regard the possibility that the MSP has devices that can dump your phone’s data without ever having physical control of your phone to be highly remote.

That’s pretty much the concept behind DEFCon’s Wall of Shame. Moral of the story? If you go to DEFCon, make sure your phone is locked down tight.

So yeah, it is possible. That said, though, I can’t imagine that the MSP routinely do it, if at all.

[Cicero]

Why would anyone give a fuck about it anyway?

[Shirley_Ujest]

Wheelz:

Hell, tell them they can sit me at a computer with the proper access and I’ll do it for $500,000. No matter how long it takes.
There, I just saved the MSP $44,680.

They could probably get a couple of teenagers to do it for the cost of a new laptop.

[Bricker]

Lightnin:

That’s pretty much the concept behind DEFCon’s Wall of Shame. Moral of the story? If you go to DEFCon, make sure your phone is locked down tight.

So yeah, it is possible. That said, though, I can’t imagine that the MSP routinely do it, if at all.

That specific link describes a DOS attack against the author’s phone, but it also hints that some other vulnerabilities exist. Since she mentions wifi, and the “Wall of SHame” mentions user names and passwords, my first take was that the data that was exposed was found via sniffing of wifi connections and capturing user credentials used in web access via the phone.

Is there any definitive example of being able to wirelessly hack into a phone, without ever needing physical access, and retrieve stored data on the phone?

[RitterSport]

Cicero:

Why would anyone give a fuck about it anyway?

First, they came for my smartphone, but I did not protest because I didn’t have a smartphone…

[Boyo_Jim]

Then they came for the iPads…

Then they came for the laptops…

Then they came for the pencils…

[levdrakon]

Boyo_Jim:

Then they came for the pencils…

I have a technology that allows me to “read” what is written in pencil from at least 3’ away, without the user ever knowing. I’m not sharing it until I get the patent though.

[Morgenstern]

I may have missed something here. Have they actually used this thing to collect data from a non-consenting person? Or do they possess this as a tool for those events when a search warrant is issued?

[Cheesesteak]

Morgenstern:

I may have missed something here. Have they actually used this thing to collect data from a non-consenting person?

I’d be happy to answer that for you, once you pay me a half million dollars.

[RitterSport]

Morgenstern:

I may have missed something here. Have they actually used this thing to collect data from a non-consenting person? Or do they possess this as a tool for those events when a search warrant is issued?

That’s the question that the ACLU is trying to get answered.

[Morgenstern]

I see. It’s just that the OP said Michigan cops snoop on cell phones and I didn’t see a reference to it.

[chela]

The local scoop

This story was on the news last night, seems to me the one officer in 12 counties who was trained on it, had to get the thing of the storage to share how it’s used.
I do agree with the following post…

I think there are two equally likely scenarios as to how these things are being used.

1. Somebody had to spend a bunch of Federal grant money by the end of a fiscal year, and bought these things along with a whole bunch of other stuff that they had no specific need for, and they’ve sat on a storeroom shelf ever since.

2. The state cops and maybe Detroit and a couple of other bigger cities have some “elite” intelligence units that use them related to investigating gangs/organized crime/drug smuggling. They may not want to even acknowledge the existence of such units, let alone who they are investigating. Of course, that’s not to say they’re not violating suspects’ rights when they do use them.

In any case, it’s impossible to believe they’re being used on a widespread or even random basis. There simply aren’t enough of them.

[Boyo_Jim]

Morgenstern:

I see. It’s just that the OP said Michigan cops snoop on cell phones and I didn’t see a reference to it.

The article in the OP says the Michigan cops claim the right to search and seize all your your cell phone data without a warrant or consent or even your knowledge.

As far as any of us can tell, the only thing that can be verified is that they have the technology to do this. No one seems to know if they are actually using it. No one has produced a written policy from the cops stating under conditions it might be used.

The Michigan ACLU is concerned about the potential for abuse, and has requested records of how it has been used, and the Michigan cops are making it prohibitively expensive for them to do so. Whether the cops actually have something to hide or they’re just general assholes to the ACLU on principle has yet to be determined. Could be both.

The article link to in the OP is supposedly about the ACLU’s attempts to investigate, but it claims more than the ACLU actually does with substantiating any of the claims.

[Bricker]

Boyo_Jim:

The article in the OP says the Michigan cops claim the right to search and seize all your your cell phone data without a warrant or consent or even your knowledge.

As far as any of us can tell, the only thing that can be verified is that they have the technology to do this. No one seems to know if they are actually using it. No one has produced a written policy from the cops stating under conditions it might be used.

The Michigan ACLU is concerned about the potential for abuse, and has requested records of how it has been used, and the Michigan cops are making it prohibitively expensive for them to do so. Whether the cops actually have something to hide or they’re just general assholes to the ACLU on principle has yet to be determined. Could be both.

The article link to in the OP is supposedly about the ACLU’s attempts to investigate, but it claims more than the ACLU actually does with substantiating any of the claims.

Excellent summary.

[Bricker]

Hamlet:

I’ll note that this seems the Michigan ACLU is following the federal ACLU’s lead, at least in the general sense, in regards to the federal warrantless searches of cellphones and computers, which is outlined by the ACLU

Boyo_Jim:

The Feds say they do this only to phones and computers crossing the national borders. I would leave it to the lawyers as to whether this distinction is relevant, but it seems really unlikely that Michigan would have the same intent.

The distinction is highly relevant. For Michigan to use this technology with a warrant is, as I said in my first reponse, an outrageous and blatant violation of the Fourth Amendment.

But for the feds at the border, it’s not. 19 U.S.C. § 1582 provides:

…all persons coming into the United States from foreign countries shall be liable to detention and search by authorized officers or agents of the Government…

And caselaw supports this broad power:

It is well-established that the sovereign need not make any special showing to justify its search of persons and property at the international border. United States v. Flores-Montano, 541 U.S. 149, 152-53 (2004) (“Time and again, [the Supreme Court] ha[s] stated that searches made at the border, pursuant to the longstanding right of the sovereign to protect itself by stopping and examining persons and property crossing into this country, are reasonable simply by virtue of the fact that they occur at the border.” (quoting United States v. Ramsey, 431 U.S. 606, 616 (1977))); Seljan, 547 F.3d at 999-1000. Rather, it is the traveler who must demonstrate he is entitled to cross our borders and to bring with him whatever he may wish to carry. Carroll v. United States, 267 U.S. 132, 154 (1925) (“Travelers may be so stopped in crossing an international boundary because of national self-protection reasonably requiring one entering the country to identify himself as entitled to come in, and his belongings as effects which may be lawfully brought in.” (emphasis added)); Torres v. Puerto Rico, 442 U.S. 465, 472-73 (1979) (“By reason of the [United States’ inherent sovereign authority to protect its territorial integrity], it is entitled to require that whoever seeks entry must establish the right to enter and to bring into the country whatever he may carry.” (emphasis added)).

Quoting U.S. v. Cotterman.

[gonzomax]

The State Police do not police the borders. They are primarily the cops on expressways in Michigan.

[Gary_Kumquat]

spooje:

Getting detailed records, the MSP claimed, would cost $544,680 to pay for the time and effort of retrieving the data and assembling the documentation describing what the State Police were doing with the cell phone data extractors.

Wow. Is THAT a lot of horseshit.

I could tell you, but then I’d have to bill you.

[Hbns]

Let me see if I have this.

The MSP have this device that can do something with cell phones but nobody (except them and the manufacturer?) is really sure what it can do or how it can be used?

The ACLU files some FOIA requests for discovery purposes to get a definitive answer as on how the device is being used.

A Journalist stumbles across the ACLU requests and puts A and B together and makes the logical leap that the MSP can dump your phone simply by pulling up behind you with their cruiser. :smack:

[CalMeacham]

Hbns:

Let me see if I have this.

The MSP have this device that can do something with cell phones but nobody (except them and the manufacturer?) is really sure what it can do or how it can be used?

The ACLU files some FOIA requests for discovery purposes to get a definitive answer as on how the device is being used.

A Journalist stumbles across the ACLU requests and puts A and B together and makes the logical leap that the MSP can dump your phone simply by pulling up behind you with their cruiser. :smack:

No – the bit about remotely accessing your data isn’t in the cite the OP references, and it’s clear from the manufacturer that the device plugs in and downloads cell phone contents. The idea that it works remotely seems to have been spontaneously generated by this thread. The claim is that they might be doing this to people who have not committed any crime. If so, it seems like it would b a blatant invasion of privacy. But no one has made any charges of this yet AFAIK, and the ACLU is seeking records to see how the device has been used.

Whether someone has claimed such invasion of privacy but can;t prove it, or if somethig makes the ACLU suspect this is the case, or if they’re pre=emptively investigating hasn’t been stated. But the Michigan State Police are claiming that it would require a hefty bond for them to release the data.

[gonzomax]

They bought the devices. Furnished them to the police, But they don"t use them? OK. I guess I should believe anything now.