When we think about security for our mobile devices, we’re usually protecting it from nefarious individuals. Well guess what? It apparently works both ways. In a story straight out of James Brown’s diary, the FBI is having a hard time busting a notorious San Diego pimp thanks to Android’s pattern lock feature.
After numerous arrests and jail time, Dante Dears — founder and head of “Pimpin’ Hoes Daily” (I’m not making this up) — found himself out on parole, shackled with a GPS monitor, and ordered to stay off the streets. He of course learned his lesson and gave up found craftier ways to run his hoe empire. Giving orders and setting up tricks via a Samsung Android phone, Dante Dears had women dropping off cash in fear of getting mobile bitch slapped.
After hours of surveillance and undercover work, FBI agents confronted Dears with the evidence and he quickly fessed up denied the allegations stating that the cellphone belonged to his sister. He eventually gave up the phone but being the security conscious pimp that he was, he had it protected with Android’s pattern lock feature — a feature which requires the user to drag a preset pattern across the unlock grid to gain access to the device.
The FBI sent the phone off to the FBI Regional Computer Forensics Lab in Southern California where technicians were defeated by the pattern lock and eventually locked out completely due to too many failed attempts. Since the device now requires Dears’ Google account credentials (which he isn’t giving up), the FBI is looking to Google to help them out. In a new warrant filed with the judge, the FBI asks Google to hand over:
- The subscriber’s name, address, Social Security number, account login and password
- “All e-mail and personal contact list information on file for cellular telephone”
- The times and duration of every webpage visited
- All text messages sent and received from the phone, including photo and video messages
- Any e-mail addresses or instant messenger accounts used on the phone
- “Verbal and/or written instructions for overriding the ‘pattern lock’ installed on the” phone
- All search terms, Internet history, and GPS data that Google has stored for the phone
There’s been no word from Google regarding the warrant or whether or not they will comply, but if we’ve learned one thing from this crazy ordeal, it’s that Pimpin’ ain’t easy… unless you have an Android phone with pattern lock.
Update: Google has provided ars technica with a general statement:
“Like all law-abiding companies, we comply with valid legal process. Whenever we receive a request we make sure it meets both the letter and spirit of the law before complying. If we believe a request is overly broad, we will seek to narrow it.”
Source: ars technica
13 responses to “Pimpin’ Ain’t Easy… Unless You Have An Android Phone With Pattern Lock”
Would google even have that info.
What does this have to do with any kind of Apple product?
If you’re a pimp with an iphone, it’s time to switch! Couldn’t resist.
Because this could not happen on a Apple product.
I’m not a pimp anymore. ;)
Well, it couldn’t happen on a Sears product either, so?
Is there any info Google doesn’t have about people?
In all seriousness, that really is what Google’s business is about. They want you to use all of their “free” services because they use them to know EVERYTHING about you, what you like, what you don’t like, where you live, where you travel frequently, what you email whom about what, who your friends and family and co-workers are and how you interact with them, what you work on, what you like to look at online, what you watch on TV, and what you buy online and offline and how much you’ll pay for it. That’s how they make their money: knowing everything about you and selling that info to other companies. I bet even the least security conscious folks would be scared out of their minds if they realized how much Google knew about them.
Some people don’t mind it because then they get “relevant ads” online. It’s a bit steep a price to pay for me. I’m trying really hard to get away from that as much as I can. No more Gmail or Docs; not touching Google+, Wallet, or Google TV; even trying to weed out Google Search, but Yahoo and Microsoft aren’t making that easy (not as many relevant results).
But out of that list that the Feds are asking for, they probably “only” don’t have Social Security number. And even then, I wouldn’t put it passed them…
A fascinating case that most here will most likely not comprehend the scope. “……..American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case.Judge Robert Blackburn ordered a Peyton, Colo., woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21–or face the consequences including contempt of court.”I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer,” Blackburn wrote in a 10-page opinion today. He said the All Writs Act, which dates back to 1789 and has been used to require telephone companies to aid in surveillance, could be invoked in forcing decryption of hard drives as well.Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody may be “compelled in any criminal case to be a witness against himself,” which has become known as the right to avoid self-incrimination.Ramona Fricosu, who is accused of being involved in a mortgage scam, has declined to decrypt a laptop encrypted with Symantec’s PGP Desktop that the FBI found in her bedroom during a raid of a home she shared with her mother and children (and whether she’s even able to do so is not yet clear).Colorado Springs attorney Phil Dubois, who once represented PGP creator Phil Zimmermann, now finds himself fighting the feds over encryption a second time.”I hope to get a stay of execution of this order so we can file an appeal to the 10th Circuit Court of Appeals,” Fricosu’s attorney, Phil Dubois, said this afternoon. “I think it’s a matter of national importance. It should not be treated as though it’s just another day in Fourth Amendment litigation.” (See CNET’s interview last year with Dubois, who once represented PGP creator Phil Zimmermann.)””
In March 2010, a federal judge in Michigan ruled that Thomas Kirschner, facing charges of receiving child pornography, would not have to give up his password. That’s “protecting his invocation of his Fifth Amendment privilege against compelled self-incrimination,” the court ruled (PDF).
It is a fascinating legal question rather than technical one:
“Prosecutors in this case have stressed that they don’t actually require the passphrase itself, and today’s order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding “the password to the drive, either orally or in written form.”Because this involves a Fifth Amendment claim, Colorado prosecutors took the unusual step of seeking approval from headquarters in Washington, D.C.: On May 5, Assistant Attorney General Lanny Breuer sent a letter to Colorado U.S. Attorney John Walsh saying “I hereby approve your request.”The question of whether a criminal defendant can be legally compelled to cough up his encryption passphrase remains an unsettled one, with law review articles for at least the last 15 years arguing the merits of either approach. (A U.S. Justice Department attorney wrote an article in 1996, for instance, titled “Compelled Production of Plaintext and Keys.”)Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.
The concept is the same.
I pray the big G has a spine and tell them to “Suck It!”
I’m a PMP does that count?
What a coincidence! I just saw the exact same article over on CultOfCraftsman!
Dude, I LMAO!!