Feds are constantly on the back foot in the race to crack encryption, but with modern Google Android devices they’re making significant advances, allowing them to bypass the passcodes of Samsung and HTC cellphones, as revealed in a just-unsealed search warrant.
The warrant details a child abuse investigation, in which a suspect’s Samsung S7 and unspecified HTC model were seized. The cops said that “in or about August 2016” a forensic analyst found a way to bypass the lock on the Samsung device, “but was able to extract only limited data.” That included “eleven video files depicting child pornography including one with bestiality,” the warrant read.
The cops now appear to have overcome the limitations of that previous hack, according to the warrant, which was filed on September 8. That’s thanks to “innovations in software which enable an examiner to bypass the locking feature of the Subject Telephone and perform a full extraction.” That should allow for a fuller analysis of the device, the warrant noted. It didn’t say what software was helping them.
As for the HTC phone, cops were initially unable to bypass the lockscreen, but “advancements in HSI forensic resources” helped them get around the security mechanism and on May 24 a warrant was granted to search the device. The phone was found to contain images of children involved in sexually-explicit activity and communications between the suspect and a minor females named in an indictment, according to the warrant. The warrant also claimed the suspect, Aaron Drake Buckner, used various social media applications, including Kik, WhatsApp, SnapChat and Facebook, and that he was part of group chats through Kik “where the participants talk about sharing images and videos of ‘young.'” Forbes recently detailed Kik Messenger’s significant child exploitation problem.
Buckner has filed a not guilty plea, with a trial scheduled for December.
Cops’ favorite phone hackers
The news comes not long after one of U.S. law enforcement’s biggest phone cracking contractors, Cellebrite, added a capability to its UFED tool that allows cops to break Samsung S7 passcodes with ease. The UFED device is a user-friendly tool that police can operate on the move or in their forensic labs to quickly gain access to data on a mobile device. A source close to Cellebrite, which has been enjoying some record business in the U.S. of late, told Forbes that the Samsung S7 feature was added in August. But the company has been able to break the passcode in its own labs since March 2016, the month of the Samsung S7 launch.
Neither HTC nor Samsung had responded to requests for comment at the time of publication.
Cellebrite, which claims it can break into iPhones up to the 6S too, is far from the only player in town. Forbes recently met a handful of Russian hackers who’re helping law enforcement with the so-called “going dark” issue, where investigators are struggling to pull together evidence masked behind layers of encryption.