Smartphone Forensics to Detect Distraction

The company Cellebrite is developing a portable forensics device that would determine if a smartphone user was using the phone at a particular time. The idea is to test phones of drivers after accidents:

Under the first-of-its-kind legislation proposed in New York, drivers involved in accidents would have to submit their phone to roadside testing from a textalyzer to determine whether the driver was using a mobile phone ahead of a crash. In a bid to get around the Fourth Amendment right to privacy, the textalyzer allegedly would keep conversations, contacts, numbers, photos, and application data private. It will solely say whether the phone was in use prior to a motor-vehicle mishap. Further analysis, which might require a warrant, could be necessary to determine whether such usage was via hands-free dashboard technology and to confirm the original finding.

This is interesting technology. To me, it feels no more intrusive than a breathalyzer, assuming that the textalyzer has all the privacy guards described above.

Slashdot thread. Reddit thread.

EDITED TO ADD (4/19): Good analysis and commentary.

Tags: , , ,

Posted on April 13, 2016 at 6:51 AM117 Comments

Comments

bkd69 April 13, 2016 7:08 AM

It is more intrusive. And unnecessary. The activity in question can be discovered simply by subpoena from the carriers, and given the amount of unrelated data we carry on our phones, it constitutes an overly broad search. I have yet to see any report that details whether this tech requires some form of user compliance to unlock the phone beforehand.

Alien Jerky April 13, 2016 7:32 AM

Assume the law passes and the device has the proposed safeguards. Within a (very) short period of time, the safeguards will be “slightly” weakened to gather that one more piece of information. Then weakened a little more, then more. Then some police department will hire a programmer to make a work-around that simply sucks down everything from the phone to be processed later. But of course once they have all that information, we know they will not misuse, or misinterpret the data. After all, no precedent exists where government ever acted inappropriately, or ignorantly. or maliciously, or illegally.

If they can buy a “legitimate” device to suck out information, why not just buy an “experimental” device that sucks down everything.

Oh, then there is the possibility they might inject spyware. Then there are the hackers that infect the computer used to analyze the reading device data that gets a piece of malware that works its way into the device which injects malware into your phone, unknown to all parties.

So many possibilities of ways this can go wrong.

Consider this scenario. You are the driver. You hand your wife your phone so she can make a call, from the passenger seat. Another car illegally turns in front of you and hits your car. Their fault. You take your phone back from your wife and call insurance agent, friend to come pick you up, towtruck, whatever. Police arrive to do an accident report. He takes your phone and scans it. Oh look, you were talking on your phone when the accident happened.

Real bad idea. At times I think I need to find a new country to live, or a new planet.

Nick April 13, 2016 7:32 AM

@bkd69

The activity in question can be discovered simply by subpoena from the carriers, and given the amount of unrelated data we carry on our phones, it constitutes an overly broad search.

The carriers don’t know if you’re physically using the phone, e.g. preparing a text message, playing a game etc. All the carrier can tell the police is whether a call was made/received, a message sent etc.

“it constitutes an overly broad search” in your opinion. Do you have a source to corroborate your opinion? I ask because the quote says “It will solely say whether the phone was in use prior to a motor-vehicle mishap.” That’d make it more difficult to suggest it was an overly broad search because the information being acquired is highly limited.

I have yet to see any report that details whether this tech requires some form of user compliance to unlock the phone beforehand.

It probably does if the phone is encrypted or locked with a passcode lock however Cellebrite’s forensic tools can illicit a lot of information (even when locked) providing the phone is switched on.

It may be made an offence to fail to comply, i.e. to refuse to submit your phone for ‘textalyzer’ examination.

I don’t like the idea though and to me it’s quite different from a breathalyzer.

adrian April 13, 2016 7:43 AM

How do you show the device is being used by the driver rather then a passenger. I would give my phone to my child sitting next to me to respond to some messages or text people when delayed.

It seems easy to say that a given phone was being used and even in a given car (given tracking info) but much harder to say that the driver was using it. Or that it was being used/not used in a hands free mode. Perhaps that is where the forensic analysis of the phone also comes in.

Mark April 13, 2016 7:48 AM

Except that a breathalyser measures one thing at one point in time. Cellphones have an awful lot of data over a long period of time.

Will it be open source? Ha, my goodness I do make myself laugh sometimes. How do we know what it’s really doing?

What proof would we have that the device wouldn’t take as much as possible? I’m sure that a few “full take” devices will be made for our friends at the intelligence agencies.

I’m sure that lawyers are rubbing their hands together with glee.

Bruce, haven’t you been saying that the police/FBI are getting lazy? That they can no longer investigate crimes without the ease of technology?

We don’t need this device.

jw April 13, 2016 7:49 AM

If the useage is hands-free then how is there an issue? Unless I’m mistaken, using a phone hands-free is no more distracting that talking to a passenger in the vehicle.

Mike Scott April 13, 2016 7:55 AM

But the Textalyser presumably won’t work on a locked iPhone, and the fifth amendment means you can’t be required to produce your passcode to unlock it.

Moshe Y April 13, 2016 7:58 AM

I expect that in order for this device to work, it must be unlocked by the user. Regardless of whether or not the analyzer itself is in fact both honest and secure, it’s a dead certainty that many police officers will misuse the unlocked state, manually, whether or not you’ve committed a traffic violation.

(As for the slippery slope: the next step in these searches would be to check whether or not you’ve called a “suspicious” number.)

“Implied consent,” that is, the withdrawal of government licenses, is a perilous theory. Using public transport in NYC gives “implied consent” to search of your person and belongings at random, according to temporary signs near subway entrances the last time I was there. What about sidewalks?

Cigaes April 13, 2016 8:01 AM

How can this kind of search not become an arms race between the “textalyzer” and applications to discreetly wipe the traces? Legislators would require the phone to keep unerasable traces, and that would threaten our (already quite battered) right to run Libre community firmwares on it.

paul April 13, 2016 8:03 AM

The phone network may not be able to tell exactly what the phone was being used for in the moments before the crash, but the data network almost certainly can. Most apps engage in near-constant communication with servers either to update location data or to serve ads or just because. And those apps often have access to phone status, including hands-free.

But I’m not sure I’m comfortable with immediate police access to all that data, because it’s not at all clear to me how it would be limited only to post-accident analysis.

For the on-phone “textalyzer” version, I’m afraid the response would almost certainly be a series of scrubber apps that would munge your phone’s history when the accelerometer detected violent unplanned motion, followed by scrubber-beater forensics…

ella April 13, 2016 8:07 AM

What if I am listening to music or a video lecture on my phone? Will the device be able to distinguish between listening and other activity? Will the device know if the phone was held to my face while talking or if I was using the speaker?

Will the device know what I was thinking while driving?

Peter Gerdes April 13, 2016 8:32 AM

So wait. Surely this device won’t work without entering the device pin. Do they really expect me to type that in for them and trust the cops won’t say,

“Ohh by the way we’re investigating you for another crime. So we’re arresting you for the traffic violation so we can search the phone you just unlocked under the search pursuiant to an arrest exception.”

Even more problematic is that, unlike most 5th amendment password cases, it’s hardly a foregone conclusion that I own or control a phone in my car. Thus demanding a passcode on pain of punishment implicates fifth amendment rights. True, after a long discovery process the government may be able to establish that my knowledge of the passcode is a foregone conclusion but only then should they be able to demand it on pain of punishment (I don’t agree with even that but it’s precedent).

I think the supposed run-around of the warrant requirement is also suspect.

Peter Gerdes April 13, 2016 8:43 AM

Ohh and yes it is unnecessary.

Does driving and texting (or whatever) increase danger. Certainly, though to what extent and whether it is reasonable depend on the circumstances.

Drivers are, and always have been, subject to a great many conditions which increase the risk of accidents. Lack of sleep, anger, children in the car, unfamiliar surroundings etc.. We have to count on (and educate) people to make good choices about all these other risks and cellphone usage seems no different.

Frankly, I would much rather share he road with an experienced driver switching podcasts or muting turn-by-turn than an infrequent driver on vacation in a rental car fighting with their spouse while their kids fuss in back but no one ever suggests prosecuting them.

I will admit that drunk driving is something of a special case as people aren’t only poor drivers while drunk but unable to properly consider the risks they pose (though I worry no-tolerance BAC limits will decrease respect and compliance).

TimH April 13, 2016 9:18 AM

So there’s a car accident.Is that in itself really PC/RAS to suspect phone use? Phone use is one of many possible driver errors leading to an accident. Feels like legitimising an otherwise unconstitutional search to me just there.

And, as posited by others, the ramp up of other legal circumstances to allow an LEO phone search will be amazing, if this passes.

Also, under 5th am., can you be forced to admit to having a phone on you to surrender it? If not (5th applies), then the law has to allow LE to presume you have one, and search the car for it. Which they will do anyway, because the phone you handed over is clearly the never-used phone you keep in the car for this purpose.

SellerBright April 13, 2016 9:25 AM

Officer: Were you using a cellphone at the time of the crash?

Proletariat: Yes my dear militarized thug, I was. I was listening to a youtube clip – hands free of course – outlining how Cellebrite’s UFED is a solution in search of a problem. In fact, I had just learned that everyone from DHS, FBI, the DEA, trigger happy chappies like yourself and local librarians were now authorised to plug a UFED into my ass on any flimsy pretext they liked.

It seems that running around constitutional protections has never been easier, with UFEDs able to extract, decode, analyze and report data from thousands of mobile devices, including, smartphones, legacy and feature phones, portable GPS devices, tablets, memory cards and phones manufactured with Chinese chipsets.

It also dawned at me at the time of the crash that if these kind of corporations had contracts dating back to 1999 with the FBI – and can break into more than 15,000 kinds of smartphones and other mobile devices – that the Feds the other week were simply looking for a legal precedent to break into any manufactured device when they took on Apple. That is, we saw a transparent power grab by the authorities under false pretenses being defeated, albeit temporarily.

Given the Fourth Amendment of the U.S. Constitution prohibits the police from making unreasonable searches of people, homes, or belongings, your invasive UFED probe without my consent lacks probable cause following a common low-grade fender-bender, making this yet another breach of our rights as citizens.

Does that satisfactorily answer your question?

Officer: GET ON THE GROUND! STOP RESISTING!

truenorthern April 13, 2016 9:26 AM

Distracted driving due to cell phones is a moral panic.
We have seen an absolutely massive explosion in the number of cell phones in the last 30 years. But we have not seen a massive increase in accident rates. In reality there has been a decrease in accident rates over the last 30 years.

Andrew April 13, 2016 9:31 AM

Phones with black-boxes and cars with black-boxes – the simulation of the accident. This is probably the future, or it should be, in case of self driving cars.

Scared April 13, 2016 9:44 AM

https://www.washingtonpost.com/world/national-security/fbi-paid-professional-hackers-one-time-fee-to-crack-san-bernardino-iphone/2016/04/12/5397814a-00de-11e6-9d36-33d198ea26c5_story.html

The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.

The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone’s four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.

The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution.

Cracking the four-digit PIN, which the FBI had estimated would take 26 minutes, was not the hard part for the bureau. The challenge from the beginning was disabling a feature on the phone that wipes data stored on the device after 10 incorrect tries at guessing the code. A second feature also steadily increases the time allowed between attempts.

Wade April 13, 2016 9:45 AM

Regarding the pin issue, like breathalyzers, the law is supposed to be amended so that you grant inherent consent when applying for your driver’s license. Refusal to submit your phone to inspection, same as refusing to submit to a breathalyzer test, results in an immediate suspension of your license.

It’s a bad idea, and any defense lawyer worth his salt would rip this thing to shreds in court. No statistical legitimacy, no established proof of how it works and what it gathers, no determined statistical rates on false positives… Granted, the mandatory compulsion thing is bad. But it doesn’t take a technologist to realize ways in which this could mess up.

At best, all this can do is shift the burden of proof to require a driver explain away why he sent or a received a text message at a certain time.

Paul M Watt April 13, 2016 9:47 AM

Hi all,

This type of law avoids the 4th and 5th amendment conflicts because it specifies that compliance by the driver is optional.

However, the state “gives” you the privilege to drive on their roads by issuing your drivers license. One of the terms for you to be able to keep your license, is the voluntary submission of your phone for analysis with probable cause.

So it is a choice, stand up for your rights, or keep your drivers license.

Mr. E. April 13, 2016 10:04 AM

@truenorthern
Most sensible people do not dial hands unfree (or for heavens’ sake, try to type text messages) while driving.

People do try to text while walking down the footway, though. People also try to walk across the road while texting. The result is that other people, who are not trying to use a device while walking in a public space, have to constantly take evasive measures to avoid colliding with these nincompoops. Mobile phones turn pedestrians into zombies; users lose almost all situational awareness. How come motorists are supposed to be immune to this effect?

If pedestrians can’t make safe use of the public highway while concentrating on their device, it’s inconceivable that they are going to be able to operate heavy machinery while concentrating on their device.

@jw said:
“Unless I’m mistaken, using a phone hands-free is no more distracting that talking to a passenger in the vehicle.”

Talking to a passenger in a vehicle is distracting; public service vehicles in this country have signs on them saying “Do not distract or talk to the driver while the vehicle is moving”.

But a real human passenger can tell when the driver is in a stressful or dangerous situation, and will shut up; a mobile phone correspondent can’t, and won’t. Hands-free doesn’t help; obviously dialling or typing while driving is insanely dangerous, but holding a conversation while driving is also unnecessarily dangerous.

Drivers should always pull over before accepting or placing a call. I don’t care what the law is, wherever you happen to live; this is your duty, as an operator of heavy machinery, to the other human beings using the highway.

I wish people would understand that the “mobile” part of the term “mobile phone” means that it can be picked up and moved – it doesn’t mean that you should try to move around while using the darn thing.

Scott J April 13, 2016 10:16 AM

If having a license provides implied consent, why doesn’t having a license imply consent to search your vehicle and your person? Because 4th Amendment. My phone is locked like my glove compartment and my trunk. They could pass this law, but it won’t withstand the first court challenge.

nycman April 13, 2016 10:28 AM

So toss your phone after an accident before the cops get there. Put it in the bushes and come back later to pick it up. Phones have so many sensors-proximity, accelerometer, gyro, compass, etc. If these sensors maintain logs, it would be easy to determine how the phone was being used – in your hands, up against your face, which side of your head, were you typing, playing with an app, etc.

Or do a full wipe, which is a good practice anytime you expect to encounter a govt. thug, whether it’s going through customs or going into the subway. Next it will be illegal to manufacture a device that can be wiped…for your safety of course, ’cause we’re trying to protect you.

Unless April 13, 2016 10:51 AM

It’s no more intrusive if you don’t have to unlock your phone.

A breathalyzer doesn’t look at email, browsing history, message content, contacts, or anything else.

Why on earth would we trust this company any more than we trust stingray manufacturers?

Martin April 13, 2016 11:05 AM

Does anyone who is objecting to this approach have a workable solution to the very real problem of drivers being distracted by cell phones? This is a very real, and too frequently, a deadly problem that needs to be addressed as many drivers do not have enough personal discipline or integrity have both a driver’s license and a cell phone.

What do you recommend to address this problem?

Alban April 13, 2016 11:05 AM

It applies to other areas than car driving. There was a recent train accident in Germany (Bad Aibling, 17 deaths) and after 2 months of investigation, they found out that the worker in the command center was playing on his smartphone while the trains were entering their collision course.. It was already established that this worker did not have the right reactions at the right moments, but they found ultimately a reason for his carelessness.

I however fear that the false positives of this new technology may lead to very concerning privacy abuses… By an alcoholic test, the police in my country pays for the blood test (consecutive to a positive breathe test), if at the end it turns out to be negative. There I just lose time as a citizen..

Who gives me back my privacy if the police did a full forensic investigation of my smartphone for nothing?

albert April 13, 2016 11:07 AM

Well, it seems to me that New York has more important problems than -retribution- against drivers who -may- have caused an accident by using their phones while driving.

So, whos pocket is Murphy in? Or is he one of those state senators who has nothing productive to do?

This is more BS from state government. These guys must be on a major power trip; funny, considering that they’re a bunch of goobers and yokels. They don’t have the juice to eff with multi-billion dollar companies. The likelihood of passage is snowball in hell.

That said, the Burr/Feinstein bill presents some real danger to US citizens… and US manufacturers. Funny, considering how much influence the Corporatocracy is supposed to have on Congress.

Hey, Elites! Better shorten their leashes; the sooner, the better. Can’t have those Congress-critters runnin’ loose. They’ll be suckin’ eggs in the hen-house.
. .. . .. — ….

Wael April 13, 2016 12:17 PM

Not enough technical details…

How, exactly, are they planning to correlate the time of the text to the time of the crash? They need additional information… They’ll need to determine the time of the accident to an accuracy of a few seconds, max. They’ll also need to establish the text was sent during driving, which implies correlating the text time with gps data or location tracking…

And how would they know if one of the passengers sent or read the text on the driver’s phone? How about burner phones or people with more than one device? Will they need to search the car for other phones? What if the person got rid of the phone after the accident?

Too many questions… Waste of time idea, IMHO.

Wouldn’t you think metadata that’s already being collected is sufficient to infer this sort of information without requiring physical access to the device, or this so-called “solution”?

Anoni April 13, 2016 12:34 PM

Given the questionable quality of materials produced for government acquisition, nothing like a weapon made by the lowest bidder, I have to ask how good will security be on these “textalyzer” devices?

Can it be infected with a virus? If it has access to my phone, physical access, what else will it install on my phone? Lots of valuable information there. Root-level access. And not just the government spooks spying, but third parties as well. Phones are often used 2-factor authentication…

.

Comparing to a Breathalyzer is a bad thing. Breathalyzers work by passing a beam of light through a sample and looking for spectral absorption, i.e. how much light was absorbed. Unfortunately they do not look for ethanol (alcohol). Instead they look for methyl groups, which picks up ethanol as well as burps, farts, automotive exhaust, paint fumes, etc. There’s like thousands of compounds in our society that will give you a false reading, many produced by our own bodies.

Breathalyzers are a real nightmare device. Legally they are presumed accurate and above reproach where as in actuality they are far from it.

r April 13, 2016 1:34 PM

@V,

So you’re advocating further distraction by using two phones?

Expect EM sweeps of cars next.

Probably a good idea to rough your vehicle to explode too then.

r April 13, 2016 1:47 PM

Or, to kill two birds with one stone when it comes to smart devices… Some sort of electromagnetic feedback when in the presence of a ‘search’ signal.

Skeptical April 13, 2016 1:47 PM

The problem seems better addressed by requiring certain features be added to motor vehicles, such as a rudimentary equivalent of a flight-data recorder. Were brakes applied much later than we would expect of an attentive driver? That’s informative beyond this device, because it would capture the effect of all sources of distraction – mobile devices, passengers, etc.

Such a device, if real-time data transmission were added, could also be used to better enforce speed limits and detect reckless driving. Both by training drivers to drive more responsibly, and by allowing the early detection and removal of unsafe drivers, such a device has the potential to dramatically reduce motor vehicle accidents and all the pain and suffering they cause.

Andy April 13, 2016 2:31 PM

@Martin,

Does anyone who is objecting to this approach have a workable solution to the very real problem of drivers being distracted by cell phones?

Yes, of course: the mandatory use of car and telephone sensors to make sure a phone cannot be operated from the driver’s seat (option B: from any front seat) while the car is moving (option B: with the engine turned on).

The phone may be allowed to route incoming calls thru the car’s dashboard using hands-free mode after lecturing the caller about the phone owner being driving and asking him/her to leave a message or press “1” if it is an urgent call.

Wael April 13, 2016 3:15 PM

@Skeptical,

The problem seems better addressed by requiring certain features be added to motor vehicles, such as a rudimentary equivalent of a flight-data recorder. Were brakes applied much later than we would expect of an attentive driver? […] could also be used to better enforce speed limits and detect reckless driving. Both by training drivers to drive more responsibly, and by allowing the early detection and removal of unsafe drivers, such a device has the potential to dramatically reduce motor vehicle accidents and all the pain and suffering they cause.

Right on. It’s in the pipelines… Coming to a car near you. Not too far in the future either. IoT has many applications! Just wait until your GPS rats on you that you exceeded the speed limit and receives a ticket OTA just for your convienience! Hey! For a small upgrade fee, the GPS can also send a copy to an attorney to have the ticket dismissed without you showing up in court. One Bitcoin an hour is the going fee for such an attorney 😉

Martin April 13, 2016 3:18 PM

@ Andy

“..the mandatory use of car and telephone sensors…” does not address the millions of cars currently in use without such installed and functioning specialized equipment. Are you suggesting all automobiles be retrofitted? How much would a retrofit cost? How long to complete?

The concept is interesting, but I fail to see how it addresses a very real, often dangerous, life threatening and immediate problem. The solution proposed by Mr. Schneier is not perfect, but far better than the alternative of doing nothing.

Again, for those objecting to the Cellebrite solution, please offer practical, realistic short and long term solutions.

albert April 13, 2016 3:31 PM

@Skeptical,
They are not interested in “…all sources of distraction…”, they just want data from your phone.

This is a solution in search of a problem. Pass all the laws they want, folks won’t stop using their phones. There are a lot of folks who can’t drive responsibly -without- distractions, phones, or booze, bad eyesight or hearing. Stricter licensing, addicts (alcohol and otherwise) need to be removed from the road. (addiction is a public health problem anyway), and effective driver education would reduce the number of accidents dramatically.
………….

@dbCooper,
Thanks, for the link (and kudos to the author, Kevin, for writing it)
………….

When is LE going to realize that laws don’t prevent crime, they only punish it.

. .. . .. — ….

kevin April 13, 2016 3:51 PM

The comparison with a breathalyzer test is misleading, and I suspect the the manufacturer named it a textalyzer to intentionally mislead. A breathalyzer test is commonly used following the LEO’s observation of driver conduct/breath sufficient to give the LEO grounds for “reasonable suspicion” that the operator is intoxicated. In this case there is no “objective and articulable fact” which would support reasonable suspicion, merely the fact of an accident.

r April 13, 2016 3:58 PM

@Wael,Skeptical

I think skeptical is right, a ‘front facing’ camera and flight data recorder could be required to hold say last 5 minutes of drive time and be easily limited to only the driver.

Jenny Juno April 13, 2016 4:03 PM

FWIW, it is not hard to imagine some basic countermeasures that would frustrate the use of a “textalyzer.” For example, most phones have accelerometers in them. So detecting that a phone was in a car accident should be easy enough to do. A relatively simple app could detect a collision and either lock down the phone (power it off) or wipe any potentially incriminating data generated since the car originally started moving (including the presence of the app itself).

Come to think of it, such an app might be useful in other situations. For example detecting that the phone was dropped from the height of a table or thrown with sufficient force as a trigger to wipe and lock down the phone. That could be a reasonable (although obviously imperfect) way for someone who is being attacked/apprehended to protect the data on their phone. No complicated passwords to enter, just a quick physical motion that doesn’t usually happen under normal circumstances.

Worst case have it start a countdown that does require a password to abort the wipe if it triggered by accident.

albert April 13, 2016 4:20 PM

@Skeptical, Wael, Andy, Martin,

That’s what happens when I hit ‘Submit’ instead of ‘Preview’:)

As a former boss used to say; “It’s only software.” Automotive ECUs already collect most of the data S. is talking about. A Flight-Data-Recorder-type device might be acceptable; it certainly beats phone-access ‘solutions’, which are totally unacceptable for the reasons cited in this thread.

I would insist on a few things:

  1. Accurate time stamping
  2. Dedicated data collection port with tamper-proof seal.
  3. Dedicated data collection device, NOT a laptop or mobile.
  4. No access to anything but the FDR data.

Practical considerations:

  1. Auto companies foot dragging.
  2. Do we trust them to do it right? (No, there must be strictly enforced standards).

I’m sure I left out important things.

On a more positive note, FDRs have led to important advances in flight safety, both in aircraft, and in piloting. This would benefit auto companies, and the folks who are affected by vehicles, which is everyone.

I still stand by my earlier comment regarding licensing and training. The human factor is still the main problem.
. .. . .. — ….

Thunderbird April 13, 2016 4:23 PM

Again, for those objecting to the Cellebrite solution, please offer practical, realistic short and long term solutions.

If we allow the problem to be framed as “we must do something,” we are in danger of falling prey to what I call the “stupid people’s syllogism”:

  • We must do something
  • X is something
  • Therefore, we must do X

This argument is commonly used in public discussions and can lead to many fine “solutions” like Porn-O-Trons in airports and mandatory back-doors in devices.

Alex April 13, 2016 4:28 PM

I’m 100% AGAINST this.

The police already have this information at hand. It’s called a subpoena to the cell carrier.

This turd software & legislation won’t do what they say it will — it’ll just give the police more ways to bypass the legal system.

How will they be able to tell if I had used hands-free methods to send messages? Or if a passenger sent them? or an app sent them?

DUI checkpoints move over, it’ll be “textalizer” checkpoints and you bet your ass that they’ll try to justify a data dump of your messages & photos in the process.

r April 13, 2016 4:28 PM

The state police in my area, used to have dongles they would use when pulling people over… That was ruled illegal thankfully, I’m not really sure what they were cc’n or why but it was happening on the highway.

Another thing a driver side camera would allow: evidence of a CRAZY girlfriend jerking the wheel from the passenger side or putting the vehicle in park while in motion.

Andy April 13, 2016 4:34 PM

@Martin,

Yes, you are right: that is not a short-term solution. The requirements would be for new cars and new smartphones.

The concept is interesting, but I fail to see how it addresses a very real, often dangerous, life threatening and immediate problem. The solution proposed by Mr. Schneier is not perfect, but far better than the alternative of doing nothing.

The textalyzer is not a “solution” to this problem, and comes with a truckload of problems on its own.

You have to make it impossible to use a cellphone while driving or else some people will continue to use them.

I also like @Skeptical & @Wael proposal for a car black box as a determent, but only if it can be proven to work just while the engine is running.

This would cover many other threats beside cell phone use while driving, as sipping brebajes, applying makeup, reading a newspaper (I’ve seen it!), and maybe even drunk driving.

Personally, I’d make a requirement that data extraction from the car’s black box be standard and operable by the car owner, like “insert a USB stick and press the big red ‘DUMP’ button while the keys are in the ignition”. That way you would be able to verify which data is the box giving away (as opposed to not knowing which data is the LE-owned textalyzer will be able to extract from your phone).

Andy April 13, 2016 5:06 PM

@albert,

I’ve just seen your comment.

As I said before, I like the “FDR” solution. But I disagree with you over a few points:

1. Accurate time stamping
100% agree

2. Dedicated data collection port with tamper-proof seal.
100% disagree: you, as the car’s owner, should be able to extract FDR data any time and as many times as you want. It should be inaccesible to non-owners, for example by being somewhere inside the vehicle.
The physical port should be a standard one, like USB.
The extraction method should not require specialized equipment, a USB pendrive should be enough.
The data itself should be in open-standard formats for you to be able to utilize it yourself and also to allow you verify what the box is giving away.
The data should be cryptographically signed (but not encrypted) to ensure that it is not forged.

3. Dedicated data collection device, NOT a laptop or mobile.
110% agree.

4. No access to anything but the FDR data.
Not sure what you mean by this.
I think everything available to the car’s onboard computer should be stored in the FDR, from oil levels to engine RPM, from pneumatic pressure to outside temp. That and a pair of cameras (dash-cam and driver-cam). And probably a mike too.

Important things:
– Only works while the engine is running. No recording while the car is parked.
– Able to keep the last few minutes at most (I think something like 5 or 10 minutes is more than enought).
– Protect the recorded data when an accident is detected (10g deceleration, airbag deployment, etc), so data is not overwritten on hit-and-run events.

I am sure we can add features (and limitations) for a good-for-everyone car black box.

Clive Robinson April 13, 2016 5:12 PM

I don’t think that people actually understand what this is all about.

It has little or nothing to do with who is or is not a good driver.

It’s about two things money and political publicity plain and simple.

Primarily it’s the route of a monetary fine system, or more correctly it is about raising revenue in lieu of taxes. Those with money to buy politicians have whittled the tax base away to such an extent that the US Gov is going steadily deeper into debt which needs to be addressed. Cutting government, is a “voters myth” it’s not realy going to happen, because many of those that buy politicians make their money from government spending, so they are not going to cut their own throats. All that will happen is “the deckchairs will get moved around a bit” and cost far more when privatised. Think about it has anyone seen any real savings from “outsourcing” government work? Nope, there’s that 100 to 300% markup to be made to feed profits, and that money has to come from somewhere.

Secondly such legislation enables the politicos to appear tough on those that hurt familes and children with the 30,000 odd “deaths by accident” a year on the roads. So the old “think of the children” sob sob stories. However the politico’s studiously ignore the major killer… that is the ten times as many premature deaths each year due to the particulate polution from vehicles especially those that run on diesel oil rather than gas/petrol. It generaly falls considerably more on the poor so those early deaths cut welfare etc…

That’s the real story behind this, anything else is “fringe benifits”.

r April 13, 2016 5:15 PM

@andy,

I can put my vehicle in neutral and turn it off in motion. Better to have a closed power loop and running GPS/inertia.

Skeptical April 13, 2016 6:04 PM

@Wael: Just wait until your GPS rats on you that you exceeded the speed limit and receives a ticket OTA just for your convienience! Hey! For a small upgrade fee, the GPS can also send a copy to an attorney to have the ticket dismissed without you showing up in court.

Now there’s someone familiar with the system.

More seriously, if the FDRs included data transmission, some of what might be useful underlying infrastructure and policies for self-driving vehicles could be put in place at the same time, but in a cautious, modular manner.

One challenge with data transmission would be privacy – but safeguards could be set on law enforcement’s use of the data e.g. it becomes accessible only if the data meets certain criteria – reckless driving, speeding – or if certain authorization is granted – or in cases of an emergency, which of course must be fully documented for later review. Obviously the transmissions would need to be encrypted.

Another problem would be recognition of authentic transmissions and filtering of spoofed transmissions.

The applications are broad in scope. Detection of the intoxicated driver swerving from lane to lane – a warning signal to construction workers of an incoming vehicle traveling well above the speed limit – notification to law enforcement and fire/medical personnel immediately of an accident or other incident requiring an emergency response – etc.

And the deterrent effect of traffic laws would substantially increase, though I suspect some acceptable margin for error would be demanded before the data could be used for the purpose of enforcing traffic laws.

Finally, the data could provide residents of a neighborhood with precise and accurate metrics concerning the amount of traffic in their area, the number of speeding cars on certain roads, etc., which would permit more effective policy-making.

We’ve become inured to a certain level of risk posed by unsafe driving practices, but that’s not a rational adjustment on our part if there is a cost-effective (relative to the benefits and to alternative projects) means of reducing those risks.

Tom Kenney April 13, 2016 6:35 PM

A simple interlock would obviate the need for this kind of snooping:

1) NFC device in driver’s seat (or steering wheel?)
2) Detection routine in phone to check for driver’s seat NFC device

If phone is in proximity to NFC device AND phone is traveling above 10MPH, disable keyboard input.

People who are stupid enough to be texting while driving are probably not capable of defeating the detection routine, unless aided by a qualified engineer/programmer.

Some Guy Who Hasn't Been There April 13, 2016 7:35 PM

This is a clear violation of unreasonable search and seizure in my totally worthless opinion.

There has to be value in the data to be at all useful. Maybe it’s time not to encrypt but instead to flood the device with noise. Now prove which piece of the contradictory data is valid. Anybody want to write an app?

Wael April 13, 2016 8:23 PM

@Andy,

I also like @Skeptical & @..,

It’s strictly @Skeptical’s idea, I just happened to concur.

@Clive Robinson,

It’s about two things money and political publicity plain and simple.

Money and politics are major factors. This dross of an idea is trivially assailable from a technical perspective, nonetheless!

@r,

I think skeptical is right, a ‘front facing’ camera and flight data recorder could be required to hold say last 5 minutes of drive time and be easily limited to only the driver.

Why wait for the accident to happen? Stream the video to a law enforcement agency to stop the car (remote control) then summon a traffic violation ticket.

@Skeptical,

More seriously, if the FDRs included data transmission, …

All valid points… With one caveat: So much electromagnetic pollution isn’t that good either!

Wael April 13, 2016 9:03 PM

The simplest idea is to have your Smartsnitch rat on you…

Driver sending a text while driving: hey man, I’m los…t the address you gave me isn’t on the GPS

Smartsnitch to traffic monitoring cloud: calling all cars… MEID xxxx, Phone number yyy just sent a text to phone number zzzz. His longitude and latitude is u,v and get a load of this: he’s driving 45 miles above the peed limit. I took a video too… By the way he SIM swapped the card recently, so look for at least one more device in the car. My owner is pretty sneaky…

r April 13, 2016 9:26 PM

@wael,

Yeah… No, I’m definitely not a fan of live streaming that kind’ve data… You first bro 🙂 if they want to see into my car they can use the old fashioned method: my windows.

r April 13, 2016 9:31 PM

@wael,

Although, that kind’ve video stream could be used in road rage cases with wonderful results.

I can easily see a thousand instances of Detroit area traffic where people shouldn’t probably gotten citations or a license revoked.

r April 13, 2016 9:35 PM

Bottom line, the problem isn’t phones… As with women doing thru make-up behind the wheel or truckers and others failing asleep… The problem is directly behind the wheel.

Does anyone else think Clive is scary? Spooky??

Remedial set-shifting April 13, 2016 9:58 PM

Yes, distraction is the enemy of statist cults. When you think about it, the entire state-subsidized IT industry is devoted to making sure you think about what you’re supposed to be thinking about, and nothing else. Think about driving and not facebook. Think about terrorists killing you, and not the state trapping you on a rigged ‘free-market’ treadmill. Think about lone nuts on the loose, and not the state negating public choice with coups and assassinations. Think about which worthless candidate you’re going to root for, and not what state priorities you want. Think about threats and not rights. Think about ‘crime’ but not state violence or corporate looting. Choose your war instead of demanding peace. Think about what kind of crap you’re going to buy to define your identity, and not the kind of world you want to live in. And so on.

Wael April 13, 2016 10:04 PM

@r,

Does anyone else think Clive is scary? Spooky??

Find him in the video and I’ll let you know if he’s scary or spooky 😉

Nicholas M April 13, 2016 11:27 PM

@ Wael, The simplest idea is to have your Smartsnitch rat on you…

Welp, I’m sure there’s always a market for wild goose hunts.

@ Remedial set-shifting, Yes, distraction is the enemy of statist cults.

Distraction is indeed an enemy of progressives. As in most travel plans, roads comprised of 45 degree turns every quarter mile can put drivers at edge of seat during long travels, which I have experienced several times in the past. However, like all inherent detection mechanism, there’s a threshold until the public took notice to backlash. It is then, logically, concluded that things must be done incrementally, as some here have talked about slow bleed/leaks in the prior blog entries, because a snitch is snich no more when exposed.

@ Alex, I’m 100% AGAINST this.

Traditionally these type of devices are used by car owners to defend themselves against allegations, but law enforcement officers can subpeona data stored. Crafting a law to make this compliant, like emissions standards, is rather suspicious no matter which neighborhood it came from.

tyr April 14, 2016 12:51 AM

@Wael

My baby brother wound up with Ermey as a drill
sargeant in Camp Pendleton. Now that’s scary.

The movie got it wrong though, the DI didn’t
die and the nutty was sent off to VietNam to
spread democracy as an ambassador in uniform.

The good news is USA DOD says we’re running
out of bombs. That should cause a sigh of
relief in a few other countries. RT resident
is the source.

Marc April 14, 2016 12:53 AM

Wow! So many comments (To be honest, I didn’t read them all). The sheer number of comments suggest a lot of addicts.
Who is to blame if a distracted driver runs over a distracted pedestrian?

R April 14, 2016 1:30 AM

First: The very obvious brand management first-responders here because of mention of Cellebrite are hilarious. English skills better than often seen in shills from that region, but still obviously struggling.

I am shocked more of the readers here do not have more knowledge of the rampant invasion of phones police have undertaken using devices from companies like Cellebrite. Not stingrays, but ‘data suckers’. I am sure they scare their victims into consenting by claiming they will be charged with obstruction or something.

The obtuse black or white insistence that this ridiculous ‘textalizer’ device is ‘worth considering given the real problem of…’ is completely vacuous, and the propaganda effort of these deviants is laughable.

Look into what Cellebrite actually is.. Look at the ‘products’ sections of some of the websites of companies that make these types of devices. This stuff has been going on for 15 years, but is now a mature market with dozens of devices used by dozens of types of authority figure, spy, and criminals. Yes, criminals have these devices too. Stingrays, as many know, can be made at home, more or less, just like a faux USB charger can be made to secretly suck data from a device.

Notice there was some very weak refutation of some of the tepid and weakest negative points raised, but then they scattered like rats when someone brought up the very real questions of timestamping a accident, or determining actual user of a phone in a car with multiple occupants.

Simply google ‘police hack cellphone’ to see the tip of the iceberg of what is going on.

Soon high schools will want these for whatever reason or other they dream up.

Google ‘high school principle webcam spying’ to see where that leads.

Wael April 14, 2016 1:57 AM

FDR serves a purpose in flights. It helps investigate catastrophic events so manufacturers rectify design weaknesses and update faulty operation procedures. FDR also helps in attributions in case of foul play.

It would be fundamentally flawed to apply FDR (or DDR, ‘D’ for driving) for the same purpose in cars. Planes and cars are different. With cars, the emphasis should be on preventing root causes of accidents rather than punishing offenders. And that’s because the car can be stopped when a violation is detected. One can’t do that with a plane at cruise altitude. This “textelizer” idea supports those that claim the criminal justice system is reactive and punitive, rather than proactive and preventive. Sir Robert Peel would have been really unhappy had he read this article especially since he died because of a horse accident. The distracted bastard riding the horse that T-Boned him was playing with an abacus…

‘An ounce of prevention is worth a pound of cure’. Speaking of idioms…

@Nicolas M,

I’m sure there’s always a market for wild goose hunts.

It’s ‘Wild goose chase’.

Clive Robinson April 14, 2016 3:04 AM

@ r,

Does anyone else think Clive is scary? Spooky??

Why would you think that?

Especialy when several young ladies have come up and grabbed me by my beard and at the very least compliment me on it…

My son however used to find my beard to be a sorce of amusement, he would but his hand behind it and poke a finger through pulling it back.and forwards whilst making noises like a cuckoo clock… Much to his mothers anoyance and thus much to the amusement of her parents.

What my son did not like was my “Hammer House of Horror evil laugh” but on the other hand my impersonations and ability to “rap on the spot” to almost any tune produces howls of laughter. The “rap ability” appears to be related to my ability to write “serious poetry”[1] as well as lymerics (of which Wael has been gifted an occasional example)

[1] Not my choice of words, but those of an “english teacher” who could not comprehend why I could write “serious poetry”, “wax lyricaly” about many and varied subjects off the cuff but not do the dreaded “comprehension questions”. However she “was not amused” when I pointed out that her lack of comprehension was a little ironical…

Clive Robinson April 14, 2016 3:27 AM

@ truenorthern,

In reality there has been a decrease in accident rates over the last 30 years.

Yes and no, the auto industry spares etc reports an increase inline with ownership. Which suggests that the accidents have flatlined but safety standards of vehicles has improved to the point where there are less injuries thus less police reports and insurance claims.

The thing is that it’s not possible for anybody to maintain the level of concentration that the legislators, thus lawyers and LEOs claim for anything other than very brief periods of time. Because it is a state of hypervigilance that causes masive cognative impairment equivalent to “battle fatigue”.

Thus driving is a bit of a numbers game following a predictable probability curve, which is why it’s possible to have accident insurance… And why politicos can use it as a football and raise a predictable revenue from it.

Which begs the question of, if “self driving vehicles” become anything other than a nice idea, what will the politicals do… It is afterall a bit difficult to continue playing the game, when the football has been taken away…

Perhaps journalists should ask why the legislation does not have an exemption for self driving vehicles… The answer or lack there of might be quite illuminating.

George H.H. Mitchell April 14, 2016 6:14 AM

C’mon, Bruce, really? A device/procedure to unlock your cell phone just a little bit? As Jake says in “The Sun Also Rises,” “Isn’t it pretty to think so?”

Anonymous Target April 14, 2016 6:47 AM

More proof in my way of thinking that ALL ELECTRONIC DATA should be declared private property of the user and subject to Constitutional protections.

How on earth could the average person know that the police will be confiscating their personal device for a “meta data” search for evidence in a crash or anything else?

That’s more than intrusive, it’s a ghastly invasion by government. I might add mere involvement in a crash does NOT constitute reasonable suspicion of a crime IMO.

ps: I still think Cellbrite cracked the iPhone via NAND replication and there’s a gov. disinformation op going around to get hackers and Apple off the track so gov. can do more phones, for awhile.

pps: I notice this TOR post is being routed through Cogent in Washington DC. hmmmmm.

Robert.Walter April 14, 2016 6:53 AM

I don’t expect that the authorities would remain circumspect for long once they are allowed to use such a potentially intrusive technology.

I would much rather prefer an OEM software that could be queried from the lock screen to generate a usage report showing the last time various functions were used with date stamp. The report could then be routed to the police via a text to 911, or a different special number set up for this function.

This would eliminate the risk of Celebrite or any other Hoovering all info off a person’s phone.

Robert.Walter April 14, 2016 6:55 AM

Add: Similarly the data could be transmitted to a police collection device via Bluetooth or NFC. It’s just a matter of picking the best standard(s).

Agammamon April 14, 2016 7:21 AM

“To me, it feels no more intrusive than a breathalyzer”

And the Breathalyzer is incredibly intrusive, not to mention corrosive of basic civil liberties.

Violation of the 5th amendment through coercive tactics intended to force you to submit or give up easy travel, 4th amendment through allowing DUI roadblocks.

Then add in the new allowances for untrained police officers to mandate and conduct blood draws roadside.

Are you cool with mandating surrendering your phone on demand? With DUI checkpoints expanding to include warrantless searches checking if you’ve been texting in the last few minutes?

And the kicker, the cherry on top of this shit sandwich, is that the pertinent information is completely available to law enforcement through a simple subpoena to turn over third party phone usage records that will show the time of each call and text made by that person’s phone. At-the-scene ‘forensics’ is completely unnecessary.

Force, Might, Beatings Sold Separately April 14, 2016 8:26 AM

The crucial clue here is that Cellebrite is an Israeli company. That is significant because Israel’s chief export is technology and know-how states need to subdue and control a subject population. Don’t take it from me, ask an Israeli resident:

https://richardfalk.wordpress.com/2016/04/07/reading-jeff-halpers-war-against-the-people-israel-the-palestinians-and-global-pacification/

So naturally Cellebrite seeks new markets for totalitarian control. It’s market extension, like Coke for Breakfast, with a soft sell that’s ‘for your own good.’ This product enhances the capability of the government surveillance devices that suckers pay hundreds of dollars to carry around.

So if you’re an aspiring Rafael Eitan and you want to keep the masses safe, safe as drugged cockroaches in a bottle, buy Cellebrite!

r April 14, 2016 9:39 AM

@Clive,

I’m from Detroit, even if you don’t like rap… Eminem has a quote from one of his early songs that I tend to gravitate towards… “I’m a visionary because vision is scary.” Believe me, you have my utmost respect for your insightful nature… Plus more for being ex sigops and the positions you take, you are an asset for humanity. Thank you.

@R,

The Michigan state police were one of those groups using data suckers before they were told not to.

@Agammamon,

Not necessarily, some missing data would include games and selecting music tracks. My OWIL is related to playing with an early mp3 player.

@All,

Have you ever refused a breathalyzer or field sobriety test? I haven’t, I wouldn’t, but refusing to hand over my phone to be decrypted and scalped? Enjoy being guilty by default for refusing to decrypt security/r+e work, carrying lawful client data if you’re a lawyer or your contacts/meeting schedules if you’re a reporter.

Start buying qi charging compatible phones and break off the USB connector.

albert April 14, 2016 10:06 AM

Re: FDR (DDR)

Absolutely no data broadcast by any means
DDR data is read only, circular buffer.
Data restricted to accident parameters only
Access under the hood only, special connector, not USB.
Special protocol for transfer.
No access by owner.
Access by LE with warrant.

I thought we covered the self-driving auto stuff before; that’s not what this is about.

With aircraft, the FDR and the CVR have led to vastly more reliable aircraft, and procedures for pilots, ATCs, etc. Remember, the pilots are very aware that their conversations are being recorded, and every aspect of their flying is being recorded as well. Now I’m not saying we should record auto passengers conversations, but the driving public might be a little more careful if they knew their incontestable ‘driving fingerprints’ will show up at trial. AFAIK, most aircraft accidents are the result of human error*, but to be fair, modern aircraft computer controls are extremely complex, and in many cases the UIs aren’t clear enough to help pilots in emergency situations, even in recoverable ones.

I expect that a DDRs would show that most all auto accidents are the result of human error. Pilots need lots of training before they’re allowed to fly, then learning new or revised procedures, simulator training, and periodic testing. With drivers you don’t even need a license, you just jump in and go.** Solving the bad driver problem won’t happen with jail time and fines.

If the purpose is safer cars and drivers, then I’m for it. If it’s just for ambulance chasers and retribution, then fuck it.

  • the end point of a cascade of events.

** OK, I exaggerate for emphasis, but, sadly, not that much.

Can we all agree that -properly implemented- DDRs are a good thing? After all, driving is a dangerous privilege, not a right.
. .. . .. — ….

David April 14, 2016 12:25 PM

I’m a little surprised at you, Bruce. You’d have no problem with law enforcement running who-knows-what code on your device, without a warrant, simply because you got in a fender-bender?

CallMeLateForSupper April 14, 2016 12:45 PM

Have no mobile phone; have no cage[1]; don’t cross nor even approach any U.S. national border. That’s how I’ve rolled for nearly a decade. It works well for me.

But stories like the one that spawned this thread kind of chafe me because they sharply illustrate to this congenital disruptor and general contrarian that there is great fun[2] to be had and he (that is, I) ain’t gonna get none of it.

Clearly, Ms Security Drone, you are certain that I have an iToy and you very much want to penetrate and savage it with your eToy, but I promise you that searching me again will not produce what you desire.

No, Mr Trooper, I won’t hand over my phone. I don’t have one. Really. No, I really don’t. Well then sir, you and I disagree on what constitutes “normal”. Are we done here?

[1] bicyclists’ term for “motor vehicle”
[2] I enjoy paying a tab with too much cash, carefully calculated so that I 1) get rid of as many small coins as possible and 2) am owed one or more coins that are of more convenient denomination. For examle dumping 1- and 5- and 10-cent coins and receiving 25-cent coin(s) in return. It’s a double win when the cashier counts the remitted pile, studies the total on the POS display, considers the pile again, and finally informs me that I paid with too much. Yes, I really do consider it fun… and brain-lubricating activity.

reducto April 14, 2016 2:32 PM

Given that driving is statistically more dangerous than, say, flying or taking public transport, are you not putting others at risk just by getting in your car and leaving your driveway? The government should therefore use smart phone data to correlate one’s decision to drive vs. one’s options to ride a bike, walk, or take the bus. If a person has chosen to drive when the bus was a viable option for the trip, that person should be fined.

/s

Andy April 14, 2016 3:32 PM

@albert,

If the owner cannot access the DDR data, then how can you be sure of what LE will be able to obtain from it?

As the unit should be tamper-proof, if you cannot extract and examine the data yourself, you have no choice but to believe the brochure on what they are storing there. How different is that from the LE assertion on what are they getting from your phone using the textalyzer? How can you be sure they are not extracting last 2 year’s worth of GPS data from the DDR?

Additionally, if the DDR data is also available to the owner, you can use it any way it fits you. You can save the dash-cam video where you captured an accident or even a funny situation. You can use the -signed- data to assess that you were not speeding when you got that speeding ticket, or that the traffic light WAS green, etc.

Michael Kohne April 14, 2016 5:38 PM

I would expect the privacy protections to last about 60 seconds before some lawmaker decides they want ‘just a little more’.

That’s leaving aside the likelyhood of the manufacturer actually collection too much, just because things go wrong.

Thoth April 14, 2016 7:34 PM

@all
To put ot simply, it should be known that the high profits from the Military-Government-Industrial-Orweillian Complex is the main driving force for these so-called Defense Contractors reaping in huge cash profits by creating products that eensures the continued existence and propagation of the Orweillian World Complex.

One way to reverse the actions is to make personal privacy and personal security profitable but the saying goes that other than the Hagelin Ciphers making a huge profit from Crypto, Crypto and Security on os not profitable anymore. Most people on the streets don’t care enough about their personal privacy and security other than making noises in reaction to news reports or probably just armchair reactions for the general populace. Other than pushing interactive and interesting security and privacy education on a personal level for the masses, an industry that values openness (i.e. open source and open discussions wih open bug hunts), quality, privacy and security on individual basis to push back at the Orweillian World would be able to turn the tides.

The perpetual “Why Johnny Can’t Encrypt” scenario has to be addressed with usable and secure crypto implementations without freaking out mere mortal users. After close to 5 decades, we are still very far from usable crypto on a regular basis although some projects and products have done well on the UX front.

Software and hardware security must work together for a better security environment and assurance. There are still a lot of projects that choose only software security and it’s long overdue the requirements to ramp up security assurance of implementations.

Usability, use case and form factor must come together hand in hand. If you need a mobile on the go encryptor, you should not be carrying 2 additional clunky devices that looks suspicious and immediately stand out. If you need a SCIF-like standalone secure environment, then that would be more suitable for long term secrets and higher security and less mobile but more robust implementations like standalonr data diodes and sort. You wouldn’t be lugging a few additional machines and some data diodes installed inside a metal case just to be used as a smartphone or mobile on-the-go encryptor that immediately stands out in the crowd and gets you flagged as suspicious ???

The mix of political, monetary profits, ignorance and slow to improve status of general privacy and security tools led us to where we are now.

65535 April 14, 2016 7:56 PM

I was considering buying a refurnished house in New York. I have hired a real estate agent. But, this type of Out-of-Control Legislation has changed my mind [and probably saved me a boat load of money].

I will not buy a house in New York and I will disengage my realtor by Monday or Tuesday.

Further, I will not be visiting New York and any time soon [which again will save me money from their over-priced hotels].

By the way, does this legislation apply to New York taxi drivers who are always on the radio? They are the worst drivers I have seen – always in a hurry and cutting people off at every lane change.

Does this legislation apply to Uber and other for hire cars? Does this legislation apply to off-duty police and firemen?

r April 14, 2016 8:17 PM

@Thoth,

10-4,
This has really made me wonder about all the conspiracy theorists out there and their ‘crazy’ theories… I support the classic job description as we’ve heard Bruce say about spying on spies… But this is just underhanded, it piqued my curiosity and I looked into Ms. Feinstein’s contributions; albeit not too deep. Pure MIC/IC imb. It’s a sad day when the war mongering and profiteering is so thinly veiled on our own soil.

Thoth April 14, 2016 11:21 PM

@r
If you ever search on Youtube videos of Defense Contractor, you will be likely to notice why they are a lucrative area. They are doing pretty good in terms of marketing in a vague manner (without a lot of information in the name of security and certification criteria). More of the military space equipment are now adopted for civilian agency purposes as well and these previously military applications and specializations are propagating very quickly and becoming a favourite of modern civilian agencies.

Ergo Sum April 15, 2016 7:07 AM

Like any other new laws nowadays, the textalyzer law is intended to get around some part of the Constitution. Financially benefiting companies is just icing on the cake. That’s been going on ever since, well, the Constitution has been in existence.

It will not be long before people speaking up against government action will be jailed, may even be without a trial. Yes, the Constitution guarantees free speech, but… There’s nothing in the Constitution that guarantees freedom after the speech.

Proposed laws like the textalyzer just reinforces, that we are at the point of no return from this systematic erosion of the Constitution.

AlanS April 15, 2016 10:03 AM

Dan Wallach on the Freedom to Tinker blog on alternatives “to these sorts of “magic wand” technologies, given their inherent inaccuracy, unacceptable invasiveness, and at-best questionable constitutionality.”

Buggy April 15, 2016 12:12 PM

Wow, this seems like we’re largely having the wrong arguments here, and I’m surprised at Bruce’s take on this. Agammamon has it right when pointing out that drunk driving is a legal outlier, and we’ve given up several constitutional protections because (a) this was a public health issue with no other obvious solution (unlike this one) and (b) MADD yelled “consider the children” for long enough (coming soon to a TV near you vis-a-vis this topic). To say “this is no more invasive than DUI laws” is the same as “this is no more invasive than the most constitution-violating laws we have merrily accepted to date … and this is v1.0 of these new laws, in a domain (tech) where you don’t get to see what’s happening (as opposed to fluid and gas draws, which they haven’t managed to hide from us yet, AFAIK).”

If we’re going to legislate by analogy, I would say consider this the equivalent (with possibly the same savings of life and limb) to seat belt laws, which can be enforced visually, and the only question is whether it’s an offense in its own right or one that requires a stop for another (possibly fabricated) reason. This is really just a subset of “distracted driving” enforcement, so does not in of itself merit 4th and 5th amendment violations … if your hand is moving around in your lap and you aren’t looking at the road, it doesn’t matter if you’re texting or reading old Playboys, as far as pedestrians are concerned. How you enforce those rules is another question, but given that the courts have decided that ubiquitous security cameras are not only acceptable but imply that we’ve given up our expectation of privacy in public places, it seems filming the driver from a cop car (or intersection camera), OCR’ing their plate, and sending it to a review board would suffice. In Cali, we already have red light cameras that issue tickets pending a review by a real human being of the pictures taken … if televised sports are any indication, post-game review and penalties are far preferable from a time and cost standpoint than stopping everyone’s day to make a ruling on the field. I can see how you’d disagree, easily, but I’d rather get on with my day and not interact with the PoPo — who can use the interaction as grounds for getting around probable cause constraints — and get an unappealable bill in the mail if I’m doing something “distracted,” rather than clog the courts with appeals to tickets issued in the field. You could probably even set up portable and well-signed “distracted driving cameras” like the portable “your speed is…” signs, and only the distracted drivers would not see them coming.

Am I right in believing that (aside from DUI laws, which, again, come with a huge asterisk) you have a right to expect privacy in your vehicle in most states, but that certainly doesn’t apply to anything that can be seen through your windows? Is there anything to stop anyone from setting up a camera on the side of the road and filming everyone that drives by, and “outing” the worst offenders on The UTubes? [Note: this is not a proposal, or even a good idea … I’m just trying to calibrate if filming drivers creates any precedents, which I’m generally opposed to, on slippery slope and total-size-of-the-legal-code grounds]

I don’t see how anyone on this blog can be OK with what we’re being asked to give up in exchange for semi-solving a subset of a problem in close-to the most invasive manner possible. Was Bruce trolling his own site?

r April 15, 2016 1:45 PM

Two more things,

Of this is implemented using the cellphone scraping devices then what is to protect the phone from being damaged/destroyed in the accident?

My second point is both the vehicle and phone would need relative time to be calculated not actual time, I run around in airplane mode almost constantly.. It’s not like the have atomic time.

MarkH April 15, 2016 6:12 PM

I didn’t read all of the comments, but having scanned through, it seems to me that most participants are not aware that the majority of motor vehicles already incorporate Event Data Recorders which can provide data useful for accident reconstruction.

It is my personal judgment that the public (and therefore the state) has a substantial interest in data concerning both the intoxication (if any) and phone usage (if any) of drivers involved in dangerous incidents on public roads.

Further, I consider that the bypassing of warrants (implied consent) is reasonable for the case of collecting samples to assess intoxication, and its constitutionality has presumably survived many US court challenges.

r April 15, 2016 10:44 PM

GG MarkH,

You’re right, don’t you think they (the public) have an interest in privacy too?
Especially when the black boxes already exists and an in cab camera would catch alot more violations than just texting? Pfft, might even help to identify car thiefs, jackers, etc.

I think you should let the NTSB handle this, don’t they make safety recommendations?

You just illustrate how this really is an underhanded land grab and one of the other cards the FBI mentioned holding in the case of FBI_v_Apple. Look, I know this is semi off topic and I may get deleted like Wael last night but seriously…

http://www.dailytech.com/Texas+Police+Ask+Drivers+for+Blood+Samples+Secretly+Test+Those+Who+Refuse/article33789.htm

It’s not just Texas either. You want us, er: me… to trust you? Take the first step. Do something that’s altruistic and actually in our interest.

What are you guys doing when you roadblock and intimidate like that? Dragnet DNA sequencing? You guys bring poles(taser) and tackle boxes(textalyzer) when you go fishing too huh?

R - not r April 15, 2016 11:33 PM

MarkH – Cellebrite does pay you, right?

No normal person who would also be on this site on their own volition would communicate like you are.

The drunk driving roadblocks are completely anti american, brashly uncosntitutional, and wholly evil, enacted by brutal violent men. Forcing the generla population to interact with the violent and murderous police is a serious problem in itself.

A textalizer text-n-driving roadblock would presumably be totally possible if this happens.

I absoutely loath the thought of that.

Furthermore the technology is almsot certainly not able to actualyl tell if the phone was really causing a distraction. It is just bullshit in bullshit out. False positives, false negatives – these will be the norm.

Mark H – serious questions

1) Do you really think the majority of cars have data recording that is signifigant – the average age of cars is not 6 months old, mark. You are lying, and you know it. It isnt even jsut misleading to make the equivelancy- you filthy liar.

2) What if someone’s passenger is using their phone?

3) What if someone is using hands free?

4) What if someone has no phone? Then they get their car searched automatically?

MarkH – Admit it, you dont even live in america.. Right mark?

The public has a bigger interest in making the bankers behave – but you are here to shill for your employer, a company owned by banker-types.

r April 15, 2016 11:41 PM

@MarkH,

“Dangerous incidents”, could potentially destroy a non hardened data source like a phone. Imagine a resulting car fire, or the phone like the occupant is thrown from the window into water etc.

Your assurance isn’t very assuring.

Wael April 15, 2016 11:45 PM

@r,

Oh, I was wondering about that one. I posted it and got a server error… A strange error that said something like:

Movable type
An Error occurred
Connection error: Access denied for user xxx@someserver.com (Using password: YES)

I never saw it posted! I thought it was a server error. The moderator usually says something before deleting a comment. I don’t think I said anything warranting deletion, though. At the same time, it wasn’t important enough to repost… Who knows.

But just in case, ain’t gonna push my luck and try to repost it. Don’t want to mess with them moderators.

Clive Robinson April 16, 2016 2:30 AM

@ R, r,

Do you really think the majority of cars have data recording that is signifigant

If they have certain brands of popular smart phone, pedometers, fitbits, etc on board then yes cars have significant data recording in them, before we consider the likes of ConStar in newer cars. So it will not be long before the Thugs-in-Blue start demanding access to everything as a right…

The problem is the accelerometers in such devices are not calibrated in magnitude or direction, nor can they be. But that won’t stop prosecutors using the data as evidence of guilt, whilst not alowing it as evidence of innocence (which is what the DOJ is reputed to do currently with other evidence, which caused a judge to resign).

As for,

What if someone’s passenger is using their phone?

This is like the old thing about a shared car when it’s not clear who was behind the wheel at the time of an accident. Thus it would be unwise for anybody to have a phone or any other device with inbuilt accelerometers in operation in the vehicle at any time. Because the Thugs-in-blue will just argue “joint venture” or what ever argument they can scare you with (think illegal erasure of photos and taking of equipment by police etc by “terrorism legislation” that has been used in the past).

Which if you think about it also answers,

What if someone has no phone? Then they get their car searched automatically

Also means the passengers / other occupants get the “hands on the car feet spreed” search, which in some cases has been used as an excuse for sexual/agrivated assult by the Thugs-in-Blue, including in atleast one case a body cavity search.

Oh and of course, trying to stop such behaviour carries other risks including being shot and having evidence planted on you… Such are the joys of the US legal system reported outside the US.

Oh for those who want a wake up call, go look at the website of “The Guardian” newspaper, they have been investigating “Blue-on-Black” shootings in the US as well as the very strange behaviour going on in Chicago etc… If even a small percentage of it is true, the US is not a place I would say is safe for anybody “not-in-blue” let alone vistors from abroad.

Oh and from what I remember in the US having your own “Police Force” is relatively trivial to arrange, and worse there is no agreed standard of training –if any– required for those putting on the uniform…

ianf April 16, 2016 3:27 AM

@ Wael “Oh, I was wondering about that one. I posted it and got a server error… A strange error that said something like:

    Movable type
    An Error occurred
    Connection error: Access denied for user xxx@someserver.com (Using password: YES)

I’ve not seen any limericks from you, but the above doesn’t “sound” like anything from Bruce… possibly some intermittent server hiccups.

This, on the other hand, experienced by me yesterday while repeatedly searching TheGoo for someone I just discovered bearing my last name, in combination with varying “site:named_newsource” delimiter (a.k.a. “dorking”), looks to me like some upstream NSA-equiv. “listener” robot suddenly awakening from slumber, and deciding to investigate closely possible link between two hitherto separate, but apparently somehow connected Same Lastnames (in the process maxing up Google’s expected request frequency and response times?) My searches were executed manually, hence slowly, if repeatedly, from an iPhone=currently sole inhabitant of my LAN & wireless router to a cable provider’s modem. I wish someone would tell me “nothing to worry about,” anyone?

    [Instead of expected search results, TheGoo throws up a graphic CAPTCHA with this explanation]

    About this page

    Our systems have detected unusual traffic from your computer network. This page checks to see if it’s really you sending the requests, and not a robot. Why did this happen?

    This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the Terms of Service. The block will expire shortly after those requests stop. In the meantime, solving the above CAPTCHA will let you continue to use our services.

    This traffic may have been sent by malicious software, a browser plug-in, or a script that sends automated requests. If you share your network connection [NOT that I know of], ask your administrator for help — a different computer using the same IP address may be responsible. Learn more

    Sometimes you may be asked to solve the CAPTCHA if you are using advanced terms that robots are known to use, or sending requests very quickly. [embellishments mine]]
    IP address: [redacted]
    Time: 2016-04-15T13:22:05Z
    URL:
    https:‍//‍www‍.google.‍co‍.‍uk/search?client=safari&hl=en&q=[search_string_redacted]&gs_l=mobile-gws-serp.3…[redacted]&ech=1&psi=[redacted]&ei=[redacted]&emsg=NCSR&noj=1

P.S. The other’s last name turned out to be a pseudonym, while mine is ereditato.

Wael April 16, 2016 4:26 AM

@ianf,

possibly some intermittent server hiccups.

I believe so too.

I wish someone would tell me “nothing to worry about,” anyone?

Nothing to worry about! Happened to a colleague who does a lot of searches. Google likely fingerprinted his browsers (and yours) and flagged them as bots, throttled them down, then presented a captcha just to make sure they are human.

Happened to me once or twice.

R - not r April 16, 2016 12:43 PM

Clive,

Yes – calibration is part of what i meant ‘bullshit in, bullshit out’. Add the ability for actual criminals to circumvent these techniques, and other obvious likelihoods, and you see the data they gather on ‘if the phone was in use’ is almost useless. Accelerometer data combined with text-sent times only proves the car was moving and that the phone sent a message. In order to know if it was automated, hands free, a passenger, or done by the actual driver, the phones will need to be programmed to provide this information, which can still be hacked.

MarkH was not referring to cellphones, fitbit, etc. he was referring to brand new cars that have built in data recorders. He was lying. Dont try to excuse his lies. He is a actual liar – quite obviously paid to lie. His argument was ‘Its already being done, so who cares’. This simply isnt true, and MarkH knows it because he is obviously paid to lie. Paid Liar.

I lived in Chicago 16 years. It is… It is shocking and inexcusable what the politicians and police allow to be business as normal in that city, and reporting on it may occasionally miss the point or go down a blind path, but much of it is likely to be true.

To me the main missing reporting is reporters calling out so called Chicago leadership. I profoundly hope Chicago can stop the violence…But with the cops marauding and people like Rahm ‘let no crisis go unexploited’ Emannuel in charge, i see zero hope.

I am shocked Bruce sides with Cellebrite and the cops on this one.. Shocked I tells ya!!

Hey Clive – Love your comments here!

r April 16, 2016 7:53 PM

Be aware, the only solution I can come up with to defeat the claim that “my passenger sent that text for me.” is having the front facing camera on during a phone’s use (where texting or apps are concerned).

Disclosure: I have a commercial drivers license, I drive ALOT. I have on hundreds of occasions asked various passengers to “answer that”, or “tell them… (over text)”. I stay off of my phone when behind a commercial vehicle: it’s a legal requirement that could cause me more trouble than mere fines. I learned my lesson about fidgeting with devices a long time ago. Technically, I have to pull over… But like I said if this goes through I’d expect the cameras to snap front facing photos… at which point covering up your cameras may become obstruction. 🙂

Nicholas M April 17, 2016 12:34 AM

@ R, r, MarkH
“Yes – calibration is part of what i meant ‘bullshit in, bullshit out’.”

That’s why this has all the usual suspects of a ‘Wild goose chase.’ I seriously doubt a typical LEO would welcome such a device or system in place, unless they’re aiming for a future career in politics, which as we know requires serious fundraising. Reason being, nobody enjoys being sent on a wild goose hunt.

WhiskersInMenlo April 19, 2016 12:50 PM

Sadly too many regulations and laws have more to do with
a product being sold than they do with anything else.

This seems to be a product that sells magical thinking
that allows folk to believe a device can tell what you were thinking.

Having to unlock a phone is strongly related and perhaps evidence that the
device was not in use as would having the phone in your back pocket. Same for
a hands free cradle.

Little on the phone could prove that you were distracted or not distracted.
It might imply that you could have been distracted. No different than having
a passenger, radio, cigarette, flying bug or bee. No different than
the touch screen devices in new cars and bluetooth pairing to
the entertainment system of the vehicle.

N.B. Inspect the internals of a modern squad car and count
the external antenna. If anyone is distracted it is an officer
in a squad car. Combine that with the constantly aggressive
mode of driving.

The only reason more squad cars do not kill more people is
the bristling antenna farms, black and white paint and sometimes
flashing lights. Also they have a lot of practice in how to write
a not-me accident report.

As for flashing lights a MUCH larger and dangerous risk is
the glare from headlights, streetlights construction lights.
A data dump from a phone will not record bright headlights
in the vehicle behind. The data dump will not record reflected
glare from high beams or fog lights of oncoming cars.
A data dump will not record modern street lights in the field
of view that make the shadows darker and obscure visibility
in the context of selfish illumination. Again headlight makers
are trying to sell “improved” lamps but with a selfish point of
view.

Justin April 19, 2016 2:33 PM

@ WhiskersInMenlo

A data dump will not record modern street lights in the field
of view that make the shadows darker and obscure visibility
in the context of selfish illumination. Again headlight makers
are trying to sell “improved” lamps but with a selfish point of
view.

I quite agree. If everyone ate carrots and drove with headlights off at night and there were no streetlights, we’d all be better off for moonlight and starlight.

rino19ny April 21, 2016 1:54 AM

what’s the big fuss? authorities can just order the phone companies for usage logs.

Adam September 3, 2016 4:20 AM

This can’t be a reliable device to provide incriminating Yes they offended / No they did not offend evidence even if it is protecting one’s privacy. Phone manufactures vary, and a new device is produced every year. This would be a gigantic waste of taxpayers money for very little reward even if you push the costs on to the convicted offender.

This also couldn’t work reliably for iPhone’s because the device is encrypted until the user signs in. Even with the FBI’s trick they purchased couldn’t possibly work if the user has opted for a password rather then a passcode (I use a password, but think of the many combinations), or a passcode greater than 4 digits (most average user would use the 4 digits)… [tip: if you use a passcode greater than 4. On the lockscreen shows an infinite textbox which at point you can’t tell how many digits the code is], They could force the user to give them their fingerprint (which is why I don’t utilize the fingerprint feature, not that I have anything to hide).

You can’t use a device on some and not for others. Hold on sir/miss our breathalyzer won’t work on you so we’ll skip this step. Sir/Miss what type of phone do you have, oh that phone can’t be scanned so your free to go. I’m pretty sure if your going to enforce a law there needs to be some consistency. (I’ve been known to be wrong). Sure there’s a few other ways they can gain access, but out in the field an officer can’t hold you there for 2 days.

My point is that they’ll be chasing new vulnerability after new vulnerability and charging for each new update. I’d like to also point out that this wouldn’t prevent a user knowing full well they were texting on their phone, to then initiate a phone wipe before the officer could even request their phone and since 95% of their phone would presumably be backed up the night before they’re wouldn’t be much evidence of anything recorded to the phone since the last backup that could then be retrievable.

WASTE OF MONEY!! FOR ANYTHING OTHER THAN TERRORIST FORENSICS

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.