Comments

TS May 2, 2017 6:31 AM

Who took the steps?
That’s right, anyone could have.
Or even a dog or raccoon might have mangled her arm, causing the device to move.

If i were on the jury, i wouldn’t find this acceptable evidence.

Mitakeet May 2, 2017 7:14 AM

Even if this evidence is given to the jury, it may not be significant to the overall picture. Things like this are what drive investigator’s focus. Investigators are looking for inconsistencies and when they find one, they put it under a microscope (figuratively and literally). It’s hard for the guilty to hide under those circumstances. Granted, investigators tend to go with the odds (which are, when a wife is found dead, her spouse is responsible), but that’s generally to exclude the obvious before spending time on the lesser possibilities. They probably initially wanted to see the fitbit data to exclude the possibility that her body was moved, only to find the opposite. With that intriguing bit of information, they now reinterpret all existing evidence and see what questions that produces.

So, yes, that data is trivial to fake. However, unless you assume that the purported home invaders were trying to frame him for murder, it becomes trivial to think that the suspect’s story is the problem.

Andrew G May 2, 2017 7:40 AM

I guess what could make this case interesting from a legal point of view is that FitBit data probably isn’t digitally signed (I don’t know for sure, just guessing). Therefore it would be pretty simple for the police or district attorney to have tampered with the data. Less simple but also possible would be for an accomplice of the killer (who may or may not be the same person as the accused, that’s what the trial will determine) to have tampered with the data.

As a thought experiment, let’s try to imagine a system like a FitBit where the courts could subpoena the data and have assurance beyond a reasonable doubt the data had integrity.

End-to-end digital signing would certainly do the trick but I don’t see a business interest in the vendor signing the telemetry from each end-user device. So let’s say the software on the device is digitally signed, so we know the device hasn’t been tampered with, and the data was encrypted in transit (standard HTTPS/TLS) and at rest. Then I think I’d want to know that no known unauthorized access to the data storage system occurred between the time of the crime and the time the subpoena was served. An affadavit from the vendor would probably be enough to convince me (I’m either a juror or an expert witness, take your pick). And I would certainly want a guarantee the police or prosecutor did not tamper with the data after they received it — that to me is the biggest risk in the whole scenario. So I would want to see a digital signature on it at some point. As I’ve already said, the vendor doesn’t have a business reason (that I can see) to sign the data at the point of collection. If they were to sign it after retrieving it from storage and before handing it over to the police, that would be a lot better than nothing.

Given the number of news stories and documentaries I’ve seen where the police or prosecution tampered with, destroyed, or withheld exculpatory evidence, I am pretty concerned about courts setting a precedent where digital evidence is admissible without some kind of integrity guarantee.

casey May 2, 2017 8:11 AM

Fitbit information aside, he claims he escaped from zip ties and burned an armed intruder with a torch. Found with one arm and one leg still attached to a folding chair. Promised pregnant girlfriend he would divorce the now deceased wife. This is such a bad story. He should go to cliche prison.

Clive Robinson May 2, 2017 8:14 AM

@ Andrew G,

I guess what could make this case interesting from a legal point of view is that FitBit data probably isn’t digitally signed (I don’t know for sure, just guessing).

Except for fairly rare exceptions crypto tends to require CPU cycles thus power. Thus I suspect that there is little or no security in a battery driven device. Otherwise users would be needing to re-power it much more frequently than “marketing” would like…

Winter May 2, 2017 8:56 AM

@TS
“Who took the steps?”

It seems the registration of the fitbit contains entries that originated after the supposed time of death. That requires an explanation, just as all other tracks and traces found. At the least it casts doubts on the story told by the husband.

The fact that this evidence could have been faked is just as relevant as the fact that hairs and fingerprints can be planted.

Clive Robinson May 2, 2017 9:28 AM

@ casey,

… he claims he escaped from zip ties and burned an armed intruder with a torch.

Hmm there is to little information there to judge. That is there is no information on the location, the type of folding chair, the ties or torch. Nor is there info on the state of the folding chair…

I don’t know about your house but the only places I have folding chairs is patio/garage for barbeques and “sitting out” around the pottery heater and the kitchen / under the stairs for extra seating indoors for meals etc. None of the folding chairs I have are what you would describe as very strong and thus could be fairly easily broken if you wanted to.

As for the torch I’ve several around both the barbeque, heater and in the kitchen.

As for zip ties I have hundreds lying around of very many types. There are those in the garage/workshop and those in the kitchen a good few are of the “reusable” types, which are actually quite easy to open even if you did have your thumbs tied together, and there are quite a few of the reusable ones in my kitchen draws along with reusable bags for food storage / preperation / cooking and freezing.

But they don’t mention where the superficial cuts were on the man. He could have got them whilst trying to free himself.

But the odd thing for me in the article is,

    including information from Connie Dabate’s Fitbit that showed she was still moving around the house an hour after Richard Dabate said she was shot.

As far as I’m aware Fitbit’s record relative not absolute movment nor is there a GPS position fix as you get in more expensive “runners assistants”. But GPS is usually only accurate to a little less than 10 meters with a clear sight to three satellites and quite a bit worse with multipath that you would get in quite a few buildings or other “covered areas” where satellite sightings would be intermittent and have path delay issues. That 10meter RMS error margin would cover most peoples homes even if they were not moving around…

So irrespective of guilt or innocence there is to little information in the report, and that which is there is also suspect…

It will be interesting to see what the defence and prosecution present in the way of technical evidence at trial.

@ Mitakeet,

Granted, investigators tend to go with the odds (which are, when a wife is found dead, her spouse is responsible)

I suspect that the police decided he was guilty when they found out that,

    The 40-year-old Dabate also told his pregnant girlfriend before the slaying that he was going to divorce his wife

And that’s why they put it on the warrant affidavit…

If they were like most police[1] I doubt they even bothered looking any further for anyone else for quite some time if at all.

[1] As I’ve indicated in the past the police in general follow a procedure that’s almost like a flow chart to draw up a suspect list. They then look briefly for “evidence to exclude” such as checking alibis to reduce the list down to a managable few. Then they switch tactics and only look for evidence to convict and frequently ignore / hide evidence to the contrary. They do this to keep cases managable, but every so often we find that they’ve ended up pursuing an innocent person into jail. Once through the court reopening a case on “new evidence” is particularly hard, and generally it has to be much stronger than would have got the person taken of the suspect list originally.

Mike May 2, 2017 9:57 AM

On a more serious note,. who uses fitbit?
How easy is it to fake / tamper with the data?

And in this case, who would benefit the most if this data was indeed tampered with?

Scott May 2, 2017 10:38 AM

An interesting and scary book to read is “Mistakes Were Made (But Not By Me)” by Tavris and Aronson. Once someone things “X did it”, they have strong unconscious biases to interpret (or reinterpret) evidence to support their belief. In cases like this, I fear that once ambiguous evidence (i.e. was she alive or is it GPS jitter?) is interpreted one way, it becomes unassailable in some minds.

TJ May 2, 2017 10:52 AM

@Mike
Who uses fitbit? I’m amazed at the both the quantity and class of people using fitbit. It even looked like Obama was wearing a fitbit surge in his post-office appearance at the University of Chicago.
How easy is it to tamper with fitbit? Very easy.

Tony Pelliccio May 2, 2017 11:58 AM

Years ago a guy in CT killed his wife and then ran her through a wood chipper. The cops got him on a small fragment of bone left in the chipper. He was convicted and is probably still in prison today.

So using a fitbit isn’t a surprise to me.

Daniel May 2, 2017 1:48 PM

@Scott

Yes. This incident is the perfect example of what has become known as the “CSI effect”.

https://en.wikipedia.org/wiki/CSI_effect

They didn’t arrest the person because the evidence showed he did it, they arrested him because arresting people is what police do and the Fitbit data gives them the excuse they need. A good defense attorney will make mincemeat out of this data.

“Look it’s digital. It must be TRUE!”

Anonymous Privacy Attorney May 2, 2017 2:15 PM

[Disclaimer: I am a lawyer. I am not your lawyer. This is not legal advice. Also, please don’t murder people.]

It’s important to remember that this is evidence only cited in the arrest warrant, meaning it is, for the moment, circumstantial. Once/if this evidence gets introduced at trial, it will have to be authenticated. It’s not uncommon to have data experts on each side argue why the evidence is reliable or unreliable.

Prosecutors will likely use the evidence to support their telling of the facts, not as a smoking gun that definitively proves murder. The same thing happened in a similar case in Canada a few years ago disproving a person’s alleged rape. Data like this usually only provides a narrow window into the goings-on of a crime scene, but it does help both investigators and a jury piece together what might have happened, including whether someone might have taken the Fitbit off of the victims arm and shaken it a few hundred times.

I actually wear a Fitbit. I have consciously made the decision to share my step and heart rate information with third parties. It’s acceptable, but not perfect, at tracking footsteps and heart rate without getting too confused by false positives. This means that it is unreliable and obfuscated enough that I am not concerned about data voyeurism, but it’s reliable enough that I can use it for my own purposes.

In the end, it’s just another data vector, and there are, in my opinion, more situations where it can be beneficial to me to have that data than not. For example, someone attempting to frame me would have a much harder time corroborating the Fitbit data than if I weren’t wearing a Fitbit at all.

A colleague of mine once had a personal injury case where the victim presented GPS data (it may have been from a phone, as I think an accelerometer was also involved) that, supported by expert testimony, demonstrated that the victim had made three laps around the park and had slowed down at a blind intersection. On the fourth lap, the data showed where the bike decelerated going into the intersection, suddenly accelerated when a truck ran the stop sign and careened into him, and the decelerated as he hit the pavement over 40 feet away. It was powerful evidence that, without the information, would have been a he-said, she-said argument between the cyclist and the driver.

A good law review article for those interested in the legal implications of wearable devices: http://scholarship.law.edu/cgi/viewcontent.cgi?article=1018&context=jlt

Scott May 2, 2017 2:49 PM

@Daniel

The book has some examples that are scary. Once you (people in general) commit to a decision you will defend your commitment in the face of contradictory evidence. You are defending your self-image: “I’m a good person, a good person wouldn’t have put an innocent man in jail, therefore he’s guilty”. In one case a person was convicted for rape & murder. No one even mentioned the possibility of an accomplice. When DNA testing later showed that the person could not have done it, the DA said “I’m sure he’s guilty; I always suspected he had an accomplice.”

Attempts to present new evidence often faces resistance because often the people who decide whether or not to review the case in light of the new evidence are the same people that decided guilt. Several locales have formed conviction review groups, and they don’t have any decision to defend — their self-image isn’t at stake.

I highly recommend the book, but then I’m biased because I bought it (spent money) after hearing Tavris talk about it at a conference (spent time and more money), so if I give the book a bad review I’d be admitting I spen money and time on a bad thing. So of course it’s good. 😀

Daniel May 2, 2017 2:53 PM

“It was powerful evidence that, without the information, would have been a he-said, she-said argument between the cyclist and the driver.”

Corroborating evidence. As opposed to this case, where the data supposedly contradicts the narrative of the survivor but corroborates no theory of the prosecution other than “well maybe his story doesn’t add up in every detail so he must be guilty.”

Mr Prytania May 2, 2017 10:05 PM

FYI I have family that use fitbits. Theirs handshakes with their phones and laptops every so often and uploads step data. So if the victim was actually walking around after the time she was supposed to be dead this data would have been uploaded and timestamped on the Fitbit servers. You can upload later but I’ve seen histograms of steps over time. Yeah you can jazz with the data but it does try to keep things straight.

Drone May 2, 2017 11:27 PM

Now the Marketing Goons at Fitbit will claim it maintains fitness – by deterring Murder!

Clive Robinson May 3, 2017 1:16 AM

@ Drone,

Now the Marketing Goons at Fitbit…

Remind me, was it not some PR or Marketing loony that said that all news was good news?

And another one advising about lemons and lemonade?

I’m thinking they must have been “managment types” with that sort of outlook. You know the type, they manage three salesmen and one day decides to incentivise them with a little competition. So tells them the person who sells most this month gets a bottle of wine, the next best gets to keep their job…. And when the best salesman leaves a few days later for a new job the manager tells his manager that the guy was a lightweight or couldn’t hack it or some such…

Thus demonstrating both the Peter Principle and the Dunning-Krueger effect in one go…

But marketing does have other accidental side effects,

http://dilbert.com/strip/2010-07-18

Bob Paddock May 3, 2017 9:20 AM

@Clive Robinson, anyone that knows?

“Except for fairly rare exceptions crypto tends to require CPU cycles thus power. Thus I suspect that there is little or no security in a battery driven device. Otherwise users would be needing to re-power it much more frequently than “marketing” would like…”

Is there any adequate (see below) encryption for low energy devices like FitBits or IoT where they must run from something like a CR2032 coin cell? Or a slightly larger device/battery like a implanted defibrillator?

Adequate in this context: Prove the data has not be tampered with at rest or in transit, can only be utilized by proper parties (my doctor and I in case of the hypothetical defibrillator) in a time frame of six months or more (anything can be broken given enough time and resources, what my heart was doing six months ago is probably not that relevant anymore).

In my world of medicine I’m constantly seeing people complaining about medical devices being ‘hacked’ by people thinking desktop power in both cycles and Watts to fix the problems and not 4bit devices (EM6607 as example) and Micro-Watts. 🙁

ab praeceptis May 3, 2017 9:37 AM

Bob Paddock

Let me put it like this:

a) low power (typically in both computing power and energy) crypto is kind of a separate world. In the eu crypto competitions, for instance, there is an extra “department” for that (see e.g. the Rabbit algo).

b) The difference between algo classes that on a PC look quite similar in terms of speed become huge there. “hashing about as fast as sym crypto and PK crypto being somewhat slower” doesn’t hold anymore.

Also keep in mind that not only are the registers typically considerably smaller (and less of them, too) which very much slows many computations but there are also rarely caches and other gadgets that are taken for granted on a desktop cpu.

Maybe Thoth will see this and chime in. If I remember correctly, he told us about slow computations (and interfaces) on small but specialized chip card processors (partly java being the guilty part but still those chips, although specialized and offering some hardware support for crypto ops, seem to be less than performant).

smurfs May 3, 2017 10:14 AM

I wonder how fitbit timestamps data across different timezones, or how it handles daylight saving… misinterpretation could account for an hour or two!

TimH May 3, 2017 10:22 AM

@ab praeceptis, Bob Paddock
Low power data loggers can encrypt in software, very slowly, but very slow is fine in this use case.

As an EE, I suspect that encryption is largely ignored because the design engineers know they don’t have the skills, and project management won’t bring in the expertise.

Lastly, even IC manafucturers execute encryption badly: Mifare DESFire MF3ICD40, side channel attacks on Xilinx Virtex 4 and Virtex 5 Bitstream Encryption Mechanism, Keeloq. See “Lock It and Still Lose It—On the (In)Security of Automotive Remote Keyless Entry Systems” presented at 25th USENIX Security Symposium for the crappiness on automotive RKEs.

Clive Robinson May 3, 2017 11:38 AM

@ Bob Paddock,

Is there any adequate (see below) encryption for low energy devices like FitBits or IoT where they must run from something like a CR2032 coin cell?

The problem as I said is “CPU cycles” it realy does not matter within certain limits how fast or slow you run the algorithm it has to do those cycles and incure the energy usage required.

Worse of cause will be the engineers quite natiral desire to save every nano columb they can, which will if they are not battened down to do otherwise will open up all sorts of time based side channels.

Then you have the fun of multiple crypto keys and auditing. This naturally calls for the use of a PKI type system. Which on a 4bit processor is not just going to need a very large number of CPU cycles but a vast amount of memory.

Back in the 1980’s I had to write a 256bit RSA based key transfer system for a Z80 based system. Lets put it this way it was slower than a drunken slug crawling through treacle.

The person that might be able to give you something to read is one of Bruces co-authors Prof Tadayoshi Kohno who in the past specifically did research in that area as can be seen,

http://homes.cs.washington.edu/~yoshi/research.html

I also know that Queen Mary’s Uni in East London has a dept that does research into the failings of medical equipment as well as having other researchers doing crypto work in both the CS and maths depts and are kind of attached to the Royal Holloway right over the other side of London. I can not remember of the top of my head who’s research you need to look up but I do know he uses magic to teach basic algorithms.

Figureitout May 3, 2017 10:23 PM

Bob Paddock
–Definitely not on a CR2032 coin cell (depends on lifetime requirements), making even just general/basic best practice safety measures adds sometimes unacceptable current consumption (watchdog, brown out, other kinds of checking). Some of the best batteries in industry, apparently it’s best for long-term life to have a constant current consumption around 20uA, and you’re looking at around a 10 year life span depending on usage and consumption during active mode. Sure you know, to get true low power you have to keep the chip asleep as long as possible, whenever possible. Being awake on most all “low power” MCU’s is still way too much current consumption. Never used the EM6607 (that’s pretty low active current consumption, I see around 75uA but on comparatively powerful chips) but I’m seeing a 32kHz oscillator as a common feature for parts that stay awake while main CPU shuts down. Wondering if we could slow that down to 16 or 8 kHz, what consumption would be then. Probably already tried and unacceptably slow.

The power consumption levels in low power world are incredibly low, but for robust encryption it needs to be lower.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.