Mr. Robot

macrumors newbie
Original poster
Jan 11, 2020
1
0
iPhone X running iOS 12.3.2
4 digit numeral password

I have a mental illness and was arrested for trying to light a car on fire. Anyways the police took my phone and I pleaded guilty in court, and now I'm getting treatment for my illness.

However, after the court, the police decides to give back my phone and make me sign that I received it. 30 minutes later they changed their minds and decided to take it again lol.

I refused to give my password, I was kind of pissed about it. There's nothing on it related to the case.

So what are their options for both logical and psychical extraction?

The phone was in USB Restricted Mode, so my guess is they can't brute force my phone? Brute forcing my phone would be a child's play since it's a 4 digit numeral code.

If they decide to install a jailbreak root, maybe their own or something like Checkra1n/Checkm8 then they would have to put the phone in DFU mode right? They would enter the before first unlock mode. (BFU) and not be able to extract media files? Keychain and so on?

I'm aware they could brute force with the jailbreak, but they would only have 10 tries so odds are 1 in 10000?

I know they can't decrypt the phone since Apple uses AES 256 bit encryption, also I deleted iCloud backup and changed Apple ID password as well as enabling two-factor authenticator on the cloud.

Also, they wouldn't be able to decrypt the password on the iPhone since it's on the secure enclave which doesn't trust the BootRoom which Checkra1n exploits?

And also there exists no iTunes backup of the phone noir any paired devices.

I guess it would be impossible to unlock it right? What are their options?

I'm aware they could plant a keylogger with checkra1n but I’m just gonna reboot the phone when it's handed back thus deleting the keylogger and restore the entire phone as well before using it again.

Thx for reading!

Here are the questions again. :)

Their options for logical extraction and what would the extraction include of files?
Their options for physical extraction?
Brute forcing?
BFU, DFU, USB Restricted Mode?
Jailbreaking it?
What are their options?

On the day it was taken, they asked for the password and they said I could have it back in 2 days, or it would take them 1-2 months to break it. (we’re past 2 months now) They threatened to give the phone to their technician the same day if I didn't deliver the code before a certain time of the day.

The day after they called again, asked for the password again and threatened to deliver to the technician again.

A week later, same call and the same threat
I didn't deliver the password ofc, and they never bugged me about it again, so I’m assuming the technician has it and he’s hopefully struggling with this.

The case is not serious, no one was in danger and I’m not punished before.

Also worth noting, I live in Scandinavia, our police are pretty busy with more serious crimes and I doubt they would waste money on this. Hopefully!

I don’t trust giving the police access to all my data including keychain with all my accounts and credit card info. Our government have been exposed to many hacks and leaks and our healthcare info, social security and so on are not protected well at all. I trust apple’s security more than our government lol.

Best regards, thx for replying in advance!
 

QCassidy352

macrumors G4
Mar 20, 2003
10,648
2,807
Bay Area
I don’t know the answer to your question from a technical perspective, but I doubt they are trying very hard. I don’t know how police usually operate in scandanavia, but in the US, it would be a super low priority for them after you’ve already resolved your case, unless they have reason to believe you’ve done some other serious stuff.
 

Five_Oh

macrumors 6502
Jan 7, 2017
253
218
Flyover Country, USA
Almost certainly details have been left out. Why are they still interested in your phone if your case has been resolved? Why did they give your phone back and then take it again (30 minutes later??? Why were you still around?).

Did you ask them why?
 
  • Like
Reactions: koolmagicguy

cynics

macrumors G4
Jan 8, 2012
11,442
1,801
As a US citizen we are protected by the constitution, in your case specifically the fourth and fifth amendment. The data on the phone can not be searched and used for evidence without a warrant. And you can't be forced to give the passcode because that is potentially testimony thus against your rights..

Certain countries can detain you indefinitely or until you give them the passcode. This is effective because you harm you can do is minimized if you are in jail.

In your case you are at the mercy of the rights abided to you by your government. I don't know if it matters there but in the US you would NEED a lawyer, matter of fact the US gov will even provide you with a free lawyer if you can't afford one. Isn't crazy how pampered we are?! Unfortunately many Americans don't appreciate these rights because they've known no other.

Keep in mind though a governments priority is to protect itself and citizens from foreign and domestic threats. Some govs lean more toward protecting themselves, others lean more toward the citizens. Regardless you broke the rules at this point. They have more reason to not trust you than you have to not trust them regardless of their corruption and/or complacency toward their citizens.

Given enough time and effort an iPhones passcode can be cracked. Equipment used previously to crack iPhones was only expensive for an individual due to mark ups and restrictions of sales to non government entities. That doesn't apply to a government/business/agencies/etc though, the information on an individuals iPhone can be so powerful that the equipment cost is virtually free.

Apple will provide certain data to law enforcement agencies if a warrant is provided however it falls under the United States Communication Privacy Act. However some restrictions can be superseded if it's consider an "Emergency Request". This would be information required to prevent loss of life and injury.
 

Five_Oh

macrumors 6502
Jan 7, 2017
253
218
Flyover Country, USA
If you have find my iPhone enabled can’t you just wipe the phone remotely?
Not if a Faraday cage is utilized (most governmental agencies have-and use-these). Also, it is standard practice to immediately suspend the ability to make and receive transmissions (airplane mode) when recovering a device for this exact reason.