The Metropolitan Police have debuted a new tactic to beat Apple's iPhone encryption—by mugging a suspect while he was making a call and then keeping the screen alive while they downloaded all the data from the phone. The technique, which bears all the hallmarks of a real mugging, is apparently legal and seems set to be adopted as a standard means of gathering evidence from devices that might otherwise be locked to investigators.
The evidence gathered from the tactic helped jail five men involved in a major fake credit card operation. Officers from Operation Falcon, the specialist London unit tackling major fraud and other related online crime, seized the phone from one of the ringleaders, Gabriel Yew, whose gang were suspected of manufacturing false bank and credit cards and using them across mainland Europe to buy luxury goods.
Yew had been under investigation for a while, and was believed to be using an iPhone as his sole means of communication with the rest of his gang. If he was arrested in the normal way, he would most likely have refused to unlock the device, preventing access to vital evidence.
Police lawyers decided that they would have no power to force Yew's finger onto the phone's TouchID sensor, so they sanctioned a snatch-and-grab instead. A team of undercover officers followed him about his day until he stopped to make a call, leaving his phone unlocked. When he did, an officer swooped in, stole the phone, and kept the screen alive while his colleagues arrested the suspect.
"The challenges of pin code access and encryption on some phones make it harder to access evidence in a timely fashion than ever before," said detective chief inspector Andrew Gould who was in charge of the operation. "Officers had to seize Yew's phone from him in the street. This evidence was crucial to the prosecution."
Five men—Yew, another arrested previously, and three more subsequently detained on the strength of the evidence from his phone—pleaded guilty to various offences and were all sentenced at Blackfriars Crown Court on Wednesday, November 30. Thousands of fake credit cards were found in Yew's London home and car, alongside several printing machines and two stun guns disguised as torches.
"Gabriel Yew supplied fake credit cards in bulk for criminals all over London," said Gould. "The excellent and painstaking detective work of the Metropolitan Police's Falcon Taskforce identified Yew and his card factory then gathered sufficient high quality evidence to convict these defendants at court. This shows our determination to tackle the organised criminal gangs in London committing large scale fraud offences."
Earlier this year, in the US, the locked iPhone of Syed Rizwan Farook, who shot up an office party in a terrorist attack in nearby San Bernardino in December 2015, was a very hot topic.Apple wwas ordered by the courts to unlock the iPhone 5C, but ultimately it appears that the FBI used a zero-day vulberability to break into the phone.
Source: arstechnica