using a somehow not terrible service that has to comply with government demands vs willingly giving your data to big tech, you can always stop using email because it can never be fully secure
I always tell people to power down their phone if they have to hand it over. When the phone is in a cold state biometrics don't work and everything remains encrypted. Also, don't use a 4 digit pin. It makes brute force too easy.
That battery came from a remote control device the shooter had beside him for a bomb. Still don't know where the bomb was but the agents on scene took the battery out of the device so as to eliminate any further threat. They found his cell phone there and it was running at 10% power but they didn't touch it because they were not allowed to. By the time the phone made it into secure evidence the battery would have been dead and they would have needed to charge it before doing anything.
Thank you! I was watching the video while wiping my ass because I thought it was long enough. After a few moments I was watching an absurdly long sponsorship and after that some bullshit I didn't click the video for. I hate it.
@@patrickkirby6580 wrong, its based on the distance between your eyes, the depth of your eye sockets, the distance from forehead to chin, the shape of your cheekbones, and the contour of the lips, ears, and chin. As well as some other things depending on the phone brand.
Gotta love how verified commenters are still leeching off for likes by copying the top comment and rewording it. Looking at you X And to prove that you are just copying the comment, look at what @durran9664 said "
The US has a backdoor in every piece of equipment made in the West. They only run these stories about how the FBI has to hack into phones because they have to pretend that they don't to conceal that fact from the public.
CCC lab in Germany has shown any number of ways to bypass fingerprint scanners 20 years ago. They would lift a fingerprint from a cup using scotch tape, make it visible with superglue fumes, scan it and refine the edge, print it out, etch it onto a PCB, then pour wood glue onto the etching. When the glue is lifted, you can wear this plastic piece that naturally incorporates water and is thus inherently skin-like on a living finger to fool most fingerprint readers. There are further ways to enhance its function by coupling it better to the living body. I can't imagine that a fingerprint unlock module can be made that would be immune to this.
I seen it done using those mini baybell. Plastic cheese wheels somehow the outer coating was used. I don't remember the method. And it provides its own snack😅.
@geniferteal4178 Baybebell coating is just wax, i think partially natural. In that case paraffin would work too. Just have to reverse the fingerprint as etching, or get the finger to leave a 3D imprint in something harder than the wax and pour it in.
@@dannydetonator I don't remember the process anymore. I'm not going to look it up. But I remember it involved that maybe as the mockup finger to put the recovered fingerprint on I. Don't remember anymore
The key here is the "20 years ago" part of your comment. Back in the day, fingerprint sensors were all optical. They would use fancy optics involving a prism and a small camera to capture a 2D image of your fingerprint and compare it to the base scan. Fingerprint scanners haven't worked like this in over a decade because it's incredibly insecure and easy to fool with prosthetics and images. The two types of fingerprint technologies used today are capacitive readers, and ultrasonic readers. Here is how each works. Capacitive readers are an array of extremely small capacitive sensors in a matrix, similar to pixels a camera or a display. These scanners are often found on laptops, the side of phones, and the backs of phones. These can read the capacitance of your finger with extreme precision, capturing the exact ridges of your fingerprint in the form of a capacitance matrix. As such, images cannot fool this because it has no capacitance. A way you could try to defeat this is by using prosthetics, but you would need to replicate the exact capacitance of the person's finger, which varies from person to person, and varies across the fingerprint, making it incredibly difficult to recreate with the accuracy needed. It would be like trying to crack a 2048+ digit pincode, it's pretty much impossible. It would legitimately be easier to find a backdoor in the software that processes the fingerprint and exploit it than it would be to trick the scanner. Ultrasonic readers are usually found under the screens of phones, and function by firing an ultrasonic pulse into the finger that is reflected back into a sensor that can detect mechanical stress with incredibly high resolution. These scanners can capture an incredibly detailed 3D model of your fingerprint that can be compared against later. The 3D nature of this makes it immune to a simple photo attack. You would THINK this would be susceptible to a prosthetic attack, but it isn't due to the sheer detail of the scanner. Ultrasonic fingerprint readers are detailed enough to capture not only the ridges in your fingerprint, but also the freaking pores in your skin. The only way a prosthetic could fool an ultrasonic scanner is if it was a 1:1 recreation of the fingerprint, including all the pores in the skin, and it would have to be made out of real human skin, or a material with similar properties to human skin, as when you scan your fingerprint your finger squishes outward a bit, changing the shape slightly. An honorable mention is the optical-capacitive scanner, which is an alternative to ultrasonic scanners for under screen fingerprint readers. As the name implies, these combine the optical AND capacitive approach to achieve a similar security level to capacitive readers while being cheaper than ultrasonic readers. The Samsung A-series uses optical-capacitive readers, while the Samsung S-series uses ultrasonic readers. tl;dr The only foolable fingerprint readers are ancient optical scanners. Modern readers are either capacitive, ultrasonic, or optical-capacitive, all of which capture such detailed information about a fingerprint that it would be easier to find a vulnerability in the software of the device than it would be to trick the scanner. It would even be easier to brute-force a 16-digit pin than it would be to create a realistic enough prosthetic to fool a modern fingerprint reader. There's a reason modern readers are incredibly trusted in secure environments, and considered more secure than any other biometric.
Android 6 used full disk encryption. Android 7+ uses file based encryption. Full disk encryption means that everything on the flash memory is encrypted and you have to enter a password for the device to even boot. With file-based encryption, a new feature called Direct Boot was introduced which allows the device to boot to the lock screen and then require a password. This works because only the user files are encrypted and not the files necessary to boot.
"A Hardware and Software package which simply put can break into and unlock many modern phones. This all relies uon vulnerabilities in iPhones and Android devices, which cellebrite keeps secret." That's a weird way of saying that there are government provided and enforced backdoors in every device.
Reasonable to come to that conclusion, but most likely false. Cellebrite doesn't work on the newest versions of iOS, and has issues with many apple devices. Remember a few years back when the FBI went after Apple for their encryption; a battle Apple eventually won. Back doors are much more likely for Samsung and Motorola devices, but still, this is probably not the case. Cellebrite is also available to anyone to purchase with multiple plans and pricing options. There are thousands of shops around the US that offer Mobile forensics services independent of law enforcement.
Man, in case you didn't know, there is almost a 100% mismatch between what those 2022-2024 sanctions are supposed to do, and what their actual effect are. A lot of them actually give the exact opposite effect, or help the sanctioned country in another way. To be more precise about apple: they've closed their Russian office, and iphones aren't sold there officially, but they are sold there unofficially. And stores selling iphones there actually have more freedom now, and can be more competitive (i.e. apple has a lot of bs rules, that prevent stores from discounting apple-devices, to "keep their brand premium", now russian stores don't have to abide by that bs anymore). Now there is another thing: Russia wants to force apple to allow sideloading, China and India are thinking about doing the same thing. So you could see this VPN-app ban as a step-up to that.
1:00 This is true for capacitive fingerprint sensors which lots of phones phones are moving away from. Optical and ultrasonic fingerprint sensors work in a whole different way.
Optical sensors are very old tech and can be tricked with a 2D photo of a fingerprint, as that's exactly how it captures fingerprints, by taking a photo of them. Ultrasonic sensors are primarily used under the displays of devices due to not requiring direct contact with the finger. They capture 3D topology of a finger with enough detail to see pores, so they're practically impossible to trick, short of having the original finger to scan.
@@tbuk8350Most under display fingerprint sensors in phones are optical, usually lighting up the finger with a green light using the display. Of course ultrasonic sensors are popular on phones too, that's why I mentioned them.
@VDavid003 They aren't purely optical, though. Optical sensors are really insecure. They are usually an optical-capacitive hybrid design that makes use of both technologies to make it more secure. Optical-capacitive readers are usually in budget and midrange phones with under-screen readers, like the Samsung A-series. Ultrasonic are the most secure readers, but are also more expensive, so they are usually reserved for more expensive phones with under-screen readers, like the Samsung S-series.
reminder that "Strict Swiss privacy laws" only apply to Swiss citizens, not your $5 VPN, on top of that proton HAS cooperated with LE, don't let this guy sell you on a honeypot, he only cares about the money.
true in many contexts, though I don't think Swiss banking privacy laws apply to just Swiss citizens. However, the famous Dennis Levine insider trading case of the late 1980s was cracked when it was deemed the Nassau bank dealing with Levine in fact did not have a banking relationship with the inside trader, but rather had more of a stock buying and selling relationship, in that the Nassau bank to Levine was acting more like a stock broker not a bank. Thus the US feds got access to Levine's inside trading records and he was busted. Interesting how a little pressure from the USA seems to get countries to change their interpretation of the laws (even the Swiss banks now report on non-citizens at times).
You say they have "cooperated with LE" without actually providing context. Proton as any company is forced to comply with law enforcement, and when they were subpoenaed for a users data the only information they had on the person was a single recovery email, everything else was encrypted and inaccessible by LE and Proton themselves. The information found out about the journalist was provided by Apple. Also the Swiss laws are not Swiss citizen only, because Proton is a Swiss company they are not forced to log VPN traffic, backdoor any encryption, or comply with external country requests for information. Proton and Mullvad are some of the only legally proven no log providers.
a single recovery email, yes, which was the only information they had (rest is zero-access encrypted) and were forced to hand it oved by law. The email was an icloud one, apple handed over identifying information, ultimately compromising the user
i think it was a climate activist or something along those lines.. Not a good look. Email is never secure anyways, the fact that proton claims that their email is private is shady to say the least
@@silvanb Proton is not shady, if anything it proves they are trust worthy. They were forced to hand over EVERYTHING they had on a person and all they could provide was a recovery email address?
@@silvanb well, they didn't publish any identifying information directly and their email encryption point still stands. I agree that them giving out this other email isn't exactly a good luck, but ESPECIALLY considering they got nothing *but* that one email is decent.
@@silvanb proton to proton email is encrypted such that they can't access it. email to/from external services isn't encrypted that way because it can't be, unless the users are using PGP or something. they really do the best they can, they'll fight government orders to release information (which they do get often) and publish info about this, but there's a limit to their ability to say no
@@projectsspecial9224 no mate. There are some encryption algorithms and post quantum ones that were made by mathematicians who objectively prevented them from being verified by NIST and the NSA, meaning they cannot be backdoored. If you use devices or software which let you choose these, you are alright. But they will be trying to over time.
Your password must contain this, that, something else, be as long as your arm and have multiple family members standing by to confirm your identity. But the server holding these details and serving the login requests is essentially protected by a four digit PIN. It's almost as if they don't give a f###.
Also, I'd like to add, while breaking into the phone might be hard... samsung an google keep backup images of your device that you can restore from an Samsung USED to even keep saved hidden "temp img" files from your phone in the cloud. These images could be reconstructed using undeleter an help see everything that phone has ever seen. These temp images are from things like previews of photos you've taken or when you hit multitask view. Multitask windows are, I guess, like screenshots of everything open at least when it comes to certain apps. To gain access they could simply have used his simcard in another phone an then iniated a password reset via sms verify.
It’s the FBI. They just have to get a search warrant and force Google to hand over any information they have stored on a person and Google has to comply. No need to trick Google with this password reset stuff or anything. Same with your email and any other service stored in the cloud. The only thing that’s safe is stuff that is fully encrypted in the cloud that the company has no access to, such as Signal or Proton
This is not true, at least with newer Samsung phones. They do not... take screenshots of your screen??? I'm not sure where that information came from. All of your backups are fully encrypted on-device with a security key unique to your device which is generated and signed by Samsung when your phone is built at the factory. These keys are then encrypted with your credentials after setting up the phone. The only way your backups could be decrypted is if you physically unlock the phone and restore them. Samsung Knox is one of the strongest security systems on any modern device, period. There are layers upon layers of trust and security levels that prevent basically any attack on the system. Hell, any secure credentials, decryption keys, passkeys, etc. are all stored on a completely separate flash storage chip, which can only be accessed by a dedicated CPU with it's own dedicated memory running completely independently from the CPU running Android, meaning even if the entire Android system was compromised down to a hardware level with all CPU-level security measures being disabled, you still wouldn't be able to access any secure information without breaking through yet another proprietary CPU with it's own proprietary OS and security measures. Basically the only way to break a Samsung phone is by exfiltrating whatever data you can while the device is hot, though even that is limited because data is decrypted as apps use it and re-encrypted if the data hasn't been accessed after a short period, meaning you could only access very recently accessed data. The only other way is by brute-forcing the password, which could also be impossible if the user has enabled all the security features. There is an option in particular that will completely factory reset the device by zeroing over EVERYTHING (which makes undeleters useless) if the passcode is entered incorrectly 20 times consecutively.
9:00 not really unsuccessful. Rusian's ISPs are forced to install TSPU, which is a special DPI controller by roskomnadzor. It already banned almost all wireguard, openvpn and tor traffic. Currently they're trying to ban other proxies like old shadowsocks. During riots or other events when "government doesn't want to people communicate" they disable all non-whitelisted traffic. So basically we started to use same tools like in China to bypass it.
It kind of looks like the s24+ which has an ultrasonic fingerprint censor. You can use a corpse's finger on it due to it relying on sound(3d shape). Oh I didn't see the rest of your video.
At least with every other type of capacitive sensor, alive or dead doesn't matter. They basically just need something conductive so I don't think it's true that the finger print only works if the person is alive.
Probably just as easy now I am no expert but I think it’s something at a hardware level that allows access. As modern phones run the same android version right. And yet some still can’t be cracked.
@@Fjprints I doubt it will be just as easy as a Samsung. The whole point of Graphene running only on Pixel devices, is the Tensor chip. Which is by far the most secure chip atm.
If it was cold it would be significantly harder but if it was hot it would depend on user settings, there's a couple things you can enable to prevent all usb exploits I know of. Wouldn't help if it were decrypted already and you read the ram directory though
Every aspect of a device can be exploited. It depends on the device completely, the support for it and the type of extractions you wish to conduct. A physical extraction will likely involve CPU back doors like universal/MTK/Qualcomm live For logical and filesystem extractions, it's more the OS
People tend to think that someone is deliberately creating backdoors, not realizing that people are often just writing bad code that is full of bugs and vulnerabilities.
That would mean the Samsung S21 and newer are still unbreakable. They all have what they call "Knox Vault", which is a separate, proprietary in-house SoC running it's own proprietary OS with it's own dedicated storage and memory that runs independently alongside the Android OS and SoC. Even if the Android system was compromised down to the lowest hardware layer, the separate SoC that handles all the decryption and encryption, biometrics, credentials, etc. would still not be compromised, and would not give up the keys or credentials.
The data is encrypted in the hard drive of the phone with whatever pin you have set. If a hacker can bypass the rate of attempts a 4 digit pin is cracked instant. Realistically you need a 12 character alphanumeric pass + power off the phone before attacker gets it. It would be nice to have a very long password only on boot, then a normal pin after boot, why isn't this a feature...
You could do this on old Android versions given they supported full-disk encryption as opposed to file-based encryption which was mandated from Android 10 onwards afaik.
@@bayzed Interesting. Upon reading about FBE - it generates separate encryption keys for separate files, allowing some (userspace file keys) to be discarded from RAM when the screen is locked. But the encryption keys, while unique, are still generated from the weak pin, so it wouldn't help against brute force attack I believe
Comparing Apple's Capitalization to Russia's GDP is like comparing someone's Net Worth to someone else's Income. They're totally different things Makes a sinister sounding soundbyte though.
As a Russian citizen it is baffling to me how Apple would just obey Putin like this. I mean, iPhones aren't even sold officially in Russia anymore, so pretty much no leverage there. Makes me think FSB/GRU has some dirt on Tim Apple or something.
It should be noted that the Samsung A25 has an Ultrasonic Fingerprint Sensor, which utilizes sound waves to measure the ridges and valleys in your fingerprints, (as opposed to capacitive resistance).
Wait, what? How can you make a video like this and completely forget that optical fingerprint scanners are now the norm? Capacitance is irrelevant for most "modern" in display fingerprint sensors. It's possible that he had a phone with an in display fingerprint sensor, and you know it. I'm baffled at this oversight.
@@Seytonic - if it was a capacitant scanner, just curious, could a 9v battery up against the thumb, perhaps after wetting it or soaking it in an electrolyte, give enough charge to open it?
So basically a pixel that has been turned off or the latest ios software is the only ones that can't be access? Also what about graykey? They say that they can get into everything.
If you have an iPhone, holding the Volume Up + Power (probably Vol Down + Power too) brings up a screen which allows you to power off, med id, etc. It also disables biometrics/FaceID until you enter the password and disables data over USB. Android phones probably have similar "panic" modes
what else would you do with it? can't decrypt stuff if you don't have the key accessible this is standard practice among things that do FDE (windows bitlocker, apple filevault, and luks)
The encryption key must be in memory because the OS needs to constantly read and write data from/to the flash memory, thereby decrypting and encrypting it.
Some devices do per-file encryption as the files are read, rather than decrypting everything at once, and will throw out the key when the file is decrypted. Samsung phones do this, along with re-encrypting the data if it has not been accessed for a period of time. Data can also be marked as "sensitive" in the filesystem, in which case they are only decrypted as the user reads them, and are immediately re-encrypted with the keys purged from memory the moment the phone is locked.
How is it even legal for them to hack his phone if he's dead? Did they get a warrant for a crime that was already committed by someone deceased, or did they go the classic warrantless route?
@@user146n I don’t care about this case so much since it involves an attempted assassination of a presidential candidate, but the feds are infamous for collecting private data without warrants
Why does AT&T still have SMS records of their customers from 2022, which is 2 years ago? I thought carriers could only hold SMS for 3 months? So either its illegal or something has changed that I never heard about.
A lot of phones are vulnerable to some sort of reset glitching to be able to brute force fairly quickly if you can take apart the device, some can even be reset from USB so you don't need to open it
Any mobile device with an active power source and valid SIM card connected to a network can be accessed via operator network broadcasts opening the door
Not illegal at all. There is a cat and mouse game between phone manufacturers and digital forensics tool devs/security researchers. None of the "exploits" break legality. If a device is legally seized, it's legally seized.
@@soundspark yes, they are allowed to keep vulnerabilities to themselves and their own use If the company is incompetent enough to have zero day easy remote code exec it's their problem and the govt can help them (if they fear it gets out) or not
What phone do you have? That shouldn't be possible with an under-screen ultrasonic fingerprint reader as that requires a direct touch from your bare finger, though it may be possible with a capacitive reader if the glove is thin enough to read touches, as your body's capacitance can still be felt through objects. For example, put a piece of paper over your screen, you can still touch it normally, as the capacitive screen can feel your finger's capacitance through the paper. This is why screen protectors work and don't completely block touch input.
Why would they keep all this data in the first place ... I pay my bill on a monthly bases, they should delete records once the bill is paid... Thats the change we need... No reason to keep all that info saved on any third party server
Great vid. All the vpn's the were removed from the app store were not working anyway. People in russia has long switched to other apps like streisand and a multitude of others
the israeli are basically Americas lil cybercriminal/cybertech arm. americanos pump so much money into that lil piggy, u can hear it squeeking all over the news for years now.
Also, the legal system has definitely determined and disclosed biometric identification is not protect by the First or Fifth amendments… The only thing protect is typing in a password--
“Fifth Amendment Does Not Protect Against Biometric Phone Unlock, Says 9th Circuit Appeals Court. The U.S. Court of Appeals for the 9th Circuit has ruled that police officers can compel a suspect to unlock their phone using a fingerprint without violating the Fifth Amendment's protection against self-incrimination.”
Same method adopted to hack a dead Terrorists phone after an attack in California back many years ago. The trick also allows hacking in any device or computer ops.
Talk about a scam, "Unlimited" and there is nothing unlimited in comparison to the "Plus" version that is scammy ass tactics, can't believe a security channel just advertised that more about the money than the protection of people. just lost a sub for that.
I know exactly what the FBI will find on that kids phone. You may think that this is very improbable but I do. The FBI will find.... Exactly what they want to.
ProtonMail 👉 go.getproton.me/SH17E
Not using a service which claims to be private but will give away my IP to the feds with no resistance, buddy
using a somehow not terrible service that has to comply with government demands vs willingly giving your data to big tech, you can always stop using email because it can never be fully secure
@@mrsansiverius2083 so you're csam enjoyer or what?
i want to know who deleted his facebook recent posts immediately after the incident... ?
@@ditrypand8273 french activists:
I always tell people to power down their phone if they have to hand it over. When the phone is in a cold state biometrics don't work and everything remains encrypted. Also, don't use a 4 digit pin. It makes brute force too easy.
Damn right!
On iPhone you don’t even have to swipe to power off. Just holding the buttons puts it in bfu
@@jmr How is a 16 character startup password for brute force?
@@soundspark www.oberlin.edu/cit/bulletins/passwords-matter
@@codewithlarsy why does my browser send me to javascript:void(0) lol
"fingerprint scanners need electric charge"
The 9 volt battery in the photo:
😂😂
😂😂😂
😮😮
That battery came from a remote control device the shooter had beside him for a bomb. Still don't know where the bomb was but the agents on scene took the battery out of the device so as to eliminate any further threat. They found his cell phone there and it was running at 10% power but they didn't touch it because they were not allowed to. By the time the phone made it into secure evidence the battery would have been dead and they would have needed to charge it before doing anything.
They could easily make a gelatin mold, even 3d print one.
How the FBI Hacked the Shooter's Phone: TL;DR:
We don't know. The methods are kept secret.
Today's sponsor is....
LOL
getting tired of this bullshit
Thank you! I was watching the video while wiping my ass because I thought it was long enough. After a few moments I was watching an absurdly long sponsorship and after that some bullshit I didn't click the video for. I hate it.
Thanks for saving me time man. almost all social media now is just a repeat of a repeat of a repeat...
What did you expect to hear? That he will leak their company's secrets?
😳 😳
His face was “re-arranged.” 😅
It’s not true Face ID can still works with glasses and face masks, nose rings and so much more.
lol
@@patrickkirby6580 Dude took a headshot, his face was a bit more different than just some glasses or a mask.
@@patrickkirby6580 wrong, its based on the distance between your eyes, the depth of your eye sockets, the distance from forehead to chin, the shape of your cheekbones, and the contour of the lips, ears, and chin. As well as some other things depending on the phone brand.
@@TenFrenchMathematiciansInACoat it’s depends on the size of the wound.
"The guy's face looked a little.. rearranged" 💀
lil bro
Zing
Gotta love how verified commenters are still leeching off for likes by copying the top comment and rewording it.
Looking at you X
And to prove that you are just copying the comment, look at what @durran9664 said
"
Gotta love how verified commenters are still farming for likes by duplicating the top comment and rewording it
@@DoalTheAngel it's been 3 years move on lil bro
How the US government hacked into there phone.
Step one: have a 0 day backdoor
no they didn't he just explained it was hacked by vulnerabilities an Israeli company found and exploited
More like, step one: go to the people that have all the 0days.
Or maybe, step one: don tin foil hat.
I think they use crook finger print skin put on the other persons hand it might work I guess.
The US has a backdoor in every piece of equipment made in the West. They only run these stories about how the FBI has to hack into phones because they have to pretend that they don't to conceal that fact from the public.
🇮🇱🇮🇱🇮🇱🇮🇱🤴
CCC lab in Germany has shown any number of ways to bypass fingerprint scanners 20 years ago. They would lift a fingerprint from a cup using scotch tape, make it visible with superglue fumes, scan it and refine the edge, print it out, etch it onto a PCB, then pour wood glue onto the etching. When the glue is lifted, you can wear this plastic piece that naturally incorporates water and is thus inherently skin-like on a living finger to fool most fingerprint readers. There are further ways to enhance its function by coupling it better to the living body. I can't imagine that a fingerprint unlock module can be made that would be immune to this.
I seen it done using those mini baybell. Plastic cheese wheels somehow the outer coating was used. I don't remember the method. And it provides its own snack😅.
Their all liars.
@geniferteal4178
Baybebell coating is just wax, i think partially natural. In that case paraffin would work too. Just have to reverse the fingerprint as etching, or get the finger to leave a 3D imprint in something harder than the wax and pour it in.
@@dannydetonator I don't remember the process anymore. I'm not going to look it up. But I remember it involved that maybe as the mockup finger to put the recovered fingerprint on I. Don't remember anymore
The key here is the "20 years ago" part of your comment. Back in the day, fingerprint sensors were all optical. They would use fancy optics involving a prism and a small camera to capture a 2D image of your fingerprint and compare it to the base scan. Fingerprint scanners haven't worked like this in over a decade because it's incredibly insecure and easy to fool with prosthetics and images.
The two types of fingerprint technologies used today are capacitive readers, and ultrasonic readers. Here is how each works.
Capacitive readers are an array of extremely small capacitive sensors in a matrix, similar to pixels a camera or a display. These scanners are often found on laptops, the side of phones, and the backs of phones. These can read the capacitance of your finger with extreme precision, capturing the exact ridges of your fingerprint in the form of a capacitance matrix. As such, images cannot fool this because it has no capacitance. A way you could try to defeat this is by using prosthetics, but you would need to replicate the exact capacitance of the person's finger, which varies from person to person, and varies across the fingerprint, making it incredibly difficult to recreate with the accuracy needed. It would be like trying to crack a 2048+ digit pincode, it's pretty much impossible. It would legitimately be easier to find a backdoor in the software that processes the fingerprint and exploit it than it would be to trick the scanner.
Ultrasonic readers are usually found under the screens of phones, and function by firing an ultrasonic pulse into the finger that is reflected back into a sensor that can detect mechanical stress with incredibly high resolution. These scanners can capture an incredibly detailed 3D model of your fingerprint that can be compared against later. The 3D nature of this makes it immune to a simple photo attack. You would THINK this would be susceptible to a prosthetic attack, but it isn't due to the sheer detail of the scanner. Ultrasonic fingerprint readers are detailed enough to capture not only the ridges in your fingerprint, but also the freaking pores in your skin. The only way a prosthetic could fool an ultrasonic scanner is if it was a 1:1 recreation of the fingerprint, including all the pores in the skin, and it would have to be made out of real human skin, or a material with similar properties to human skin, as when you scan your fingerprint your finger squishes outward a bit, changing the shape slightly.
An honorable mention is the optical-capacitive scanner, which is an alternative to ultrasonic scanners for under screen fingerprint readers. As the name implies, these combine the optical AND capacitive approach to achieve a similar security level to capacitive readers while being cheaper than ultrasonic readers. The Samsung A-series uses optical-capacitive readers, while the Samsung S-series uses ultrasonic readers.
tl;dr
The only foolable fingerprint readers are ancient optical scanners. Modern readers are either capacitive, ultrasonic, or optical-capacitive, all of which capture such detailed information about a fingerprint that it would be easier to find a vulnerability in the software of the device than it would be to trick the scanner. It would even be easier to brute-force a 16-digit pin than it would be to create a realistic enough prosthetic to fool a modern fingerprint reader. There's a reason modern readers are incredibly trusted in secure environments, and considered more secure than any other biometric.
It’s interesting that android 6 is not something they can get into but higher versions they can. I wonder what changed…
Nice of Google to let them in
It may also be so old that it wasn't worth investing into. There's plenty of open-source android 6 bruteforces, anyways.
Android 6 used full disk encryption. Android 7+ uses file based encryption. Full disk encryption means that everything on the flash memory is encrypted and you have to enter a password for the device to even boot. With file-based encryption, a new feature called Direct Boot was introduced which allows the device to boot to the lock screen and then require a password. This works because only the user files are encrypted and not the files necessary to boot.
I wonder if there is a way to go back to full disk encryption...
@@bayzedWhy did they undo this though. Is it not a lot more secure that way
@@MrAdeelAHbig brother
"A Hardware and Software package which simply put can break into and unlock many modern phones. This all relies uon vulnerabilities in iPhones and Android devices, which cellebrite keeps secret."
That's a weird way of saying that there are government provided and enforced backdoors in every device.
💯
On Android, talking about the stock, open source version of Android, that's unfortunately for the FBI not a thing
If I were you, I'd be watching my body for red dots for a few weeks after posting a comment like that, that shows you have a brain and can think...
Reasonable to come to that conclusion, but most likely false. Cellebrite doesn't work on the newest versions of iOS, and has issues with many apple devices. Remember a few years back when the FBI went after Apple for their encryption; a battle Apple eventually won.
Back doors are much more likely for Samsung and Motorola devices, but still, this is probably not the case.
Cellebrite is also available to anyone to purchase with multiple plans and pricing options. There are thousands of shops around the US that offer Mobile forensics services independent of law enforcement.
Then why would a private company have those backdoors?
Wait apple is not meant to be operating in Russia due to sanctions..
>2024
>trusts company PR
lol, lmao even
they only banned iphones for governement officials i guess
"not meant"
Man, in case you didn't know, there is almost a 100% mismatch between what those 2022-2024 sanctions are supposed to do, and what their actual effect are.
A lot of them actually give the exact opposite effect, or help the sanctioned country in another way.
To be more precise about apple: they've closed their Russian office, and iphones aren't sold there officially, but they are sold there unofficially. And stores selling iphones there actually have more freedom now, and can be more competitive (i.e. apple has a lot of bs rules, that prevent stores from discounting apple-devices, to "keep their brand premium", now russian stores don't have to abide by that bs anymore).
Now there is another thing: Russia wants to force apple to allow sideloading, China and India are thinking about doing the same thing. So you could see this VPN-app ban as a step-up to that.
Not officially sold but they still operate and basically none of the sanctions work
The Spøñsør starts at 3:03 and ends at 4:40
proton is actually pretty good, I use them and really like their services! Also I got revanced sponsorblock lol
Might be worth mentioning there's sponsorblock in chrome which skips most sponsors automatically. And de-arrow to replace click baity titles
@@Folkert314 And of course Ublock Origin to block ads.
@@ICE0124 oh definitely! Can't imagine browsing the web without them
@@Folkert314 They're also available in firefox.
Apple - we work in russia, because only putin is guilty for war
Also Apple - ok putin, we will ban all VPNs you want
1:00 This is true for capacitive fingerprint sensors which lots of phones phones are moving away from. Optical and ultrasonic fingerprint sensors work in a whole different way.
Optical sensors are very old tech and can be tricked with a 2D photo of a fingerprint, as that's exactly how it captures fingerprints, by taking a photo of them.
Ultrasonic sensors are primarily used under the displays of devices due to not requiring direct contact with the finger. They capture 3D topology of a finger with enough detail to see pores, so they're practically impossible to trick, short of having the original finger to scan.
@@tbuk8350Most under display fingerprint sensors in phones are optical, usually lighting up the finger with a green light using the display. Of course ultrasonic sensors are popular on phones too, that's why I mentioned them.
@VDavid003 They aren't purely optical, though. Optical sensors are really insecure. They are usually an optical-capacitive hybrid design that makes use of both technologies to make it more secure. Optical-capacitive readers are usually in budget and midrange phones with under-screen readers, like the Samsung A-series. Ultrasonic are the most secure readers, but are also more expensive, so they are usually reserved for more expensive phones with under-screen readers, like the Samsung S-series.
9 volt battery on the thumb.... Lol
A phone is the worst possible thing to keep a secret on.
reminder that "Strict Swiss privacy laws" only apply to Swiss citizens, not your $5 VPN, on top of that proton HAS cooperated with LE, don't let this guy sell you on a honeypot, he only cares about the money.
true in many contexts, though I don't think Swiss banking privacy laws apply to just Swiss citizens. However, the famous Dennis Levine insider trading case of the late 1980s was cracked when it was deemed the Nassau bank dealing with Levine in fact did not have a banking relationship with the inside trader, but rather had more of a stock buying and selling relationship, in that the Nassau bank to Levine was acting more like a stock broker not a bank. Thus the US feds got access to Levine's inside trading records and he was busted. Interesting how a little pressure from the USA seems to get countries to change their interpretation of the laws (even the Swiss banks now report on non-citizens at times).
You say they have "cooperated with LE" without actually providing context. Proton as any company is forced to comply with law enforcement, and when they were subpoenaed for a users data the only information they had on the person was a single recovery email, everything else was encrypted and inaccessible by LE and Proton themselves. The information found out about the journalist was provided by Apple. Also the Swiss laws are not Swiss citizen only, because Proton is a Swiss company they are not forced to log VPN traffic, backdoor any encryption, or comply with external country requests for information. Proton and Mullvad are some of the only legally proven no log providers.
imagine using proton he just wants his Ad money
@@hey2556 What other options are there for privacy driven mail services that won't do this then?
@@hoodcateall emails in general even the “private” ones will leave a footprint behind, best not send something sensitive in emails imo
It also stands for BFU "before first unlock" if you have to hand your phone over turn it off.
living in Russia, with apple blocking vpns... I would go back to jailbreaking my phone, like back in 2012, so I was able to play Pokemon on an Iphone
Just dont use apple phones
@@lussor1 why
@@usernqme124 no freedom
Just get Android bro
@@lussor1 wdym?
Didn’t proton mail reveal a users info from government pressure?
a single recovery email, yes, which was the only information they had (rest is zero-access encrypted) and were forced to hand it oved by law. The email was an icloud one, apple handed over identifying information, ultimately compromising the user
i think it was a climate activist or something along those lines.. Not a good look. Email is never secure anyways, the fact that proton claims that their email is private is shady to say the least
@@silvanb Proton is not shady, if anything it proves they are trust worthy. They were forced to hand over EVERYTHING they had on a person and all they could provide was a recovery email address?
@@silvanb well, they didn't publish any identifying information directly and their email encryption point still stands. I agree that them giving out this other email isn't exactly a good luck, but ESPECIALLY considering they got nothing *but* that one email is decent.
@@silvanb proton to proton email is encrypted such that they can't access it. email to/from external services isn't encrypted that way because it can't be, unless the users are using PGP or something. they really do the best they can, they'll fight government orders to release information (which they do get often) and publish info about this, but there's a limit to their ability to say no
"it's clearly some kind of android!"
wow.. that's like saying "he's definitely not driving a Tesla!"
NSA have backdoors into everything
Everything already has backdoors 😂
Not everything. But a lot more than you think.
@@ommanomnom everything
@@projectsspecial9224 no mate. There are some encryption algorithms and post quantum ones that were made by mathematicians who objectively prevented them from being verified by NIST and the NSA, meaning they cannot be backdoored. If you use devices or software which let you choose these, you are alright.
But they will be trying to over time.
zero days*
Not publishing/reporting discovered security vulnerability should be illegal. But for so, the lawmakers couldn't be the main customer.
Your password must contain this, that, something else, be as long as your arm and have multiple family members standing by to confirm your identity. But the server holding these details and serving the login requests is essentially protected by a four digit PIN.
It's almost as if they don't give a f###.
That doesent work for apple without icloud they cannot get in regardless apple can’t even get in their own or that compromises everyone’s data
"cellebrite is known for their secrecy"
You don't say a company specialized in taking people's info won't like to tell anyone how?
Good vid tho
It's a Samsung A52. A mid-tier android phone from two years ago.
how do you know its not a A15 or A25 they look the same
I had the A52s 5G that looks the same, and it had a Snapdragon 778 that felt snappy to me, even if it was a mid tier phone.
Also, I'd like to add, while breaking into the phone might be hard... samsung an google keep backup images of your device that you can restore from an Samsung USED to even keep saved hidden "temp img" files from your phone in the cloud. These images could be reconstructed using undeleter an help see everything that phone has ever seen. These temp images are from things like previews of photos you've taken or when you hit multitask view. Multitask windows are, I guess, like screenshots of everything open at least when it comes to certain apps. To gain access they could simply have used his simcard in another phone an then iniated a password reset via sms verify.
It’s the FBI. They just have to get a search warrant and force Google to hand over any information they have stored on a person and Google has to comply. No need to trick Google with this password reset stuff or anything. Same with your email and any other service stored in the cloud. The only thing that’s safe is stuff that is fully encrypted in the cloud that the company has no access to, such as Signal or Proton
This is not true, at least with newer Samsung phones. They do not... take screenshots of your screen??? I'm not sure where that information came from. All of your backups are fully encrypted on-device with a security key unique to your device which is generated and signed by Samsung when your phone is built at the factory. These keys are then encrypted with your credentials after setting up the phone. The only way your backups could be decrypted is if you physically unlock the phone and restore them.
Samsung Knox is one of the strongest security systems on any modern device, period. There are layers upon layers of trust and security levels that prevent basically any attack on the system. Hell, any secure credentials, decryption keys, passkeys, etc. are all stored on a completely separate flash storage chip, which can only be accessed by a dedicated CPU with it's own dedicated memory running completely independently from the CPU running Android, meaning even if the entire Android system was compromised down to a hardware level with all CPU-level security measures being disabled, you still wouldn't be able to access any secure information without breaking through yet another proprietary CPU with it's own proprietary OS and security measures.
Basically the only way to break a Samsung phone is by exfiltrating whatever data you can while the device is hot, though even that is limited because data is decrypted as apps use it and re-encrypted if the data hasn't been accessed after a short period, meaning you could only access very recently accessed data. The only other way is by brute-forcing the password, which could also be impossible if the user has enabled all the security features. There is an option in particular that will completely factory reset the device by zeroing over EVERYTHING (which makes undeleters useless) if the passcode is entered incorrectly 20 times consecutively.
@@tbuk8350Hello glowie.
8:16
Reddit is still working without a VPN in Russia, not banned, just like Telegram
they got into his phone and deleted evidence.
9:00 not really unsuccessful. Rusian's ISPs are forced to install TSPU, which is a special DPI controller by roskomnadzor. It already banned almost all wireguard, openvpn and tor traffic. Currently they're trying to ban other proxies like old shadowsocks. During riots or other events when "government doesn't want to people communicate" they disable all non-whitelisted traffic. So basically we started to use same tools like in China to bypass it.
"I dont care because I am dead"
It kind of looks like the s24+ which has an ultrasonic fingerprint censor. You can use a corpse's finger on it due to it relying on sound(3d shape).
Oh I didn't see the rest of your video.
What's crazy his whole footprint on the net has been deleted, how is that possible
3:03 Linus would be proud of that segue!
At least with every other type of capacitive sensor, alive or dead doesn't matter. They basically just need something conductive so I don't think it's true that the finger print only works if the person is alive.
Proton Mail couldn't have picked a better channel to sponsor! 🙌
blind praise and 0 dilligence, you're the kind of signal to look for when a service has become a HP
@@xxXXuser69420XXxx What is wrong with ProtonMail?
Fed
@@wlockuz4467Super shady.. Claims their email is 'secute' (Not possible)
😂
Hello tappy keep up the good job tapy support team you people are doing a wonderful job 🇳🇬🇳🇬🇳🇬🇳🇬🇳🇬🇳🇬 texting from Lagos Nigeria
Really curious how much more difficult it would be to hack his phone if it was a newer Pixel running GrapheneOS.
Probably just as easy now I am no expert but I think it’s something at a hardware level that allows access. As modern phones run the same android version right. And yet some still can’t be cracked.
@@Fjprints I doubt it will be just as easy as a Samsung. The whole point of Graphene running only on Pixel devices, is the Tensor chip. Which is by far the most secure chip atm.
If it was cold it would be significantly harder but if it was hot it would depend on user settings, there's a couple things you can enable to prevent all usb exploits I know of. Wouldn't help if it were decrypted already and you read the ram directory though
@@jasonls221 could you just cut the data lines for the usb c port and just have power? Obviously you would lose data transmission over usb.
@@Fjprints I think you also lose fast charging but yeah
When they say "hacked" what they mean is they used one of their backdoor channels or hooked it up to a brute forcer.
Was Pegasus. The same software you have trashed so many times due to "privacy" concerns lol. Suddenly it's ok to use it.
300k for a video. Damn, video editing pays well.
I'm sure Cellebrite exploits not the OS running on the phone, but the CPU. Shouldn't be a surprise that CPUs have hardcoded backdoors
Every aspect of a device can be exploited. It depends on the device completely, the support for it and the type of extractions you wish to conduct.
A physical extraction will likely involve CPU back doors like universal/MTK/Qualcomm live
For logical and filesystem extractions, it's more the OS
People tend to think that someone is deliberately creating backdoors, not realizing that people are often just writing bad code that is full of bugs and vulnerabilities.
That would mean the Samsung S21 and newer are still unbreakable. They all have what they call "Knox Vault", which is a separate, proprietary in-house SoC running it's own proprietary OS with it's own dedicated storage and memory that runs independently alongside the Android OS and SoC. Even if the Android system was compromised down to the lowest hardware layer, the separate SoC that handles all the decryption and encryption, biometrics, credentials, etc. would still not be compromised, and would not give up the keys or credentials.
The data is encrypted in the hard drive of the phone with whatever pin you have set. If a hacker can bypass the rate of attempts a 4 digit pin is cracked instant. Realistically you need a 12 character alphanumeric pass + power off the phone before attacker gets it. It would be nice to have a very long password only on boot, then a normal pin after boot, why isn't this a feature...
You could do this on old Android versions given they supported full-disk encryption as opposed to file-based encryption which was mandated from Android 10 onwards afaik.
@@bayzed Interesting. Upon reading about FBE - it generates separate encryption keys for separate files, allowing some (userspace file keys) to be discarded from RAM when the screen is locked. But the encryption keys, while unique, are still generated from the weak pin, so it wouldn't help against brute force attack I believe
I suggest diceware passhrase five words instead of alphanumeric password. You only need to remember five words.
Please never call Twitter "X" again
It's like calling Facebook "Meta"
? It's called X, so he will refer to it as X, just as everyone else. Go tell Elon Musk to rename it back to Twitter.
@@funil6871 It's Twitter. Deal with it.
Comparing Apple's Capitalization to Russia's GDP is like comparing someone's Net Worth to someone else's Income. They're totally different things
Makes a sinister sounding soundbyte though.
Android = FBI opens easy
regarding the sponsor: switzerland has in fact mass surveillance.
As a Russian citizen it is baffling to me how Apple would just obey Putin like this. I mean, iPhones aren't even sold officially in Russia anymore, so pretty much no leverage there. Makes me think FSB/GRU has some dirt on Tim Apple or something.
What in the actual fuck are you talking about?
@@shy404usernotfound can you explain how is he wrong?
This is Tim Apple secret alt account and he understandably got a little upset being called out like that. Have some empathy
@@shy404usernotfoundokay incel
Not Sure, but Russia does produce gyroscopes for apple and also those
gyros are used in Russian missiles.
Which make IPhones military hardware.
It should be noted that the Samsung A25 has an Ultrasonic Fingerprint Sensor, which utilizes sound waves to measure the ridges and valleys in your fingerprints, (as opposed to capacitive resistance).
That's the same exact phone I have-- the Samsung Galaxy S23 FE.
💀😨😱😱
Gay
@@albinopepegas8391 It's important for people to know which phones the FBI can hack.
@@albinopepegas8391 🤡
@@albinopepegas8391super lol
Not all fingerprint readers only work shortly after death as stated in the video. The AppleMac ones work fine later.
The FBI certainly doesn't need to hack any phone. They use Pegasus. They just need your phone number.
They used cellebrite
That's not true.. Israeli security company helped them
And GUESS what his last search was!
apple's directors wont want to see people in block cloths in thier bedroom
What are you talking about
@@Industry-insider Thanatophobia
@@devbhattacharjee2668 TLDR
If you people really think there's a device out there without a back door, you are crazy. "Meet the new boss - same as the old boss."
In general for iPhones the method is to image the device storge and then you have unlimited and automated brute force password
Cellebrite does not work against iPhones that have been locked for an hour or turned off. The USB port wont allow data transfer.
Have you tested?
i love proton
When the FBI went to the house of the shooter, they probably found his notes and he revealed how to get this phone
Wait, what? How can you make a video like this and completely forget that optical fingerprint scanners are now the norm? Capacitance is irrelevant for most "modern" in display fingerprint sensors. It's possible that he had a phone with an in display fingerprint sensor, and you know it. I'm baffled at this oversight.
The phone I mentioned in the vid, has the sensor on the side of the phone. Can't find any specs on it, but it's likely capacitive.
@@Seytonic I agree. But that was one guess... 🤷♂️ It could be a different phone (obviously).
@@Seytonic - if it was a capacitant scanner, just curious, could a 9v battery up against the thumb, perhaps after wetting it or soaking it in an electrolyte, give enough charge to open it?
@@chrishayes8197finger does not need any charge, it needs humidity.
As long as it's not encrypted, it's usually pretty easy to get any computer, phone, or laptop.
a Computer is meant for serious work and Smartphone I just don't think Smartphone seriously.
Samsung facial recognition barely works pre-bullet
we gonna talk about cloudstrike
So basically a pixel that has been turned off or the latest ios software is the only ones that can't be access? Also what about graykey? They say that they can get into everything.
If you have an iPhone, holding the Volume Up + Power (probably Vol Down + Power too) brings up a screen which allows you to power off, med id, etc. It also disables biometrics/FaceID until you enter the password and disables data over USB. Android phones probably have similar "panic" modes
Cellebrite moment
(I predicted it 2 seconds in let’s go)
Imagine that was a superpower 😭
Same ..magnet os forensics as well
Half of this video is an ad for Proton Mail.
Why is the decryption key stored in memory after the phone is unlocked? Why isn't that memory freed?
what else would you do with it? can't decrypt stuff if you don't have the key accessible
this is standard practice among things that do FDE (windows bitlocker, apple filevault, and luks)
Basic stuff
The encryption key must be in memory because the OS needs to constantly read and write data from/to the flash memory, thereby decrypting and encrypting it.
Some devices do per-file encryption as the files are read, rather than decrypting everything at once, and will throw out the key when the file is decrypted. Samsung phones do this, along with re-encrypting the data if it has not been accessed for a period of time. Data can also be marked as "sensitive" in the filesystem, in which case they are only decrypted as the user reads them, and are immediately re-encrypted with the keys purged from memory the moment the phone is locked.
The FBI should not be allowed to touch the case.
israeli tech company? you sure they didn't just type in the password?
There is not even one country that have the security researching knowledge more than Israel.
How is it even legal for them to hack his phone if he's dead? Did they get a warrant for a crime that was already committed by someone deceased, or did they go the classic warrantless route?
I don't think anyone cares about the warrant or not.
@@user146n I don’t care about this case so much since it involves an attempted assassination of a presidential candidate, but the feds are infamous for collecting private data without warrants
Thank you for the update!
This didn't include a panel on crowdstrike?
Or Black Rock?
Lol at 2:06 I took those photos of those phones
Bro looks like an alien 👽
Or one of those gender swappers
I saw like a more recent photo & the guy was apparently 20 but then they started running with his middle school yearbook photo it looks like lmao
Apple helping Russia... what a surprise
Damn, there is so much hacking news he forgot to talk about the Disney breach.
It was easy… the FBI set up that 2nd phone for him.
SHHHHHH
dude it seems like all samsung phones look the same. I have a a32 and it looks just like this too
He looks like scott the woz
Why does AT&T still have SMS records of their customers from 2022, which is 2 years ago? I thought carriers could only hold SMS for 3 months? So either its illegal or something has changed that I never heard about.
Why are you using SMS? It's not even Encrypted Stop expecting company and laws to protect your privacy.
A lot of phones are vulnerable to some sort of reset glitching to be able to brute force fairly quickly if you can take apart the device, some can even be reset from USB so you don't need to open it
It absolutely DOES NOT MATTER which type of phone it is. They are absolutely EASILY unlocked, Amateurs can figure it out in a few hours.
Proton sponsorship! Great to see. Love'm.
allow me to introduce my oracle cloud instance
Any mobile device with an active power source and valid SIM card connected to a network can be accessed via operator network broadcasts opening the door
Does that mean it would be illegal to put out a patch that would close off this vulnerability?
I don't think the govt can do that so nah
It just ain't telling them so they can't fix it
@@AkivaB Kind of like how the NSA didn't tell Microsoft about serious flaws until they were exploited in WannaCry?
@@soundspark I would imagine. Governments hoarding vulnerabilities and never informing the vendors is nothing new.
Not illegal at all.
There is a cat and mouse game between phone manufacturers and digital forensics tool devs/security researchers.
None of the "exploits" break legality.
If a device is legally seized, it's legally seized.
@@soundspark yes, they are allowed to keep vulnerabilities to themselves and their own use
If the company is incompetent enough to have zero day easy remote code exec it's their problem and the govt can help them (if they fear it gets out) or not
Assume the combination limit not functional, do not trust the black box. Use long passphrase and keep device off. !!!
My fingerprint scanner will unlock with a thin vinyl glove on, so it definitely does not always need a "live" subject
What type of fingerprint sensor do you have? Side/back mounted or in display fingerprint?
@@abeytoby1900Worked on an Android with rear fingerprint scanner and newer Pixel 8 Pro with screen print
Bro please tell me you didn't train a thumbprint with a glove on to make it easier while working....
@@JJFX-no lol
What phone do you have? That shouldn't be possible with an under-screen ultrasonic fingerprint reader as that requires a direct touch from your bare finger, though it may be possible with a capacitive reader if the glove is thin enough to read touches, as your body's capacitance can still be felt through objects. For example, put a piece of paper over your screen, you can still touch it normally, as the capacitive screen can feel your finger's capacitance through the paper. This is why screen protectors work and don't completely block touch input.
Why would they keep all this data in the first place ... I pay my bill on a monthly bases, they should delete records once the bill is paid... Thats the change we need... No reason to keep all that info saved on any third party server
This thumbnail looks like a Scott the Woz episode at a glance
Great vid. All the vpn's the were removed from the app store were not working anyway. People in russia has long switched to other apps like streisand and a multitude of others
Because the USA gov is probably the NSO...
ah yes, you basically said "the goverment of USA is probably a israeli company"
wow..... youtube comments amaze me....
@@boblol1465 The US sends Israel so much money every year. Israel and the US developed Stuxnet. Ofc the US Government has ties with people within NSO.
the israeli are basically Americas lil cybercriminal/cybertech arm. americanos pump so much money into that lil piggy, u can hear it squeeking all over the news for years now.
5:35 Why is this data even still stored anywhere?
Feels like i’m committing a cybercrime being this early
Also, the legal system has definitely determined and disclosed biometric identification is not protect by the First or Fifth amendments…
The only thing protect is typing in a password--
“Fifth Amendment Does Not Protect Against Biometric Phone Unlock, Says 9th Circuit Appeals Court. The U.S. Court of Appeals for the 9th Circuit has ruled that police officers can compel a suspect to unlock their phone using a fingerprint without violating the Fifth Amendment's protection against self-incrimination.”
love cybersecurity
Same method adopted to hack a dead Terrorists phone after an attack in California back many years ago. The trick also allows hacking in any device or computer ops.
HE GOT SPONSORED BY PROTON ITS SO OVER
Disappointing fr
THey literally sold info to French Feds and god knows who else
Remember the day Seytonic sold out.
Talk about a scam, "Unlimited" and there is nothing unlimited in comparison to the "Plus" version that is scammy ass tactics, can't believe a security channel just advertised that more about the money than the protection of people. just lost a sub for that.
oO ?
I know exactly what the FBI will find on that kids phone. You may think that this is very improbable but I do.
The FBI will find.... Exactly what they want to.
These forensics companies can't hack custom rom phones as well.
You know that custom roms are mostly used without relocked bootloader etc. so it really isn't any more secure
boot in recovery and bruteforce the device encryption pattern there. there is no bruteforce prevention.
@@n-i-n-o there definitely is at least one way to make it near impossible even for quantum computers
@@minerminecrafter464 but thats not the case. tell me more about your knowledge.
@@n-i-n-o there's a wikipedia article explaining it look up "Post-quantum cryptography"