HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
FBI stumped by Android pattern lock - Asks Google for help
Having difficulty gaining access to a pimp's Android phone they seized, the FBI has turned to Google for help. The FBI, which didn't have the right to search the phone without a warrant, obtained one in February. However, after sending it off to the FBI Regional Computer Forensics lab in California, technicians there “attempted to gain access to the contents of the memory of the cellular phone in question, but were unable to do so” says the FBI. Apparently they were defeated by Android's “pattern lock” screen.
The FBI played “guess the password” enough times to lock the phone, which now can only be unlocked using the original owners Google account credentials. Obviously the suspect is not handing this over and the FBI doesn't have the password, so it was back to a judge for a new warrant application, which was filed on March 9, 2012. What was originally supposed to be a sealed document, was instead leaked and made public by security researcher Chris Soghoian.
What does Google have to say about whether it routinely supplies law-enforcement with the information required to unlock a device? “Like all law-abiding companies, we comply with valid legal process. Whenever we received a request will make sure it meets both the letter and spirit of the law before complying. If we believe a request is overly broad, we will seek to narrow it.” In short, yes, they do.