I want to make my phone police proof

[TheLastSacrifice]

Is there any way to completely firewall my phone from cops from the best of the best they have the best of the best in their crime lab the best of the best computer technicians they have. I have not committed any crimes murders robberies molestations any of these horrible things I am not somebody who has child pronography on their phone I simply want my phone cop proof for my own reasons. I want it impenetrable.

 

[AnnonyBox]

Do some online learning about information security. You'll learn better ways to protect yourself, but I guarantee you it will only make you more paranoid about keeping your stuff safe.

 

[MissingIt]

If you have an iphone you are in luck as everything is encrypted by default. Under settings->touch id & passcode turn on "erase data" to erase everything after 10 failed attempts. In the same area, click change passcode, then passcode options, and "custom alphanumeric code" will allow you to enter any pass phrase you want. For essentially unbreakable security, you want at least a 12 digit alphanumeric password (think a8B9j4oP type thing), or for something easier to remember, select 4 or 5 random words from a dictionary. Turn off all face/fingerprint scan options.

I don't have an adroid phone so I don't know about that, but there must be some resources you can google.

 

[terry_a_davis]

I don't know if you know this OP but all your call logs, texts, location data, etc sent through the mobile network will be stored on a computer server(s) somewhere for a certain number of years which the police can access in certain circumstances.

 

[Mr2005]

Is there any way to completely firewall my phone from cops from the best of the best they have the best of the best in their crime lab the best of the best computer technicians they have. I have not committed any crimes murders robberies molestations any of these horrible things I am not somebody who has child pronography on their phone I simply want my phone cop proof for my own reasons. I want it impenetrable.

What reasons are they then?

 

[WhiteDespair]

If you really want to make the phone hackerproof, then boil a bunch of crayons on medoum heat until you can completely submerge the iPhone. Carefully, place the iPhone in the wax as wax burns aren't fun. Cranck up the heat from Medium -> High. At this point leaving the viscinity helps keep you out of the way and casts suspicion on other iPhone destroyers.

 

[Lostnotfound]

Depends what sort of police proof you are looking for.

If the police have your number they can trace that, link it to IMEI and GPS to know where you are and where you have been. Particularly true of smart phones. The only way this stops is to remove the battery but most newer phones dont allow this.

If the police have your number they can get all your call data (as in numbers called, when, duration etc but not listen to the calls) and they can retrieve all your texts. They can also retrieve any mobile data from internet browsing.

Emails and social media account info is linked to your phone and then they can go to those suppliers and get all your messages etc.

Of course for all that they have to have a bit of information in the first place - like your phone number.

The other aspect is that if they get hold of your phone (physically have the device) they can download every message, phone call, photo etc even if you wipe it. The reset phone function still allows some info left behind which police can download only if they have your phone.

The answer - cheap phones (not smart phones) with no gps or internet (calls and texts only) on PAYG and keep throwing them away and getting new ones. Use internet on another device, use tor & vpn routed through tunnels and use providers like Ctemplar who dont store your emails on their servers, who wipe IP addresses and who are not bound by privacy laws. There are providers for chat apps and all sorts.

Its still not totally foolproof but it makes their job a lot harder and gives you a high degree of privacy. Go chat on dark web forums - the answers are all there

 

[MissingIt]

The other aspect is that if they get hold of your phone (physically have the device) they can download every message, phone call, photo etc even if you wipe it. The reset phone function still allows some info left behind which police can download only if they have your phone.

This is simply not true if your phone is encrypted. Also, any message sent with iMessage (iphone to iphone only) is end-to-end encrypted and cannot be retrieved by anyone except the sending and receiving phones. Anything sent via standard SMS is probably stored on your carrier's servers. However, everything Apple does is closed source which means no one can independently verify that the security does what it says it does and that it is secure. It clearly has had security vulnerabilities in the past - see the stories about the FBI trying to unlock phones, contacting Apple who refused to help, then found some source who could. At the very least, Apple seems to have the interests of its users privacy at heart.

I would imagine that Android being open source would have security conscious versions available, but that is a topic I've never researched.

 

[Lostnotfound]

This is simply not true if your phone is encrypted. Also, any message sent with iMessage (iphone to iphone only) is end-to-end encrypted and cannot be retrieved by anyone except the sending and receiving phones. Anything sent via standard SMS is probably stored on your carrier's servers. However, everything Apple does is closed source which means no one can independently verify that the security does what it says it does and that it is secure. It clearly has had security vulnerabilities in the past - see the stories about the FBI trying to unlock phones, contacting Apple who refused to help, then found some source who could. At the very least, Apple seems to have the interests of its users privacy at heart.

I would imagine that Android being open source would have security conscious versions available, but that is a topic I've never researched.

Ok. I only speak from being arrested on several occasions on suspicion of sending imessasges, WhatsApp, emails, etc and the police taking my phone and downloading all the information from it and presenting it to me in interview where deleted messages were found. Yes I was found totally innocent but the police knew everything I had ever done on that phone. iPhone XS Max. Thats my experience, I have since done an access request on the police and got copies of all of this in case the situation arose again, and if you knew my situation then you would know that is likely, so I still have that evidence - not in the form of screenshots but the actual police record download data. They did not approach apple they took it straight off the phone. I did not give them my password to unlock the phone - they have bypass software to do that. Believe me or not, I have the evidence, it is my experience.

Apple is totally hackable and not as secure as they make people believe, although granted it is much more difficult. Again - experience talking.

 

[MissingIt]

I'm curious if you used a 4 or 6 digit PIN or if you used an alphanumeric passcode, Lostnotfound.

Per this story https://www.nytimes.com/2018/06/13/technology/apple-iphone-police.html

Apple has closed loopholes in the past. For years, the police used software to break into phones by simply trying every possible passcode. Apple blocked that technique in 2010 by disabling iPhones after a certain number of incorrect attempts. But the Grayshift and Cellebrite software appear to be able to disable that Apple technology, allowing their devices to test thousands of passcodes, Mr. Green said.

I have been involved in other types of encryption and security issues (not police related, thankfully), but I haven't followed this closely because it doesn't matter that much to me, but based on this article the Grayshift box would not be able to crack an iphone with an alphanumeric passcode of sufficient length. Clearly this was a massive security breach, but it only applied to very weak forms of security as far as I understand it.

 

[gnomeboy17]

Can't you just factory reset before ctb?

 

[Lostnotfound]

I'm curious if you used a 4 or 6 digit PIN or if you used an alphanumeric passcode, Lostnotfound.

Per this story https://www.nytimes.com/2018/06/13/technology/apple-iphone-police.html


I have been involved in other types of encryption and security issues (not police related, thankfully), but I haven't followed this closely because it doesn't matter that much to me, but based on this article the Grayshift box would not be able to crack an iphone with an alphanumeric passcode of sufficient length. Clearly this was a massive security breach, but it only applied to very weak forms of security as far as I understand it.

Before I answer - I am not a criminal or anything like that. There was nothing on any of my phones. I have been harassed consistently over the past 18 months by someone known to me as other members on here can testify to.

This has happened to me twice on an iPhone 7+, and three times on an iPhone XS Max. It has also happened on an associates iphone 6. I used a 6 digit numeric code that was not related to me. This was backed up by fingerprint recognition on the 7+ and face recognition on the XS Max. Literally, the police plug it into a device in the police station and download everything included deleted content. Once this is done, if they have enough suspicion they send it off to the lab who then pick up anything done prior to factory resets / wiping phone etc. They also done it to my macbook pro and my iMac. It may be worth knowing that the hard drives used in machines are not always brand new. The police picked up stuff on my iMac which wasnt me and was dated before I bought it. I had receipts to prove this, and I bought it brand new in an apple store. It is only that the allegations were so serious that the police took everything to bits that I found this out, and as i already said, my devices all proved me innocent.

I am a big apple fan and admit their security is one of the best but if its serious enough the police can get into it. It has to be serious for the police to take the effort though.

 

[Mr. ‘K so?]

Seems the only surefire way is to set the phone on the strongest magnet you can find without the case. Hard to pull files off of a paperweight

 

[Lostnotfound]

To a big degree if you aren't doing anything illegal why worry. If you are doing something illegal use a burner phone and then take it swimming in the sea. Water damage can be repaired but salt water causes corrosion and nothing can be salvaged, thats if they find it!

 

[MissingIt]

I am a big apple fan and admit their security is one of the best but if its serious enough the police can get into it. It has to be serious for the police to take the effort though.

I would never presume you or the original poster are criminals based on wanting to secure your information, or that you were investigated by police. I am a US citizen and a strong believer in 4th amendment rights. I also have a deep understanding of encryption and cryptography in general, although not specifically in the case of certain products like iphones. I have a strong idea of how iphone encryption works, but I am not absolutely certain.

With that said, a 6 digit PIN can be guessed correctly 1 in 1,000,000 times (10^6). This is extraordinarily easy for a single computer to do via brute force. A 12-digit alphanumeric code using the basic A-Z, a-z, and 0-9 is 62(possible options)^12(digits) or a correct guess 1 in 3 followed by 21 zeroes times. As a rule of thumb, taking the result of this and taking the base 2 log will give you an approximation of bits of entropy, a measure of password security. Log2(1,000,000) = 20 bits, Log2(3 x 10^21) = 77 bits. Every time you increase it by 1 bit, you square the difficulty of cracking the password. 64 bits has been cracked. 80 bits is considered safe for thousands of years based on current computational abilities. Bitcoin uses approximately 128 bits of entropy to secure its transactions. 256 bits would take more energy than exists in the observable universe to crack. (This all presumes the underlying cryptography is safe.)

Of course there are all kinds of ways this information leaks, such as your calls, messages, and whatever. But if you want your phone to be secure, and actually be secure, it is totally possible to prevent anyone from ever seeing what is on your phone by using a strong passcode on the assumption that the cryptography used is safe and doesn't have a backdoor. (Not an absolute guarantee by any stretch.)

Your entire drive, empty space and all, is encrypted by a 128 bit or 256 bit security key that your passcode decrypts to allow you to access your phone. The weakest link is your passcode or the availability of fingerprint scans or other means to bypass your passcode.

 

[Lostnotfound]

I would never presume you or the original poster are criminals based on wanting to secure your information, or that you were investigated by police. I am a US citizen and a strong believer in 4th amendment rights. I also have a deep understanding of encryption and cryptography in general, although not specifically in the case of certain products like iphones. I have a strong idea of how iphone encryption works, but I am not absolutely certain.

With that said, a 6 digit PIN can be guessed correctly 1 in 1,000,000 times (10^6). This is extraordinarily easy for a single computer to do via brute force. A 12-digit alphanumeric code using the basic A-Z, a-z, and 0-9 is 62(possible options)^12(digits) or a correct guess 1 in 3 followed by 21 zeroes times. As a rule of thumb, taking the result of this and taking the base 2 log will give you an approximation of bits of entropy. Log2(1,000,000) = 20 bits, Log2(3 x 10^21) = 77 bits. Every time you increase it by 1 bit, you double the difficulty of cracking the password. 64 bits has been cracked. 80 bits is considered safe for thousands of years based on current computational abilities. Bitcoin uses approximately 128 bits of entropy to secure its transactions. 256 bits would take more energy than exists in the observable universe to crack. (This all presumes the underlying cryptography is safe.)

Of course there are all kinds of ways this information leaks, such as your calls, messages, and whatever. But if you want your phone to be secure, and actually be secure, it is totally possible to prevent anyone from ever seeing what is on your phone by using a strong passcode on the assumption that the cryptography used is safe and doesn't have a backdoor. (Not an absolute guarantee by any stretch.)

Your entire drive, empty space and all, is encrypted by a 128 bit or 256 bit security key that your passcode decrypts to allow you to access your phone. The weakest link is your passcode or the availability of fingerprint scans or other means to bypass your passcode.

And after all that if the police want access they get a court order which puts you in prison until you give them your passcode. Been done a few times in the UK

 

[Mr. ‘K so?]

I would never presume you or the original poster are criminals based on wanting to secure your information, or that you were investigated by police. I am a US citizen and a strong believer in 4th amendment rights. I also have a deep understanding of encryption and cryptography in general, although not specifically in the case of certain products like iphones. I have a strong idea of how iphone encryption works, but I am not absolutely certain.

With that said, a 6 digit PIN can be guessed correctly 1 in 1,000,000 times (10^6). This is extraordinarily easy for a single computer to do via brute force. A 12-digit alphanumeric code using the basic A-Z, a-z, and 0-9 is 62(possible options)^12(digits) or a correct guess 1 in 3 followed by 21 zeroes times. As a rule of thumb, taking the result of this and taking the base 2 log will give you an approximation of bits of entropy. Log2(1,000,000) = 20 bits, Log2(3 x 10^21) = 77 bits. Every time you increase it by 1 bit, you double the difficulty of cracking the password. 64 bits has been cracked. 80 bits is considered safe for thousands of years based on current computational abilities. Bitcoin uses approximately 128 bits of entropy to secure its transactions. 256 bits would take more energy than exists in the observable universe to crack. (This all presumes the underlying cryptography is safe.)

Of course there are all kinds of ways this information leaks, such as your calls, messages, and whatever. But if you want your phone to be secure, and actually be secure, it is totally possible to prevent anyone from ever seeing what is on your phone by using a strong passcode on the assumption that the cryptography used is safe and doesn't have a backdoor. (Not an absolute guarantee by any stretch.)

Your entire drive, empty space and all, is encrypted by a 128 bit or 256 bit security key that your passcode decrypts to allow you to access your phone. The weakest link is your passcode or the availability of fingerprint scans or other means to bypass your passcode.

The FBI asked Apple to create a back door in iOS for them to use. Apple refused and the FBI said we made one anyways.

 

[Lostnotfound]

The FBI asked Apple to create a back door in iOS for them to use. Apple refused and the FBI said we made one anyways.

I stand by what I said - no system is 100% police proof. If you're doing something you need to hide, use a burner then sling it in the sea and go and buy the next burner.

 

[MissingIt]

You guys can argue all you want, but cryptography is proven with math, and police can't break the laws of physics.

The FBI asked Apple to create a back door in iOS for them to use. Apple refused and the FBI said we made one anyways.

I am almost certain this is just based on the same principles as the Grayshift box which can crack a 20-bit password which is irrelevant and explained thoroughly by my post. Again I don't know exactly how the iphone works, but the FBI and police have been complaining awfully loudly about encrypted phones because they can't easily access them, not because they can.

 

[Lostnotfound]

You guys can argue all you want, but cryptography is proven with math, and police can't break the laws of physics.

And yet in my case - they did!

 

[MissingIt]

And I explained why. Your passcode was woefully insufficient.

 

[AlreadyGone]

My advice is to obtain a burner phone and use it for everything that you do not want the police to find out you are doing.

 

[PhilosOfDoom]

If you're talking about preventing access to the local phone os or machine then a un-brute forcable password would be best, with removed usb transfer/capabilities. Also encrypting all folders/programs on your phone, requiring 2-factor authentication on all accounts, completely resetting your browser (removes saved passwords, cache etc). For all folders/files you aren't encrypting, shred all of them. The default delete function in phones are not full proof, so install a 3rd party program/app that in reputable. Make sure your phone is only unlockable via password, not fingerprint, face, or any other method. That should do it. If you meant something different, lemme know.

 

[LonelyHeart]

I think it's impossible... by design.

 

[s1mplem3]

Every lock has a key.

 

[MissingIt]

Every lock has a key.

This bitcoin address: https://bitinfocharts.com/bitcoin/address/35hK24tcLEWcgNA4JxpvbkNkoAcDGqQPsP has 2 billion dollars in it. I will pay you 1 billion if you get me the key, thx.

 

[s1mplem3]

This bitcoin address: https://bitinfocharts.com/bitcoin/address/35hK24tcLEWcgNA4JxpvbkNkoAcDGqQPsP has 2 billion dollars in it. I will pay you 1 billion if you get me the key, thx.

If I don't have a key it doesn't mean nobody has.

 

[TheLastSacrifice]

What reasons are they then?

Is that any of your business?

I don't know if you know this OP but all your call logs, texts, location data, etc sent through the mobile network will be stored on a computer server(s) somewhere for a certain number of years which the police can access in certain circumstances.

Im just done with communication by smartphone. Too easy to get ahold of the data.

My advice is to obtain a burner phone and use it for everything that you do not want the police to find out you are doing.

This is the only feasable answer

 

[charlottewilts]

get a burner phone and smash it before you CTB. reduce it to particles, unless it's an iPhone. it does the job pretty well on its own

 

[Blueberry Jelly]

I used to work for AT&T as a customer service agent. While I did not have direct access to this system, we did have a company proprietary tool that allows us to see texts/calls/internet search history on any phone connecting to our network. It could only be accessed after speaking with a direct supervisor. We were never allowed to tell customers we could access it.

With that being said... the police absolutely do not care what is on your phone provided it doesnt contain evidence of a serious crime, and even then it's only if you're distributing something you shouldnt.