We know that the technologies developed by Apple are created to facilitate the user experience and transform the way we relate to our devices. The devices, however, can also contain evidence of possible crimes or anything else that involves the law.
In this sense, at the beginning of the month we commented on a case in which FBI used the face of a suspect to unlock his iPhone X. Although the result of that action was not released, the discussion was raised and, recently, a document from a company specializing in forensic analysis involving the unlocking of gadgets Apple leaked on the web.
The document was released by the Motherboard, who stated that he is part of a presentation belonging Elcomsoft, a Russian company focused on recovering passwords and systems. The company subsequently confirmed the veracity of the information and the presentation.
Basically, Elcomsoft recommends that police officers and investigators “don't look at the screen of these devices, or else the same thing happens at the Apple event”. This “same thing” that the document mentions refers to last year's Ma special event, in which we were introduced to the iPhone X.
For those who do not remember, during the demonstration of gadget, Face ID could not recognize the face of the Apple software boss, Craig Federighi, asking him to enter the device password. After the event, Ma explained what happened: the demonstration iPhone X passed many people behind the scenes and he tried to recognize Federighi's face every time, blocking attempts in the end.
Elcomsoft CEO Vladimir Katalov explained that this is exactly what officers should avoid when dealing with Ma devices.
This is very simple. The password is required after five unsuccessful attempts to correctly identify a face. Then, looking at the suspect's phone, the investigator immediately misses one of the attempts.
Face ID is not the only feature cited in the company's training and researchers are also advised to avoid the iPhone's other biometric authentication feature, Touch ID. In that case, the police were instructed to always use the device's on / off button to turn it on instead of the Start button.
With Touch ID, you need to press the button (or at least touch it). That is why we always recommend (in our training) to use the on / off button, for example, to see if the phone is locked. But with facial identification, it’s easier to activate it “accidentally” simply by looking at the phone.
Forcing a suspect to disclose the password to unlock his or her personal device is considered a violation of the fifth amendment to the United States Constitution, which protects citizens against self-incrimination. However, the same does not happen with biometric protection, because a person's face or fingerprints are not "secrets".
· • ·
Although cases of investigations involving the iPhone in Brazil are not recurring, the fact that our cell phones carry more and more personal information is already sufficient for precautionary measures to be taken. In that sense, Apple allows Face ID to be quickly disabled on iPhones that have the feature; this way, you prevent someone from unlocking the device using your face, whether on purpose or not.
To do this, just press and hold the side buttons (outside and volume) until the warning to hang up or call for the emergency to appear on the screen. At that time, Face ID is disabled and you will have to enter your password to reactivate it.