Some scary news in regards to more spying on American citizens by their tyrannical government, this bombshell has dropped on your Saturday.
According to documents that were filed by the Department of Justice and who were first obtained by Forbes, Signal’s encrypted messages can be intercepted from iPhone devices when those apple devices are in a mode called “partial AFU,” which means “after first unlock.”
When the phones are in partial AFU mode, Signal messages can be seized by federal authorities and other potentially hostile interests.
GrayKey and Celebrate are the tools typically used by the FBI to gain this sensitive information, one of the experts explained to the courts.
“It uses some very advanced approach using hardware vulnerabilities,” said Vladimir Katalov, who founded the Russian forensics company ElcomSoft, stating that he believes that GrayKey was used by federal authorities to crack Signal.
According to Forbes, the clues and information came in the acmes of Seamus Hughes at the Program on Extremism at the George Washington University and was obtained in these court documents.
The screen shots then show the requested information of signal information requested between men accused, in 2020, of running a gun trafficking operation in New York. (The suspects have not entreated a plea and remain innocent until proven guilty).
In the Signal chats obtained from one of their phones, they discuss not just weapons trades but attempted murder too, according to documents filed by the Justice Department.
There’s also some metadata in the screenshots, which indicates not only that Signal had been decrypted on the phone, but that the extraction was done in “partial AFU.”
That latter acronym stands for “after first unlock” and describes an iPhone in a certain state: an iPhone that is locked but that has been unlocked once and not turned off. An iPhone in this state is more susceptible to having data inside extracted because encryption keys are stored in memory. Any hackers or hacking devices with the right iPhone vulnerabilities could then piece together keys and start unlocking private data inside the device.
For police to access private Signal messages from an iPhone, there are some other caveats besides a device needing to be in AFU mode. The iPhone in question appears to be either an iPhone 11 (whether Pro or Max) or a second generation iPhone SE. It’s unclear if the police can access private data on an iPhone 12. It’s also not clear what software version was on the device. Newer iOS models may have better security. Apple declined to comment, but pointed Forbes to its response to previous research regarding searches of iPhones in AFU mode, in which it noted they required physical access and were costly to do.
A Signal spokesperson said: “If someone is in physical possession of a device and can exploit an unpatched Apple or Google operating system vulnerability in order to partially or fully bypass the lock screen on Android or iOS, they can then interact with the device as though they are its owner.
“Keeping devices up-to-date and choosing a strong lock screen passcode can help protect information if a device is lost or stolen.”
You can read more from our friends at Forbes.