Hacker News new | past | comments | ask | show | jobs | submit login
Federal Court Says Dismantling a Phone to Install Firmware Isn't a 'Search' (techdirt.com)
270 points by hn_acker 22 days ago | hide | past | favorite | 142 comments



The article’s headline is rather misleading (I assume unintentionally), because it omits that the actual seizure and data access was done pursuant to warrants. Only the repair and firmware update was performed during a donut hole when one warrant had expired before another was granted.

Here, the government obtained multiple, time-limited warrants to search the device, but was unable to get into it. They sent it to be repaired. After the warrant extension expired, the repair guy fixed it and updated the firmware. (The record doesn’t say what version the firmware was, but it seems like it was standard firmware, not some special forensic firmware.) The next day, the government again obtained a warrant. Only after doing so did the government perform the search.

In this unusual situation, it’s reasonable to conclude that the device repair wasn’t a search. The seizure and the data access were both performed pursuant to a warrant. The only part that wasn’t covered by the warrant was just fixing the device in a seemingly conventional way to get it working again.

Original decision here, pages 3-4 has the relevant facts: https://s3.documentcloud.org/documents/25423841/no-disassemb...


I agree that most readers won’t really ‘get it’ by reading the headline, and appreciate your useful addition so we all can get some context without the click, but in defense of the author, I think writing layperson-accessible headlines for technical legal articles is often impossible. Having attempted to make interfaces and applications that made raw legal data useful for laypeople, including with NN summaries and such, if there’s a meaningfully better solution, I sure couldn’t find it after a few years of work. For the same reason reading case law doesn’t effectively help laypeople represent themselves in court, you need context and background knowledge to make sense of legal concepts. (If you’ve ever seen an overconfident ‘sovereign citizen’ cite opinions in court while representing themself, you’ve seen why. And while most are obviously under-educated for the task, they’re probably not unintelligent and they clearly put a lot of effort into it.) To people used to reading legal texts and familiar with the trajectory of decisions in this space, the headline makes sense, and I think that’s probably the best you can do. Trying to construct a headline that’s representative while also giving laypeople the background and context they need to make sense of the topic becomes way too long to be a headline long before it accomplishes it’s goal.


Sovereign citizenry and misquoting admiralty law in your hearing about driving without valid registration or saying the court doesn't have jurisdiction because the flag has gold fringe on it is so close to mental illness it's hard to assign concepts like "smart" or "dumb" to it.


In the past I have considered pursuing litigation pro se because it is very difficult to find an attorney willing to take a public records case on contingency. The stereotype that anyone who represents themselves in court must be a soverign loon or think they're Will Hunting is one reason I did not do so. It is not ideal, but neither is not having access to the justice system due to not having a bunch of money to burn.


I represented myself pro se in a civil matter that really should have been in small claims but was in superior court because of the remedy being sought by the plaintiff.

It went fine, ended in settlement in my favor.


I would love to know the origin of the "gold fringe" bit, specifically. I remember hearing about that in the 90s.


https://youtu.be/i0rL0ukZmf0

https://www.flags.com/blog/everything-you-need-to-know-about...

>> While some people believe that the fringe has symbolic meaning, its primary purpose is ornamental, giving the flag an air of distinction and honor. Fringed flags are usually displayed on indoor flagpoles, though they may also be used in parades or during other ceremonial presentations. It’s important to note that these flags are not typically flown outside, as the fringe is not designed to withstand outdoor weather conditions.

In short: people get confused because they only see the fringe on special occasions or indoors as in courtrooms. It has no meaning.


It has something to do with (incorrectly believing) what laws apply to what court based on the type of flag. This is from memory so may be wrong but I seem to recall it being basically if there is gold fringe, the court is in/part of a different jurisdiction, and the procedures are different, and as such the (actually correct) procedures the judge and prosecutors follow are viewed as incorrect by the SC.


I'm aware of what the belief is (admiralty court, all that hokum...). I'm interested to know the actual origin of the belief-- like who was "patient 0" for coming up with the silliness.

It's probably lost to time...



Sovereign citizen activities basically have no correlation with intelligence or political views. It's such a strange category of weirdness.


By what definition of intelligence? :)

It seems like a waste of time at best. But have any sovereign citizen got what they wanted at the end of any kind of proceeding?

It seems like a very bad strategy to solve their own selfish problems. (DUI, speeding, not paying taxes, going against gun regulations, etc.)

And this strategy is usually coming from being unfortunately so tragically misinformed that they cannot help but reject the boring standard model of reality for a bouquet of conspiracy theories.


They do "win" sometimes. The rational person just pays the ticket. The sovcit demands a jury trial and, rarely, gets a win when a deal is offered or a witness fails to show. And often just having the proceeding is the win. They get off on being the center of attention. Defending themselves in court is the one time all the important people have to listen to them. They enjoy it.


Do you not have to pay court costs if you’re convicted? That’s a pretty bad gamble if you get convicted maybe 90% of the time?


Correct me if I'm wrong, but I believe that the defendant has to pay court costs anyway, win or lose, criminal or civil.


I found this: https://en.wikipedia.org/wiki/Court_costs which generally seems to say that you only have to pay in criminal cases if convicted, or in some states never. To clarify, I'm not talking about the costs of your own attorney, but the cost charged by the court itself.

I was asking because in Germany, you generally (only) have to pay if you're convicted, I think.


Some people like to portray petty mostly victimless lawlessness as sovereign citizen shenanigans as a means to discredit the reasoning that lead to those people to decide not to follow the law.

Not everyone who doesn't get a building permit or a fishing license is a sovereign citizen.


It isnt mental illness. Having incorrect beliefs is different than being insane. But it is a mental heath issue that leads people to adopt these beliefs. Be it flat earth, Qanon or Sovcit, people under stress will reach out to conspiracy theories in an attempt to regain a sense of community and control whilst thier lives are otherwise going off the rails. The beliefs are the symptom, not the disease.

With sovcit specifically, there is also a rational layer. Many people think the law some sort of elite club where mastery of a secret language can allow one to escape legal scrutiny. This comes from TV and the news that never explain the nuance of legal practice. They arent insane, just very incorrectly educated. Rosa parks was not insane. She knew she was breaking the law. The rational sovcit thinks themselves the next Rosa Parks, but mistakenly believe that means they cannot be arrested. Rational but wrong.


> people think the law some sort of elite club where mastery of a secret language can allow one to escape legal scrutiny

pc86 didn’t say sovereign citizenry is mental illness per se. They said it’s indistinguishable from mental illness if pursued all the way to a hearing. At that point, enough flags have been intentionally ignored to validly cross into delusion.


But i would say they are very distinguishable. The man who drives as 85mph because the spiders are chasing him is insane. The man who drives as 85mph because facebook told him that the state lacks jurisdiction over roads painted with yellow lines is not. The incorrect behavior (speeding) is identical but the overall situation is very distinguishable.


>The man who drives as 85mph because the spiders are chasing him is insane. The man who drives as 85mph because facebook told him that the state lacks jurisdiction over roads painted with yellow lines is not.

They are both insane, just in different ways. Sane people don't just automatically believe random stuff from facebook that is contrary to everything they know and have been taught.


Unfortunately, stupidity is much more common than insanity.


As I read the original comment, it sounds as if they meant that continuing to insist that you were legally in the right is the problem. Being gullible is one thing. Insisting on your gullible belief when it's about to result in a prison sentence comes much closer to "invisible spider" territory.


> man who drives as 85mph because facebook told him that the state lacks jurisdiction over roads painted with yellow lines

This is a stretch, but possible. It breaks when that man is pulled over, cited, given the opportunity to research or consider another viewpoint, and then shows up in court to plead that case. That’s invisible-spiders levels of delusion, and while it may not be caused by a chemical or physical problem in the brain, it’s indistinguishable from it.


> Many people think the law some sort of elite club where mastery of a secret language can allow one to escape legal scrutiny.

Freemasons exist and your judges, lawyers, and cops are freemasons.

(1/3) https://www.travelingtemplar.com/2017/05/justices-of-supreme...

(2/3) https://www.travelingtemplar.com/2017/06/justices-of-supreme...

(3/3) https://www.travelingtemplar.com/2017/09/justices-of-supreme...


>Freemasons exist and your judges, lawyers, and cops are freemasons.

Sure, but they don't have a secret language that allows them to escape legal scrutiny. Freemasonry isn't even an elite club, they'll take pretty much anyone willing to pay the dues and memorize some stuff.


Not talking about lower levels here because those are the commoners. High ranking freemasons such as those found in positions of power are obligated to get each other out of trouble to the greatest effort possible given the circumstances.


Freemasonry only has 3 “ranks”. The organizations that have other levels, like the Shriners, York Rite, Scottish Rite (created in France in the 19th century) aren’t organizationally or legally related to any actual Masonic grand lodge — they’re a completely separate organization that only accept 3rd degree masons— the highest Masonic rank — as members. The conspiracy theory information you cite can’t even keep basic facts straight about the way freemasonry operates. I’m not even a Mason— this information is really really easy to find online.


>I’m not even a Mason— this information is really really easy to find online.

Same, and I almost wrote a similar comment but figured it wasn't worth it.


Masons deliberately don't respond to these sorts of things but few things tick me off quite as much as proud, confidently administered ignorance.


Keep thinking Freemasons are irrelevant in the legal system. You are dead wrong.


Oh, is that what I said? Or is that what you wish I said because you had a specious response to it pre-cooked? Does your response directly address anything I said? Are you sure you're responding to me and not some conceptual 'other side' that has predictable views that perfectly yin-yang curve around 'your side' because falling back into groupthink is a lot easier than having to actually read and think about what other people say, and be accountable for saying things that are easily provably completely incorrect? Are you sure that's not what's happening here?


Rosa Parks also was a handpicked woman of unimpeachable character who deliberately chose to break the law that day. Various civil rights organizations had guaranteed her family that they would replace any income lost. Still a brave woman, but it was not a random decision on her part.

Fun fact along the same lines: Homer Plessy (of Plessy v. Ferguson) had one African-American great-grandparent. He was of mostly European descent and would have been unnoticed had he not declared to the conductor that he was “colored”. He was sponsored by the railroad, which wanted to save money by not having to have separate cars for “white” and “colored” passengers, as it was rare to have a full complement of each.


As cool as those anecdotes sound, I am not sure that either of them are true.

Homer Plessy

The Wikipedia article on Plessy v. Ferguson explains the following:

“In 1890, the State of Louisiana passed the Separate Car Act, which required separate accommodation for black and white people on railroads, including separate railway cars. A group of 18 prominent black, creole of color, and white creole New Orleans residents formed the Comité des Citoyens (Committee of Citizens) to challenge the law. Many staff members of The New Orleans Crusader, a black Republican newspaper, were among the group's members, including publisher Louis A. Martinet, writer Rodolphe Desdunes, and managing editor L. J. Joubert, who served as president of the Justice, Protective, Educational, and Social Club at the same time Plessy was vice president.

The group contacted attorney and civil rights advocate Albion W. Tourgée, who agreed to help them bring a test case to court in order to force the judiciary to determine the constitutionality of Jim Crow laws. In his correspondence with Martinet, Tourgée suggested finding a plaintiff who had "not more than one-eight colored blood" and could pass as white.”

Rosa Parks

The Wikipedia articles on Rosa Parks and on The Montgomery bus boycott seem very clear that Rosa Parks decided on her own to break the law. Nowhere do they suggest that Parks was specifically selected to engage in her act of civil disobedience:

“In 1955, Parks completed a course in "Race Relations" at the Highlander Folk School in Tennessee, where nonviolent civil disobedience had been discussed as a tactic. On December 1, 1955, Parks was sitting in the foremost row in which black people could sit (in the middle section). When a white man boarded the bus, the bus driver told everyone in her row to move back. At that moment, Parks realized that she was again on a bus driven by Blake. While all of the other black people in her row complied, Parks refused, and she was arrested for failing to obey the driver's seat assignments, as city ordinances did not explicitly mandate segregation but did give the bus driver authority to assign seats.”

“During a 1956 radio interview with Sydney Rogers in West Oakland several months after her arrest, Parks said she had decided, "I would have to know for once and for all what rights I had as a human being and a citizen."

In her autobiography, My Story, she said:

People always say that I didn't give up my seat because I was tired, but that isn't true. I was not tired physically, or no more tired than I usually was at the end of a working day. I was not old, although some people have an image of me as being old then. I was forty-two. No, the only tired I was, was tired of giving in. When Parks refused to give up her seat, a police officer arrested her. As the officer took her away, she recalled that she asked, "Why do you push us around?" She remembered him saying, "I don't know, but the law's the law, and you're under arrest." She later said, "I only knew that, as I was being arrested, that it was the very last time that I would ever ride in humiliation of this kind. ... "”

Although I haven’t spent much time looking, a few minutes on Google didn’t turn up any evidence confirming either of your claims.

Why do you think they are true?


Keep reading the article on Plessy. It quite clearly goes on about how Plessy was handpicked for the second test case and had the cooperation of the railroad.

As for Parks, it's a recollection from some reading long ago. I can't cite it as it's been at least twenty years, but it's not out of the nature of the civil rights movement to have picked people who had unassailable character for test cases. Wikipedia is a valuable resource, but it's also not the place you go for a full story.

From https://www.archives.gov/education/lessons/rosa-parks

> Mrs. Parks was not the first person to be prosecuted for violating the segregation laws on the city buses in Montgomery. She was, however, a woman of unchallenged character who was held in high esteem by all those who knew her. At the time of her arrest, Mrs. Parks was active in the local National Association for the Advancement of Colored People (NAACP), serving as secretary to E.D. Nixon, president of the Montgomery chapter.

... which to me certainly suggests that she was not random.

As does https://en.wikipedia.org/wiki/Fred_Gray_(attorney)

> Shortly after the beginning of the Montgomery Bus Boycott in December 1955, many black community leaders were discussing whether they would file a federal lawsuit to try to challenge the City of Montgomery and Alabama about the bus segregation laws.

> About two months after the bus boycott began, civil rights activists reconsidered the case of Claudette Colvin. She was a 15-year-old who had been the first person arrested in 1955 for refusing to give up her seat on a Montgomery bus, nine months prior to Rosa Parks's actions. Fred Gray, E. D. Nixon, president of the NAACP and secretary of the new Montgomery Improvement Association: and Clifford Durr (a white lawyer who, with his wife, Virginia Foster Durr was an activist in the Civil Rights Movement) searched for the ideal case law to challenge the constitutional legitimacy of the Montgomery and Alabama bus segregation laws.

> Gray later did research for the lawsuit and consulted with NAACP Legal Defense Fund attorneys Robert L. Carter and Thurgood Marshall (who would late become United States Solicitor General and the first African-American United States Supreme Court Justice). Gray later approached Claudette Colvin, Aurelia Browder, Susie McDonald, Mary Louise Smith (activist), and Jeanetta Reese, all women who had been discriminated against by the drivers enforcing segregation policy in the Montgomery bus system. They all agreed to become plaintiffs in the federal lawsuit (except Jeanetta Reese due to intimidation by the members of the white community), thus bypassing the Alabama court system.

Heck, even the Wiki article on Parks notes that she worked for a pro-civil-rights white couple where the husband was a lawyer, that they had sponsored her in going to training on activism, and that that lawyer and the president of the local NAACP were the ones who bailed her out of jail on the night of her arrest.


Homer Plessy

I read the entire Plessy entry. Nowhere does it say that he was “sponsored by the railroad” or anything like that.

The closest thing I could find is the following statement:

“The railroad company, which had opposed the law on the grounds that it would require the purchase of more railcars, had been previously informed of Plessy's racial lineage, and the intent to challenge the law.”

I agree with you that Plessy was handpicked, but you also wrote that Plessy “was sponsored by the railroad.” That is what I responded to, and I still don't see any evidence that it’s true. On the contrary, it seems clear that Plessy was selected and sponsored by a group that had no affiliation with the railroad company.

What evidence do you have that the Comité des Citoyens — which recruited Plessy, orchestrated his arrest, and organized the litigation in Plessy v. Ferguson — was connected to the railroad?

Rosa Parks

None of the things you quoted are evidence that Rosa Parks was selected in advance, by anyone other than herself, to engage in her famous act of civil disobedience. Parks’ own statements after the event indicate that she self-selected.

The fact that Parks was very involved in the NAACP is not evidence that the organization recruited her to engage in civil disobedience. Most of what you quoted is in relation to litigation that happened after Rosa Parks’ civil disobedience.

You also wrote that “Various civil rights organizations had guaranteed her family that they would replace any income lost.” What evidence do you have that Parks received such a guarantee prior to her act of civil disobedience?


I told you, I read it a long time ago. Disbelieve me if you wish. It's nigh impossible to find genuine information anymore on the internet, assuming that what I originally read is even still up.

I don't have enough time to play Wikipedia editor games about attribution. Believe me or don't.


Let them be well the trained P-Zombs they are, they can't know it any different anymore.


How can you think you're breaking a law that does not apply to you?

> They arent insane, just very incorrectly educated.

Well, they can be both. The test of insanity is to see what happens as they are faced with the usual adversity that comes with these beliefs. Are they capable of learning or keep doing something that every sane person recognizes will certainly lead to ruin (or at least failure)?


There's a huge gray area between "not understanding the law" and "being competent to litigate a case in court." It is entirely possible for non-lawyers to understand the gist of the law at a high level. And thus it's not acceptable to tolerate misleading headlines about legal decisions any more than it is to tolerate misleading headlines about any other decision. And God knows I've seen enough of them about other issues that are within my realm of professional expertise.

The problem is that our system as currently set up does not incentivize reporters working a "beat" for years where they develop enough domain expertise on a field to report on it competently. If we had actual senior legal reporters, senior national security reporters, senior tech reporters, and so on, they would have enough knowledge of those fields to effectively write for laypeople.


> The problem is that our system as currently set up does not incentivize reporters working a "beat" for years where they develop enough domain expertise on a field to report on it competently. If we had actual senior legal reporters, senior national security reporters, senior tech reporters, and so on, they would have enough knowledge of those fields to effectively write for laypeople.

How does this apply to Techdirt? Tim Cushing has been a staff writer at techdirt for 12 years and works heavily on a legal, civil liberties/policy beat with a tech perspective. By your criteria, he should be a perfect example of journalists who have enough knowledge to effectively write for laypeople.


I didn't say they don't exist. I said the system does not incentivize for that.


Your distinction— understanding the law, broadly, and being able to try a case in court are themselves two extremes on the spectrum of people that understand law. The invective for clickbait obviously exists.

None of those facts means that it’s easy, or even possible to write a headline-length blurb can give laypeople the context they need to know what’s happening.

Maybe I’m wrong? Can you propose one that does?


The author probably didn’t come up with the headline, the editor did. It’s one thing if the Office of Legislative Counsel tries and fails to come up with a succinct one liner, it’s another when an editor driven entirely by clickbait economic incentives does it. The latter rarely even try to be accurate.


It’s Techdirt. The author and editor are the same person.


I do sometimes wish articles had information in the byline about who wrote the headline as well as just the article, or that it became standard practice for authors to write the headlines as well.


Can you propose a more appropriate one? I can’t think of one that is still headline length.


"Federal court says merely repairing a seized device isn't a search"

I think that's a bit better


Is it a "mere" repair when they crack open your device swap out the main board and replace the firmware? Imagine that their "search" turned up nothing? You'd still be left unable to get your device back intact or unaltered. Should the government be able to swap out hardware components and install whatever firmware they like on them without a court order? People have their own reasons for selecting the hardware that they do and for not installing certain firmware. Should the police be able to install firmware that isn't official?

"merely repairing" seems misleading given what this allows for.


They clearly hacked the device.

In fact, maybe they "repaired" it by installing an older, hackable firmware.


To my understanding this was a routine repair operation. Yes, if forensic firmware had been installed or something like that, that's be different, but that's not what happened and doesn't appear to be part of the ruling.

I guess an equivalent scenario, and I don't know how this would land in court, would be picking the front door of a house, but not entering. It facilitates the search, bit isn't one? Wherever that falls under the law, this should probably be consistent with it.


> To my understanding this was a routine repair operation.

Even if that's the case, I think that the repair shouldn't have been performed by a detective (a government official whose stereotypical role is searching, not fixing) in a forensic lab.


“federal court decides that repairing a phone’s firmware during a period of lapsed warrants is not an unconstitutional search” maybe?


That’s awfully long for a headline but I do agree it’s clearer


This ignores the fact that the repair was done by a government detective at a forensic laboratory [1]:

> Detective Sheldon Clay, an HSI Task Force Officer at that laboratory was able to repair the iPhone 6 by replacing its circuit board and re-flashing the device's firmware. Mot., ECF 106, EX. D at 2. At that time, Detective Clay also determined that new forensic software was likely able to bypass the iPad's passcode.

[1] https://s3.documentcloud.org/documents/25423841/no-disassemb...


I’ve attending 1,000’s of arraignments, motion calendars and pleas.

In all my experience I’ve seen 2 pro se defendants pull the “I’m a sovereign” spiel. Credit to them they both turned what should have been a 5 minute hearing into at least 15 minute circuses refusing to even announce their names for the record. Both were threatened with being held in contempt before the Judges passed on their cases and made them wait to hear the other matters on the docket.

Truly fascinating & unusual events and people, I think if you draw a vin diagram mental illness and Dunning-Kruger Effect these folks would be the overlap.


For sure. I think part of it is what happens when Dunning-Krueger strikes someone confident and charismatic enough to teach their ill-conceived ideas to others who find the idea appealing enough to take it and run with it. A runaway bullshit train. Eventually it becomes widespread enough to become “conventional wisdom” to to some groups and most people don’t question conventional wisdom imparted by people they trust. It seems a lot of conspiracy theories work that way.


Natural result of YouTube scholars learning “appeal to authority” logic fallacy - it somehow becomes reasonable to reject any and all authorities while simultaneously accepting any single YouTube video as truth.


Yes, I wouldn’t know how to explain all that in a headline either! Unfortunately the word “misleading” has multiple connotations—I wasn’t saying the author was trying to deliberately mislead, but rather that the reader shouldn’t conclude too much based on the headline alone.


Sure, that makes sense. Additionally, whether something is misleading had as much to do with the person reading it as the person writing it.


> The only part that wasn’t covered by the warrant was just fixing the device in a seemingly conventional way to get it working again.

By 'the only part that wasn't covered', I think you meant "The only part that wasn't within a warrant period" (as opposed to not falling the scope of one of the warrants).

Assuming that, this is what I think you are considering.

    Are the constitutional safeguards of these warrants reasonably satisfied here?
Instead, I believe the following is the matter for concern here.

    By declaring a repair 

    [a repair which occurred to enable and assist a search for incriminating evidence] 

    to not be a search (to not be an action that merits 4th amendment protections)

    a court establishes that LEO are now free to forcefully perform certain evidence gathering actions on private devices without a warrant - as long as those actions can be construed as a 'repair'.


It doesn't seem misleading to me just overly technical for no reason.

Something like "Court Says Repairing Seized Phone isn't a Search" conveys the same meaning with fewer technical details, but is a little no duh. To me that is just as click bait-ish, because I would want to know who was dumb enough to try that as a defense, or wonder what the actual situation was.


Was it just a repair, or did they install custom firmware? It isn't really clear from the article, and that seems like it would make a big difference.


The forensics report suggests the device was reflashed with its normal firmware, and a different set of forensics tools were used to access the device once it was repaired.

> I brought both devices to the Newberg-Dundee Police Department Digital Forensics Lab and evaluated the iPhone 6 for function. I connected the device to power via the lightning connector and found it drew electrical current indicating it was attempting to charge the battery however the screen remained black. I attempted to power the device on with no change on the device screen. I located an identical model donor phone an A1549 and verified the donor device functioned properly. To eliminate the possibility of a hardware issue on the evidence device, I swapped the circuit board from the evidence device into the housing of the known good donor device. I attempted to boot the device however the screen remained black. I could tell the device was booting because it drew current when powered directly from a power supply however it was not booting normally. I was able to cycle the device between DFU mode and recovery modes but was unable to get to boot into a normal state and there was no change on the devices screen. Because the device would not boot normally or light the display, I believed there was likely and issue with the device firmware. I used a repair tool to re-flash the devices firmware. After the re-flashing repair process the device booted normally to the screen requesting the passcode. The board swap and firmware re-flashing processes do not change the user data on the device. During the board swap process, I only reassembled the device to a condition sufficient to make the device function.

> After receiving the copy of the search warrant, I connected the iPhone 6 to an advanced forensic extraction tool (Graykey). I used the passcode 070106 obtained from the previous extraction of the iPhone XS to unlock the device and obtained a Full File System extraction from the iPhone 6.


> They sent it to be repaired. After the warrant extension expired, the repair guy fixed it and updated the firmware.

These sentences you wrote are just as misleading, if not more so. The "repair guy" was a government detective who performed the repair by re-flashing firmware at a forensic laboratory during a period when no search warrant was active [1]:

> Detective Sheldon Clay, an HSI Task Force Officer at that laboratory was able to repair the iPhone 6 by replacing its circuit board and re-flashing the device's firmware. Mot., ECF 106, EX. D at 2. At that time, Detective Clay also determined that new forensic software was likely able to bypass the iPad's passcode.

The headline of TFA claims that the reflashing of firmware was for the purpose of facilitating a search.

[1] https://s3.documentcloud.org/documents/25423841/no-disassemb...


[uneducated impressions:] Sure, it sounds like technicality. It is a shame it is not treated as such. The right solution would be to force government officials to do their job and get warrants on time next time.

Just physical access not mentioning firmware update means your device is compromised.

It sets a bad precedent.

It is not like people have too many rights as it is.


>In this unusual situation, it’s reasonable to conclude that the device repair wasn’t a search.

I'm more comfortable concluding that it's an illegal search than I am concluding that it's not a search at all. During the period that the warrant(s) didn't apply, it should have been sitting in a sealed evidence bag and not being modified by a 3rd party. The law doesn't and shouldn't make provisions for "eh, it's probably not a big deal, we'll probably get another warrant".


Since I had to look it up:

pursuant: in accordance with (a law or a legal document or resolution). "conversations that they wiretap pursuant to court order"


Are you new to learning English or have you managed to not come across it before?


It's my second language, but I've lived in the US since 1995.

I probably see the word once a year at most, and kinda vaguely understood it from context, but I wanted to look it up.


I suppose I've learned it from context from watching a bunch of those action-lawyer type tv shows.


Author chose to take a jab at "walled gardens" which made absolutely no sense. They basically implied that because both iPhones and iPads were accessed in this way, Apple's ecosystem is worthless. Or something. Clearly had an agenda.


As the article says, it is probably a reasonable ruling, because it isn't a search.

What you have to watch out for is the legal two-step, where they do something like "install a firmware on the phone", which isn't a search, and then, oh gosh, the firmware just happened to sit there and flash all the contents of the phone on the screen because that's what the firmware does, we didn't actually search the phone, it just voluntarily dumped all its contents to the screen, so that wasn't a search either, so no search occurred.


This makes sense, and I actually believe that it isn’t a search. It is definitely a _seizure_ though and I do wonder how often these two things are distinguished in law.

How often do the police raid a place and confiscate filing cabinets but not look through them.


The seizure was done pursuant to a warrant too. There’s an argument that, once the warrant extensions expired, keeping the device in police custody constituted a continuing seizure. But it doesn’t seem like the defendant made that argument (or at least the court didn’t address that argument)


Usually one has to petition/request the return of seized items. So it's not unusual that something is still held until requested.

Usually instead of fixing what they have, they tend to destroy it.


Does that mean that wiping the firmware or Secure Enclave would not constitute destroying evidence?

How about installing firmware that will wipe the Secure Enclave on boot? Especially if the secondary step of turning on the device is done by the seizing authorities.


No, the judge would not be okay with that.

In the same way, shredding all your incriminating legal documents into a fun jigsaw puzzle for the cops to put together is also illegal.


I mean, having firmware that securely wipes your phone in case it's used by an unauthorized party is a reasonable and desirable feature. It's not generally illegal to set that up.

Same with destroying documents. Having a retention period and destroying documents which have PII and could be used for identity fraud is a good practice. It's not generally illegal to do that either.

Where you get into trouble with the courts is when you have a specific obligation to retain or transfer information and you destroy it instead.


Intent makes all the difference in the eyes of law.

If a jury of your peers decides that you configured that firmware to protect your data from thieves, then it is not a problem.

But if a jury of your peers doesn't buy your assertion of that, and instead becomes convinced that you applied that (otherwise reasonable and legitimate) feature with the intent to destroy evidence of a crime so that it doesn't reach the court, then setting it up was a felony.


It is illegal to intentionally destroy something that you suspect could be evidence in a future criminal case against you. Say you operate an illegal drug network from a specific phone that you've intentionally setup to self-destruct at reboot. Both you and the cops know there is likely evidence on there that would implicate you. Then, if you either intentionally reboot the phone or maybe the battery dies while in police custody before they can access it and the phone is wiped, you could be liable for destruction of evidence. However, if it's just a standard smartphone and you accidentally drop it in the toilet, unintentionally destroying all evidence, you may not be liable.

Basically, if you intentionally destroy evidence, either actively passively, you're liable.

It is kind of a broad law and is difficult to prosecute in many cases. The cops have to know that you did the crime and prove that the evidence existed. If you murdered someone and made it look like a suicide, the cops would have to not only suspect you but also know that you left fingerprints and DNA behind that are no longer present.


I guess I can understand the argument that picking a lock does not count as a search, but the second you open the door...


Like removing the doorframe and putting in your own new door that doesn't lock, then walking inside


What if picking the lock damages the lock?


Yeah. It might not be a search, but it's something, and the logical question is to ask under what authority can that be done.


is when they got the warrant


I guess that is the question. If the police are confident that they will have a warrant in 30 minutes, can they have a locksmith unlock the door while they wait?


I would say no, because the whole point of the warrant is to remove the police's judgement from the equation. If they're taking action based on their expectation that they'll get it, that's kind of an end-run around the stated purpose.


Ah, but standard firmware doesn't do that; the agency performing the action would need to have developed custom firmware which "just happened" to show the information when installed. Courts tend to see through those kinds of shams.


No that would be a search. Judges really don't like having these games played.


A sane judge, yes. A judge searching for a fig leaf, perhaps not.

Call me cynical if you like. It won't bother me.


The judge can just grant the warrant if they want. PC is a low bar.


Breaking down the door of a house isn’t a search. Activating an autonomous drone in front of the house which then enters through the door of its own volition and records everything it sees in the house isn’t a search. And if I make a chomping motion in the air near a donut and it decides to enter my mouth while I’m chomping then I haven’t illegally taken a bite of the donut.


I sense irony here, but I'm American so it's hard to be sure.


I dunno if irony is exactly the right word (but that's a complex discussion and probably any call would be category-error-ish anyway) but I was aiming for a Simpsons reference. :D


Whether or not it is a "search", it is trespassing, and they should make the constitution to protect against that too (I don't know whether or not it already means that or whether or not it is intended to mean that). Protecting against "unreasonable search and seizures" should also include protecting against trespassing.


You and I disagree on reasonableness.

The government is here deliberately planning to take advantage of a seizure to damage someone's personal possessions. The right of that person to be secure in their possessions therefore should require a higher standard from the government than is required for mere temporary adverse possession after a seizure.


The government had a warrant to seize the device. It got multiple warrant extensions trying to get into the device. They determined it needed a logic board replacement. The warrant extensions expired while that was being done. But the government got a warrant to then actually access the data.

I fail to see how this doesn’t satisfy even a high standard of reasonableness.


Why do you feel that info is relevant? If my driver's license expired yesterday and then I get pulled over while I'm driving to the DMV today to get it renewed, should I not get a citation?

Just because they had permission before and after their actions took place doesn't make it ok if they didn't have permission at the time of the action. To say otherwise seems to be begging for abuse of a loophole. I guess that's why they had to claim the action wasn't one a warrant was required for...


It’s relevant for the same reason it’s relevant in your driver’s license example. You drive somewhere while your license is valid. Then you replace the car battery, which has died. Then you renew your license, and drive somewhere else. Have you done anything wrong? No, because you need a license to drive the car, not to repair the car.

Same thing here. The government needs a warrant to seize the device or search for information on the device. Does it need a warrant to repair a broken device that it has properly seized, before then getting a warrant to search the device?


It's not relevant for the same reason that it isn't relevant in the driver's license example.

If you don't have a license, then get a friend to drive you. Or get an Uber. But you can't drive yourself. If you do, no matter how reasonable you feel your case was, you'll be in trouble.

In this case, they had an inoperable device, and they had a judge. Absolutely nothing stopped them from filing for yet another warrant and then proceeding only when they actually had it. But no. They wanted to skip their paperwork. They shouldn't get to.

The paperwork exists for a reason. That reason is why we shouldn't retroactively hand out warrants. And that's why we shouldn't do it here. The fruit of the tree and all that. The government knows how to do it right, and absolutely shouldn't. They don't get to beg a friendly judge for forgiveness later. They had no excuse for not simply doing it completely right.


The repair is a repair, not a search. No data was obtained.

I do have a problem with this, but only because of the time. The cops shouldn't get to take ages to examine stuff unless there's a huge amount of stuff to examine.


But they did not simply "repair" it. They added something that leaves the device more vulnerable. Not just to the government, but to anyone with access to the toolkit that the police are trying to use. Which includes foreign actors and random hackers.

No, attempting to create a damaged version should not count as repair. Nor should we be lightly OKing the government's desire to do so.


There is no law stating the government cant repair a broken device that was seized as evidence, while having a lapsed search warrant.

There is a law against searching a device without a valid warrant.

The judge ruled that repairing a device seized as evidence is not a search.

I'm failing to see what the government did, that was against any law or policy.


>Does it need a warrant to repair a broken device that it has properly seized

Logically, yes. If you borrow someone's car to drive it, you don't have permission to change out the stereo.


I agree with this perspective, but think we're going to hit tension between right to repair and hardening devices against threat actors who have physical access to your device. Apple's move with the inactivity reboot timer is a step in the right direction, but a mode or option to wipe or otherwise destroy all my data if tampering is detected (device is opened) would be welcome (even if it means one is then unable to repair the device). Replacing one's device will always be cheaper than any prolonged interaction with US law enforcement or the US judicial system.


Couple of notes on this:

52 devices could mean a phone, a tablet, and 50 USBs, SD cards, and such.

The problem with loading firmware to permit is the potential damage to the evidence and the potential to imply that the evidence was planted.

The vast majority of the cell phone hacking involves loading material into at least into memory and often modify the boot load sequence. This is how all that I worked with (e.g., Cellebrite, Magnet, MSAB, Oxygen, AccessData) function.

damage: I have toasted devices by hooking them up to forensic tools, mobile phones and more.

planted evidence: There have been several challenges to this (I think US v. Ganias), and let's not forget the Casey Anthony trial where they argued that the forensic tool CacheBack reliability. Not surprisingly, F/LOSS tools are better defense for this than black-box commercial ones.

The more complex the evidence collection, the more likely damage can occur, or planted evidence can be argued.


It seems like the writing is on the wall.

There will be some Official Ruling that you can't do this (probably antiquated 20th century) thing because that constitutes an Unlawful Search or whatever. Thank you to the Constitution for protecting our freedoms, etc.

Meanwhile, there will be a much more powerful way to achieve that goal using a smartphone, which is 100x more subtle and effective, which will be legal because technically it doesn't cross the big red line. There will be some arcane logic here that only a lawyer could love, but it will amount to 20th century technique = banned, 21st century cellphone technique = fine. So everyone will do that.

It'll just get more pronounced over time.


Look at Katz to see the opposite.


I second this. That kind of trickery is absolutely obvious to the judiciary, and as of yet Katz hasn't been overturned, even if it has been at times pointedly ignored.


Independent of the legal nuance being worked out here, it is quite fucked up that the government can just demolish your entire digital infrastructure and then keep the pieces indefinitely. Imagine if they applied the same standard to your dwelling itself. "Sorry you can't live here for the next few years because a crime might have been committed. Go buy another house. Or not, we don't care".


What'd really be a shame is if the police could just show up one day and blow up your house. And then just leave

https://www.denverpost.com/2020/03/11/colorado-swat-house-de...


I don't get the point to this reflexive whataboutism. Yes, that dynamic exists and it is bad too. (I referenced that event in a follow up comment, thanks for providing a specific link)

And at least that event had some condemnation in the media, as opposed to the routine destruction of digital personal lives escaping criticism even on techdirt.


Maybe you haven't heard of civil forfeiture?

https://en.m.wikipedia.org/wiki/Civil_forfeiture_in_the_Unit...


I don't know why you would think that might be a possibility given the venue we are on.

Government has also demolished people's actual homes in the course of "crime fighting" and then refused to pay/fix them as well (that notorious case in Colorado comes to mind). But surely you can see there is still a distinction between things that happen infrequently, often with limited scope, or still at least with some semblance of a legal process, and what happens routinely to people accused of "digital crimes".

It should go without saying that I think all of these dynamics are terrible, and in dire need of reform. But at least civil forfeiture and "qualified" (née sovereign) immunity are getting talked about, while the totalitarian approach to personal digital infrastructure isn't getting so much attention.


The full title is:

> Federal Court Says Dismantling A Phone To Install Firmware Isn’t A 'Search,' Even If Was Done To Facilitate A Search


Is this ruling effectively that it's irrelevant whether or not a warrant existed to modify the iPhone 6 because in this case, there is no loss to the claimant from that modification having been made? How much would an old second hand broken iPhone 6 that needs repair sell for? ... not much. Yet the repair carried out has seemingly significantly increased the value of the iPhone 6. The only argument that otherwise comes to mind is an iPhone 6 with an old and very specific version of firmware could be more valuable due to rarity and people are transacting them for $20,000 on eBay because of that firmware version's ability to be rooted. Yet an eBay confirms this is seemingly not the case. Perhaps though there is a non-insignificant cost to buying and selling 20 or 50 iPhone 6's off eBay before finding one with an old enough firmware version installed?


It isn't, but it should be illegal to repair or modify something you do not own without the consent of the owner. You wouldn't rent an apartment only to put 10k renovations into it? I mean lets be real that is practically illegal.


This was an iPhone 6, so I assume that the logic board change enabled brute force passcode searches. This was fixed in a subsequent update to the secure enclave, so this is less likely to work on the latest devices.


So they figured out that they needed different firmware with a zero day they had access to, so they contrived a way to get the firmware on there? That seems like maybe not a search? Idk. If a search warrant includes destruction to obtain information, seems like this would fly.


nah, appeal. reviving it involved modifying someone’s personal property.

I like that this is in the 9th circuit so I think the defendant and this country’s subjects will get a favorable ruling

people ask me how much I want to make: enough to take any cases through federal appeals court


Analogize to those cases where they seize an inoperative gun and then go to certain, specific lengths to make the gun operate before charging the possessor with possession of a (potentially) operative gun.

Distinguishable because it’s not a search. Can you draw a rule from this?


I would argue that what theyre doing is outside of the scope of the warrant they already used, and also possible that the defendant asked the wrong question for this challenge

And that those other cases should have been challenged too, if they weren’t

I’ve seen too many things that were either difficult to challenge or only affected people too poor to challenge, to just accept a common practice because its common. I will accept prior case law from federal appeals courts though

I feel like there should be a limitation on government power here either way as they changed the circuitry and firmware. they should at least give more information about the firmware, for mounting a defense we should have information about the firmware itself


I'd guess that's the criteria to make government mandated backdoors legal.


Maybe Apple was right after all with their iPhone refusing any replacement parts.


Unrelated to the ruling: Why is the Department of Homeland Security investigating and pursuing a CSAM case in the first place? Isn't that more FBI's jurisdiction?


Fair game. The government shouldn't be able to force you to unlock a device. Even with fingerprint or face. But it is totally ok to get inside any way they can.


So if the government bugs your car and home but doesn't turn the bug on, is that a search?


No, and there's actually an analogy: phone taps. The "bug" is already installed, they just need the warrant to turn it on.


we found out that "lawful" intercept is a lie recently, and it left a gaping hole in our infrastructure

can we please encrypt everything and turn off government access for all communications now


Yes and I believe if you remove it, they can charge you with theft.


[0] Is It Considered Theft if You Remove a Law Enforcement G.P.S. Tracking Device from Your Automobile?[2020]

https://www.wimmercriminaldefense.com/is-it-considered-theft...


What happens if we take this as precedent?

Dismantling a safe to facilitate a search, isn't a search. So it's allowed, even if the safe is left damaged.

Tearing a house apart to facilitate a search, isn't a search. So it's allowed, even if the house is left damaged.

Disassembling a car to facilitate a search, isn't a search. So it's allowed, even if the car never runs the same later.

Meanwhile you'll find me in the corner that reads the 4th Amendment as follows:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

I think that if the result of a seizure is the potential permanent damage of my property, then my right to be secure in my possessions should be defended by demanding a higher standard from the government than that required for a mere temporary possession after a seizure. That principle applies just as much to electronics as it does to any physical item.


> The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

If they have a search warrant then a judge has, from a legal perspective, determined that the request/search is reasonable. So while you have the right to secure against unreasonable cases I think it is a reasonable trade off that those security mechanisms/processes/etc should either be removed by yourself or you should expect them to be removed for you.


I don't know what fantasy world you live in but the police don't ask you to remove your security mechanisms yourself. Your likely to catch a charge for destruction of evidence if you do that along with a bunch of other related charges


Considering that police can, with a warrant, forcibly place your thumb on your phone's fingerprint sensor to unlock it [1], "I don't know what fantasy world you live in" is unwarranted.

[1] https://reason.com/2024/04/19/appeals-court-rules-that-cops-...


I specifically said they don't ask. If they are forcing you to do something, they aren't asking


Removing the security mechanism in my comment is akin to opening the safe to enable the search or entering your PIN number on a phone to unlock it. I can't really see how otherwise removing a roadblock to enable law enforcement to perform their court approved mandate would lead to further charges for the act of helping them do so. Of course if you're referring to poison-pill mechanisms that upon removal destroy the data they wanted to search for then sure, more charges are coming.


That isn't how it works at all in the US. You'd be asked to provide the combination to the safe. Or compelled under a court order to divulge it under penalty of contempt of court.

If you're asked to directly interact with anything like that you're very likely being set up to bring additional charges against you. You can be compelled to provide passwords, combinations, etc. in a court. You can't be compelled to actually enter the safe combination


If you want to get a close analogy, they already used a warrant to seize the safe/house/car, and already searched it a couple times and still have possession, so that makes a pretty big difference.


Federal court is stupid,


This will be great legal precedent for the courts to extend to implanting neuralink style chips in your brain - although a neuralink chip may facilitate a future search and seizures (pun intended), the installation of the chip itself is neither a search nor a seizure; therefore, the 4th Amendment does not apply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: