“A cellphone seized by police as part of an investigation into a drive-by shooting last month was remotely wiped by its owner, authorities said this week,” Steven Cook reports for The Daily Gazette.
“Police believe Juelle L. Grant, 24, of Willow Avenue, may have been the driver of a vehicle involved in an Oct. 23 drive-by shooting on Van Vranken Avenue, near Lang Street [in Schenectady, NY], so they obtained her phone, according to police allegations filed in court. No one was injured in the shooting,” Cook reports. “After police took her iPhone X, telling her it was considered evidence, ‘she did remotely wipe’ the device, according to police. ‘The defendant was aware of the intentions of the police department at the conclusion of the interview with her,’ according to court documents.”
“One of the tampering counts relates to the phone. The other, as well as the hindering count, relate to her alleged actions the day of the shooting,” Cook reports. “Regarding the phone, technology exists to block remote access to such devices. ”
Read more in the full article here.
“Grant’s attorney, Daniel Smalls, said Monday morning that Grant had no involvement in the shooting, and she did not wipe the phone,” Cook reports. “‘Our position is that my client didn’t access anything to remotely delete anything,’ Smalls said. ‘My client wouldn’t have any knowledge how to do that.’ Grant is not a computer-savvy person, he said.”
“‘We’re doing research on it ourselves,’ Smalls said. He added that days after her phone was seized, Grant got a new phone,” Cook reports. “Whether that had any impact on the data on the phone police had taken, Smalls didn’t know.”
Read more in the full article here.
MacDailyNews Take: Obviously, the police erred by not simply placing the iPhone in a Faraday bag immediately.
Of course it’s trivial to erase an iPhone, iPad, Apple Watch, or Mac via Find My iPhone on iCloud.com if Find My iPhone has been enabled on the device.
Interesting legal arguments here to be made. If you’re ever wanting to avoid your digital universe falling into the hands of police/government/anyone but you, I’d recommend creating a long alphanumeric password to the phone and setting it to wipe itself after 10 incorrect passcode attempts. In other words, once they say, “This is evidence,” you can say, “Well, okay. Good luck with it.” If cause/effect matters here, you’d have done what causes the data to erase long before any alleged crime was committed. Erasing it after the fact might be legally construed as tampering. Any lawyers out there know the answers or have guesses? Fascinating topic.
I have Find My iPhone enabled as a precaution. It may be trivial, but I have no idea how to use it to locate my iPhone if I did lose it… let alone use it to wipe my phone.
Maybe it’s because I primarily use my iPhone as, you know… a phone… and a camera, with occasional texting (which I hate, but do because my SO texts a lot).
Can’t a phone drive be unerased? Or is an Apple remote wipe a smart erase?
The contents of an iDevice are at all times encrypted; the key is stored in a semi-random spot in the device’s memory. “Wiping” the device consists simply of zeroing the key, which renders the entire contents of the device unusable. Because of the way the key is constructed and stored, it’s not possible to restore the key and “un-erase” the device; when it’s gone, it’s gone.
@leodavinci1 – how to remote erase (and otherwise use the Find my iPhone app): https://support.apple.com/kb/PH2701?locale=en_US
@The Other Steve, iOS device storage is encrypted by default. Simply throwing away the encryption keys is sufficient… but iOS proceeds to actually erase the data anyway. Anything forensically recovered from erased storage is still encrypted and reasonably unbreakable given today’s current state of tech.