Vote 2020 graphic
Everything you need to know about and expect during
the most important election of our lifetimes

How a Pimp's Android Pattern Lock Foiled the Feds

Illustration for article titled How a Pimps Android Pattern Lock Foiled the Feds

The FBI seems to be having a bit of trouble accessing electronic evidence lately. First there was the case of the forgotten encryption key, and now the Bureau is unable to prosecute a notorious San Diego pimp because they can't break his Android's screen lock.


Dante Dears was recently paroled from state prison after serving time for his founding role in the Pimpin' Hos Daily organization (PHD). Yes, that's the real name of the group and its purpose is exactly what the name implies. Since the conditions of his parole dictated he wear a GPS tracker that confined him to his home, Dears ran his pimpire from there using a standard Samsung Android.


When the FBI got wise to his plan, they confronted Dears about the phone-pimping. Dears immediately claimed the phone belonged to his sister and refused to give up the unlock pattern even though they confiscated the phone. So the Feds sent the Samsung to its Regional Computer Forensics Lab in Southern California for cracking.

That didn't work out as well as they had hoped. Technicians "attempted to gain access to the contents of the memory of the cellular telephone in question," said the FBI, but were unable to decipher Dears' password before the system shut them out permanently for excessive login failures. The only way to get into the phone now is with Dears' Google account credentials, which he'll share just after he divulges the unlock pattern, so the FBI is SOL right? Wrong!

The FBI has now filed for a new warrant against Google requesting pretty much everything they would need to build a case against Dears, including:

  • The subscriber's name, address, Social Security number, account login and password
  • "All e-mail and personal contact list information on file for cellular telephone"
  • The times and duration of every webpage visited
  • All text messages sent and received from the phone, including photo and video messages
  • Any e-mail addresses or instant messenger accounts used on the phone
  • "Verbal and/or written instructions for overriding the ‘pattern lock' installed on the" phone
  • All search terms, Internet history, and GPS data that Google has stored for the phone

Google hasn't responded to the warrant yet. It should also be noted that this isn't just a case of the Man coming down on a hard-working pimp. Dears, if court records are to be believed, is no Big Poppa with a heart of gold. According to Ars Technica,

Before Dears pled guilty in the middle of his 2005 trial, one minor female testified how Dears had recruited her out of a homeless shelter.

"He told me he was going to help take care of me and be there for me," she told the court. "He told me what to do and how to do it and said we would make money that way... I was tired of living on the streets."

Her $500 a night went straight to Dears, though, who "took care of her" in his own special way. As San Diego's Union Tribune reported, Dears found out the woman had spoken to a man who wanted to help her get off the streets. So Dears "beat her up in the back seat of his Cadillac and then forced her to get into the car's trunk, she testified. While in the trunk, she was driven from East Main Street in El Cajon to Hotel Circle in Mission Valley, she testified...the girl, only 15 at the time, was released in Hotel Circle, "bleeding and bruised."


[Ars Technica via CultofMac]

Image: HK-Android


Share This Story

Get our newsletter



I don't get why a pattern lock is harder to crack than a code. After all, all the phone cares about is that you connect the dots in the right sequence. If you imagine that the dots are numbered 1-9, then swiping in a code is logically equivalent to punching in a code on a keypad (which is another Android lock option). How does that make any difference when it comes to cracking?

Also, based on other articles I've read, using the pattern lock is supposed to be less secure because a thief (or the FBI) could look at your finger-grease trail to figure out the pattern if your screen's not clean; but if you use the keypad option instead, although they might figure out the numbers, there's no trail to show what the correct sequence is.

I guess I want to know more about the technical issues and how pattern lock internally differs from using the keypad lock in the guts of Android. Without that info it's hard to know whether pattern lock or keypad lock is more secure.