George A. Rauscher | iife
Article

Why I No Longer Open the Phones of the Dead

May 12, 2026 | 25 min | Science
Language
EN DE
Rauscher blog image

An evening, an email, and the slow realization that not every locked device is a problem someone else should be asked to solve.

The evening was the kind that asks for nothing more than a blanket and the quiet murmur of distant news, the television tuned to CNN in that low volume which lets the world keep happening while one allows oneself the rare luxury of not really watching it. The bed was warm, the lamp on the nightstand was casting its small circle of orange light onto the corner of the mattress where the phone lay charging, and somewhere outside a dog was barking at nothing in particular, the way dogs do when the night becomes too still for their liking. The phone buzzed once, then a second time when the message preview unfurled across the lock screen, and even before I sat up I could tell from the length of the subject line that this was another one of those mails, the kind that begins with a death and ends with a request.

A woman had written, polite and shaken in equal measure, that her relative had passed away unexpectedly some weeks earlier and that the device of the deceased could not be opened because the access code had been changed in the months before his death and no one in the family had been told of the new combination. The phone, she explained, had run an entire household, from the heating system to the photovoltaic installation, from messaging with doctors to the accounts at the bank, and now that the man was gone the family stood in front of a small black rectangle that contained, in some abstract but very real sense, the operational logic of their daily existence. A friend of a friend, she wrote, had recommended me. Could I help her family find a way in.

I had read variants of this message often enough by now to recognise its architecture from the first paragraph, and I noticed, with a quiet sadness that has nothing to do with cynicism, that my reflex was no longer one of professional curiosity but one of caution. I put the phone back on the nightstand, picked up the glass of water that had been waiting there since dinner, and let the request sit unanswered for the rest of the evening, because the answer I had developed over the last years was no longer something I could squeeze into a single line of polite text.

The mail that never stops arriving

These requests come in waves, sometimes two a week, sometimes seven, and the geography of the senders is wider than one might assume, from a widow in suburban Frankfurt to a daughter in São Paulo, from a corporate lawyer in Singapore to a brother of a deceased pilot somewhere in the American Midwest. The internal grammar of these messages is so consistent that one could almost write a template for it, beginning with a brief, carefully composed account of the death, moving through a description of the device and its strategic importance to the family, and ending with a question framed in such a way that a refusal feels rude even before it is given. People who write these mails are not stupid, they are not manipulative in any deliberate sense, they are usually simply overwhelmed by the strange new reality that a black rectangle in a drawer has become the gatekeeper of memories, finances, photographs and conversations that they considered, until that moment, somehow inherently theirs.

I worked on this kind of evidence for the better part of two decades, exclusively within the framework of authorised commissions from German prosecutors, courts and investigative authorities, and on the rarer civilian side only after the formal presentation of a certificate of inheritance issued by the competent probate court, because every other path through that terrain leads, by the shortest possible route, into the criminal code. Even within those strict guardrails, somewhere along the line the question shifted from “can I open this device under the proper authorisations” to “should I open this device even when the authorisations look in order”, and the more I sat with the second question the harder it became to treat the first as the only relevant one. The work itself, in the strict technical sense, was doable on most older models, and there exists a market of forensic instruments capable of partial extractions from devices of certain vintages. The problem was always what came afterwards, in the silence of the laboratory, when the screen finally lit up and the entire life of a human being unfolded under fingertips that did not belong to that life.

What is actually on a phone

A modern smartphone is, in any meaningful sense, no longer a telephone but a continuous biographical instrument, an organ that has grown into the side of its owner and records, on a level of granularity that would have been considered science fiction twenty years ago, the patterns of a person’s existence (Fanourakis, 2020, A report on personally identifiable sensor data from smartphone devices, arXiv:2003.06159). The average user produces around 21.6 gigabytes of mobile data per month, much of which never leaves the device, and the average device today holds between 128 and 512 gigabytes of internal storage filled with photographs, voice memos, location traces, transactional logs, written conversations and a quiet undercurrent of sensor data that the user is rarely aware of (Ericsson, 2025, Mobility Report, Ericsson Mobility Visualizer).

The Health application on a current iPhone records, by default, every step the owner has taken since the moment the device was first activated, the heart rate at three minute intervals, the sleeping patterns including their interruptions, the menstrual cycle, the audio exposure levels in different rooms of the home, the elevation gain on weekend hikes, the moments of stillness and the moments of physical strain, and an experienced reader can reconstruct, from this data alone, when the owner argued with a partner, when an illness began, when a romance started or ended, and on which days the owner was, in some inner sense, not quite himself. A landmark survey in the ACM Computing Surveys (Delgado-Santos et al., 2022, A Survey of Privacy Vulnerabilities of Mobile Device Sensors, ACM Computing Surveys, 54(11s), Article 224) showed that accelerometer data alone can be used to infer body features, intoxication levels, identity, and even reconstruct words spoken next to the device.

This is what people forget when they say they would like access to the phone of someone they loved. They are asking, without knowing it, for a kind of resurrection that no living mind can absorb without consequence, because the phone does not contain the version of the person they remember, it contains every version of that person, including the ones nobody was ever meant to see.

What forensics can recover, even from a deleted folder

Among the misunderstandings that surround this entire topic, the most stubborn one is the idea that deleted means gone. On most devices and across most applications, deletion is a flag, not an act, and the underlying data persists in the corners of the file system for hours, days, sometimes years, until the operating system happens to overwrite the relevant blocks. SQLite, which is the database engine behind almost every messaging application from WhatsApp to Signal to Telegram, retains traces of deleted records in its freelist pages and in its Write-Ahead Log, and a forensic examiner armed with the right tooling can reconstruct messages, photographs, calendar entries and call logs that the user believed long since erased (Park et al., 2025, A comprehensive analysis and evaluation of SQLite deleted record recovery techniques, Forensic Science International: Digital Investigation, 52, 301850).

Older Samsung models, older iPhones, older devices of any kind become, in this respect, a kind of forensic glass house, where the act of deletion does not protect the original user and the act of recovery does not protect the examiner from what he finds. In the course of authorised forensic examinations within criminal proceedings, I have over the years seen the kind of recoverable material that the public imagination rarely anticipates, including photographs that the original user had ordered destroyed during a marital conflict, financial documents from deleted folders whose existence had been hidden from the immediate family, and private exchanges whose contents could realign the way an entire circle of relatives understood the deceased. None of these recoveries were technically difficult. All of them were, in their human consequence, harder than the technical layer ever suggested.

The legal terrain in Germany

For those who imagine that German law settles this question cleanly, the picture is more layered than the surface debate allows. The Federal Court of Justice, in its landmark Facebook ruling of July 2018, established that the digital estate passes to the heirs in the same way as the analogue estate, by universal succession according to § 1922 BGB, and that a social media account is therefore inheritable in its entirety, including its communication contents (BGH, 12.07.2018, III ZR 183/17, NJW 2018, 3178). The same court confirmed and tightened this principle two years later, in its enforcement decision of August 2020, which made clear that providing a heir with a PDF copy of the account contents does not satisfy the obligation, and that genuine access in the original interface is what the law requires (BGH, 27.08.2020, III ZB 30/20, NJW 2020, 3179). The regional court of Oldenburg, at the end of 2024, went one step further and recognised that heirs may not only read but also actively continue to operate the deceased’s account, at least in commercially relevant cases (OLG Oldenburg, 30.12.2024, 13 U 116/23, BeckRS 2024, 39711).

This stack of decisions sounds, at first hearing, like a clear authorisation for whoever calls themselves an heir to demand the contents of a deceased person’s phone. The reality is considerably less generous than the headlines suggest. None of these rulings allow a private individual to circumvent device encryption on their own initiative, and none of them grant a third party the right to do so on behalf of a family. The civil right of access is a claim addressed to the platform operator, exercised through proper legal channels, supported by a certificate of inheritance pursuant to § 2353 BGB, and in many regions of Germany a certificate of inheritance is issued only after a probate procedure that can run anywhere from several months to two full years, especially when the deceased did not leave a will or when multiple heirs are involved. During that waiting period, nobody is legally an heir in the technical sense, nobody can speak for the estate, and nobody can issue a binding commission to a forensic service provider.

On top of the civil layer sits the harder edge of criminal law, namely § 202a of the German Criminal Code, which makes the unauthorised circumvention of any access protection a punishable offence, regardless of the actor’s professional standing. The Federal Court of Justice has held since 2020 that any meaningful security mechanism counts as a protected barrier in the sense of this statute (BGH, 21.07.2020, 1 StR 412/16, NStZ 2021, 27), and the protective shadow of the telecommunications secrecy in § 88 TKG extends to the chat partners of the deceased, who never consented to having their conversations read by strangers and whose interests must be considered even after the original account holder is gone.

The technical wall of the current generation

For all the legal scaffolding, there is now a second wall that has nothing to do with statute and everything to do with silicon. Every iPhone since the 5S, and every recent device from manufacturers who take security seriously, contains a dedicated security coprocessor known as the Secure Enclave, which manages cryptographic keys in a way that prevents both the operating system and Apple itself from accessing them under normal conditions. Forensic vendors such as Cellebrite and the company behind GrayKey have, over the past decade, found a series of vulnerabilities that allowed them to crack older devices, but each iteration of iOS has closed more of these doors than it opened. Leaked internal documents from late 2024 showed that GrayKey was limited to partial unlock on iPhones running iOS 18 and iOS 18.0.1, and that the betas of iOS 18.1 were already listed as inaccessible (Roth, 2024, Graykey can only partially access iPhones running iOS 18, 404 Media). Cellebrite, on the other side of the market, told its customers in mid-2024 that devices on iOS 17.4 or later were classified as “In Research”, which is the industry euphemism for “we cannot reliably do this anymore” (Cox, 2024, Leaked documents show Cellebrite cannot access modern iPhones, 404 Media).

The price of these tools is itself part of the story. A single Cellebrite Premium subscription costs roughly the same as a mid-range family car each year, the offline GrayKey unit sold at thirty thousand US dollars when it first appeared on the market, and both vendors restrict access to vetted law enforcement and intelligence customers under licensing terms that exclude civilian forensic practices. The reality, as a result, is that a normal forensic practitioner in Europe, including the author of these lines, who closed his forensic practice in the previous year, was never in a position to open a current generation iPhone with reasonable effort, even with all the goodwill in the world. People who imagine that there is a quiet network of specialists who can quickly produce the contents of any locked phone are imagining a world that has not existed since around 2018, and even then only for older models.

The grammar of human passwords

The wall of silicon is only the first half of the story, and in the years when I still examined devices on the strength of formal commissions, the second half was always the more interesting one. The actual frontier in this kind of work was never the cryptographic mathematics of the Secure Enclave, which is mathematically intact for every practitioner outside a small handful of state-level laboratories, but the predictable rhythm of human choices that wrapped itself around the device long before it was ever locked. My method, refined across two decades, was never to attack the machine head on but to reconstruct the person behind the machine, to ask which birthday she would never forget, which year had carried the weight of a marriage, a child, a divorce or a death, which keypad pattern looked aesthetically right to a hand that had typed it in five thousand times, and which password the same person had probably used, with the small cosmetic variations of an added punctuation mark or a capitalised first letter, for every account she had created since the early years of the internet.

This is where the public misunderstanding of forensic access becomes most visible, and where it is also, in a peculiar way, most charitable. Most people imagine that a locked phone is a mathematical problem, when in reality it is, in the overwhelming majority of cases, a psychological one. The research community has documented this for more than a decade, beginning with the well-known analysis by Berry, whose dataset of 3.4 million four-digit codes showed that the single combination 1234 accounted for almost eleven percent of all PINs and that the twenty most common combinations covered roughly 26.83 percent of the entire dataset, a figure that no random process would ever produce (Berry, 2012, DataGenetics, A Statistical Analysis of 3.4 million four-digit passcodes). The picture has been refined since, with a peer-reviewed Usenix-class study showing that 4-digit PINs offer only marginal real-world security against an informed guesser and that 6-digit PINs do not meaningfully improve the situation, because the human mind reaches for the same patterns regardless of the available length (Markert et al., 2020, This PIN can be easily guessed, Proceedings of the IEEE Symposium on Security and Privacy, 286–303). A separate landmark study analysed five and six digit PINs from leaked datasets and confirmed that birthdays, anniversaries and visually pleasing keypad patterns dominate the distribution in every culture that has been examined (Wang et al., 2017, Measuring human-chosen PINs, Proceedings of the 12th ACM Asia Conference on Computer and Communications Security, 372–385).

A modern iPhone offers, at the moment of code creation, the option of switching from a numeric PIN to an alphanumeric password, a choice that requires exactly two additional taps and that would, in cryptographic terms, increase the keyspace by many orders of magnitude. The average contemporary user, whom I sometimes refer to in private as the Otto Sapiens for reasons of a quiet affection rather than contempt, simply does not click those two additional buttons, and from that single skipped gesture flows nearly the entire economy of mobile forensic access. The same Otto Sapiens, when faced with the demand for a password on his Macintosh, will, in a very high proportion of cases, choose a string that he has used on other accounts, will store it in the macOS Keychain that is itself unlocked by his login password, and will keep, on the same desk, a laptop or a desktop computer through which the iTunes or Finder backup of the locked phone has been written to disk at some point in the previous months, often without active backup encryption. A practitioner who knows where to look does not need to attack the phone at all, he needs to ask for the laptop, the date of the wedding, the name of the first dog, and the year in which the children were born, and the door tends to open on its own.

My quiet edge in this work was therefore never technical sophistication of a kind that other practitioners did not possess, it was the discipline of empathic reconstruction, the willingness to spend an evening in the office imagining what it must have felt like to live the life whose digital shell now lay on the table, to read the social media history that was publicly available, to study the photographs that the family had voluntarily shared, and to derive, from this slow assembly of fragments, the narrow set of probable codes that would unlock the device on the first or second attempt. The errors of the crowd were the substrate of my success, and that observation is offered here not as a boast but as a warning, because every Otto Sapiens who reads these lines and recognises himself in the description should understand that his door is not as locked as he believes.

A note on Cellebrite and the ninety-two percent telephone call

Nothing in this article should be read as an endorsement of Cellebrite, the Israeli vendor whose products have become the de facto mass key for German law enforcement and whose marketing has, over the past decade, leaned heavily on its presence in high-profile criminal proceedings. The company sells what it sells, the relevant German agencies buy what they buy, and the constitutional questions that surround the routine forensic exploitation of seized devices are, in my reading, far from settled. I write this paragraph specifically because I have, in the months since I closed my own practice, observed a pattern that deserves to be named in plain language.

In a meaningful proportion of criminal proceedings, particularly those in which a device has been seized at the moment of arrest or shortly afterwards, the defendant or the defence counsel receives, within roughly forty eight hours, a telephone call from the responsible investigative body. The tone of this call is friendly, almost helpful, and the message it carries is structurally identical from case to case. The investigator reports that the analysis of the device is far advanced, that ninety two percent, or some similarly impressive figure, has already been extracted, and that the surrender of the access code at this stage would allow the swift completion of the remaining work and a return of the device to its owner on the following day. The Otto Sapiens, hearing this, draws the natural conclusion that the game is lost on the technical level and that cooperation is now the only sensible course of action, and he hands over the code that the forensic apparatus could, in many cases, never have produced on its own. The investigators thank him politely, complete the analysis with the information he has just provided, and proceed with the consequences that follow from the contents of the device.

The ninety two percent figure, in my professional experience, is almost never an accurate description of an actual extraction state, it is a deliberately chosen psychological lever placed at the perfect distance from completion to create the impression that surrender is rational. This is not forensics, this is interrogation under the costume of forensics, and it works because the average citizen does not understand the technical reality of his own device. A defendant who knows that a current generation iPhone running iOS 18.1 or later is essentially closed to civilian and most state forensic tools would not surrender the code under that telephone call, but a defendant who does not know this will reliably do so, and the legal consequences of that single moment of misplaced realism extend years into his future. There is no protection against this technique except knowledge, and the dissemination of that knowledge belongs in any honest text about the relationship between a citizen, his telephone and the apparatus of the state.

The inquiries that taught me to stop

There is, however, a layer of this work that has nothing to do with statutes or silicon, and everything to do with the limits of a story one is told in good faith. Even within the bounds of strictly authorised forensic activity, performed only for German prosecutors and investigative authorities and, on the civilian side, only after the formal presentation of a certificate of inheritance, I have on two occasions received initial inquiries that arrived, on every available surface, as perfectly plausible, complete with grieving relatives, copies of documents whose details I had no immediate way to verify, photographs of the supposedly deceased in family albums, and explanations that fit the narrative arc of a recent loss with the smoothness of a story that has been told many times to oneself before being told to someone else. In both of these inquiries the work was ultimately not performed, in one case because the required documentation could not be produced under closer examination, and in the other because I asked a specific question that the requesting party preferred not to answer in writing, and the conversation simply faded from one week to the next. In both of these cases I learned, weeks or months later, through one channel or another, that the person whose phone I had been asked to open was at that moment alive and present in a country, a city, or simply a marriage that the requesting party preferred to leave behind.

After the second of these inquiries, which had originally been wrapped in a particularly affecting narrative of paternal loss, I sat in my office for a long evening with the lights turned down and asked myself a question that I had been avoiding for years. The question was not whether I had broken any law, because the careful framework around my work had held, but whether the technical possibility of opening a device was, in itself, ever a sufficient justification for actually doing it, even when the paperwork looked impeccable. The answer, which has stayed with me since that evening, was that a forensic practitioner who relies only on the documents he is shown is not practicing forensics, he is practicing service provision under uniform, and the uniform is exactly what makes him dangerous.

My own arrangement

Some readers will find what follows almost banal, and I include it deliberately, because the banality is precisely the point. The access code of the iPhone on my own nightstand is known to my wife in full, it is written down in the safe behind a painting in our living room, it is included in the sealed document that my notary holds together with the rest of my last will, and it is paired with the access keys for the laptop, the workstation and the relevant cloud services in such a way that nobody who has to open my digital life after I am gone will find themselves staring at a black screen with a feeling of helplessness. Apple has, since the release of iOS 15.2 in late 2021, offered a feature called Digital Legacy, by which up to five trusted contacts can be designated to receive access to the iCloud data of a deceased account holder after providing an access key and a certificate of death (Apple Inc., 2026, How to add a Legacy Contact for your Apple Account, support.apple.com/en-us/102631). Google operates an equivalent service under the name Inactive Account Manager, Meta has its own legacy contact mechanism for Facebook and Instagram, and the entire apparatus can be set up by an ordinary user in fewer than ten minutes per platform.

The recent Bitkom representative survey, published in October 2025, found that only thirty two percent of internet users in Germany have formally arranged their digital estate in any way, that the share of those who actively want to keep their digital content private after death has risen to sixty percent, and that almost nobody, in a single percent of cases, uses any of the commercial estate planning services that have appeared in this niche (Bitkom, 2025, Digitales Erbe: Was passiert mit Online-Zugängen nach dem Tod, Pressemitteilung 17.10.2025). The number that interests me most in this study is the sixty percent who want their content to remain hidden, because that number contradicts, with unusual clarity, the assumption that families have a self-evident right of access to the phones of their dead.

The asymmetric value of digital accounts

When I sit down to think about which of my own digital traces I would actually want to outlive me, the answer is not symmetrical across the platforms, and it is worth saying so plainly. My Instagram account, for example, holds something that no other place in my life holds in the same density, namely a slowly accumulated correspondence with colleagues, with physicians, with neuroscientists, with researchers in fields that intersect with my own, and a flow of public writing that has, over years, found its way to readers who would have no other connection to me. That account, in the event of my death, should remain accessible, should be readable, and should perhaps, in some quiet form, be continued by whoever takes on the role of preserving what I have written. Facebook, by contrast, has become for me a kind of digital noise from another decade, populated by acquaintances I do not remember and notifications I no longer read, and the platform formerly known as Twitter has so thoroughly turned itself into an arena of orchestrated indignation that I cannot imagine any heir of mine deriving the slightest value from it.

The wider lesson, which I would offer to anyone who has not yet thought about these questions, is that the digital estate is not a single object to be inherited or discarded as a whole, but a layered collection of artefacts with very different weights, and the will of a thoughtful person should reflect this asymmetry in clear language. A blanket “everything goes” or a blanket “everything is deleted” is, in almost every case, the wrong answer. What is needed is a quiet evening at a desk, a list of accounts, a sentence or two for each, and the willingness to designate one trusted person per platform who knows what is to happen and why.

The digital will, in practice

The structure of a workable digital testament is not complicated, although it does require an hour of honest reflection at a table without distractions. The first column on the page is hardware, the smartphone, the tablets, the laptop, the workstation, with the access code or password of each device written next to it. The second column is the accounts, in descending order of importance, beginning with the email account that anchors most password recovery flows, continuing with the cloud services, the social networks, the banking apps, the subscription platforms, and ending with the smaller, less visible accounts that nonetheless contain something of value. The third column is instructions, one or two sentences per item, describing what the heir is expected to do, whether the account should be archived, preserved, deactivated, deleted, transferred, or memorialised.

This document belongs in a sealed envelope at the notary, together with the conventional will, and a copy of it belongs in a fireproof safe at home, and a third trace of it should sit in the head of one specific trusted person, who knows where the other two copies are kept and what they contain. None of this requires legal training, none of it requires technical sophistication, and almost all of the heartbreak I have seen in my professional life around the topic of digital estates could have been prevented by an hour and a sealed envelope.

If there is no code, there is a reason

When I think about the request that arrived on my phone that evening, and about the many requests that have arrived before it and will arrive after it, the answer I have come to is one I am willing to defend in any room, against any objection, and through any amount of polite pressure. A code that was changed and not shared is not a forgotten code, it is a closed door, and a closed door at the end of a life is, in the absence of any other evidence, a closed door that the deceased intended to remain closed. A man who knew enough to harden his device after a data theft, as the woman in this particular case had described her relative, was not a man who was careless with his security in the months that followed, and the absence of a shared code is, more often than not, an unspoken last sentence rather than a procedural oversight.

The phones of the dead are not vaults to be cracked by whoever stands closest at the funeral, they are sealed letters whose recipient has not been named, and a forensic practitioner who opens them on the strength of a sad story and an email contributes, however unwittingly, to the slow erosion of a privacy that survives the heartbeat of the person it once belonged to. The polite, professional, ethically defensible answer to almost every request of this type is the same answer, given in different words, and that answer is no. Those who find this conclusion harsh might consider, before judging it, whether they themselves would wish their final code to be broken by a stranger because someone they did not entirely trust wrote a moving email at the right time of the evening to the right tired specialist. Most of us, I suspect, would prefer the door to stay shut.

References

  • Apple Inc. (2026). How to add a Legacy Contact for your Apple Account. Retrieved 11 May 2026 from https://support.apple.com/en-us/102631
  • BGH, 12.07.2018, III ZR 183/17, NJW 2018, 3178 (“Facebook-Urteil, Digitaler Nachlass”).
  • BGH, 27.08.2020, III ZB 30/20, NJW 2020, 3179 (“Vollstreckung Facebook-Account”).
  • BGH, 21.07.2020, 1 StR 412/16, NStZ 2021, 27 (“Zugangssicherung § 202a StGB”).
  • Berry, N. (2012). A statistical analysis of 3.4 million four-digit passcodes. DataGenetics blog, September 2012. Retrieved 11 May 2026 from datagenetics.com/blog/september32012.
  • Bitkom e. V. (2025, 17. Oktober). Digitales Erbe: Was passiert mit Online-Zugängen nach dem Tod. Pressemitteilung. Retrieved 11 May 2026 from https://www.bitkom.org/Presse/Presseinformation/Digitales-Erbe-Online-Zugaenge-nach-Tod
  • Bürgerliches Gesetzbuch (BGB), § 1922 (Gesamtrechtsnachfolge); § 2353 (Erteilung des Erbscheins).
  • Cox, J. (2024). Leaked documents show Cellebrite cannot access iPhones running iOS 17.4 or later. 404 Media.
  • Delgado-Santos, P., Stragapede, G., Tolosana, R., Guest, R., Deravi, F., & Vera-Rodriguez, R. (2022). A Survey of Privacy Vulnerabilities of Mobile Device Sensors. ACM Computing Surveys, 54(11s), Article 224. https://doi.org/10.1145/3510579
  • Ericsson (2025). Mobility Report, June 2025. Stockholm: Ericsson AB.
  • Fanourakis, M. (2020). A report on personally identifiable sensor data from smartphone devices. arXiv preprint, arXiv:2003.06159.
  • OLG Oldenburg, 30.12.2024, 13 U 116/23, BeckRS 2024, 39711 (“Aktive Weiternutzung Instagram-Account des Erblassers”).
  • Markert, P., Bailey, D. V., Golla, M., Dürmuth, M., & Aviv, A. J. (2020). This PIN can be easily guessed: Analyzing the security of smartphone unlock PINs. Proceedings of the IEEE Symposium on Security and Privacy, 286–303. https://doi.org/10.1109/SP40000.2020.00100
  • Park, S., et al. (2025). A comprehensive analysis and evaluation of SQLite deleted record recovery techniques: A survey. Forensic Science International: Digital Investigation, 52, 301850. https://doi.org/10.1016/j.fsidi.2025.301850
  • Roth, E. (2024). Graykey can only partially access iPhones running iOS 18. 404 Media.
  • Strafgesetzbuch (StGB), § 202a (Ausspähen von Daten).
  • Telekommunikation-Digitale-Dienste-Datenschutzgesetz (TDDDG), § 4 (Postmortale Rechte).
  • Telekommunikationsgesetz (TKG), § 88 (Fernmeldegeheimnis).
  • Wang, D., Gu, Q., Huang, X., & Wang, P. (2017). Understanding human-chosen PINs: characteristics, distribution and security. Proceedings of the 12th ACM Asia Conference on Computer and Communications Security, 372–385. https://doi.org/10.1145/3052973.3053031
You Might Also Like