Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Criminals Remote-Wiping Cell Phones

samzenpus posted about 6 years ago | from the this-phone-will-self-destruct dept.

Cellphones 191

An anonymous reader writes "Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."

cancel ×

191 comments

Sorry! There are no comments related to the filter you selected.

First POST (0, Troll)

vimm (1300813) | about 6 years ago | (#24867237)

my touchpad iphone is faster than your blackberriii

Re:First POST (5, Insightful)

Anonymous Coward | about 6 years ago | (#24867593)

I'm glad these articles focus on the negative facts that police have trouble with, and not the USEFUL part of remote data wipe so that millions of customers data can be deleted when a device is lost, instead of having that information in the hands of people that could do some damage. I'll take a wipe of evidence for that security any day.

Re:First POST (4, Interesting)

Lumpy (12016) | about 6 years ago | (#24867887)

if the cops had any brains they would shut off the phones (remove battery) the second they get it and then give it to forensics that should have the IQ to operate it in a faraday cage so that it cant be tampered with remotely. Do they take laptops and PC's they capture and hook them to the net and turn them on? Why do they connect phones to the network when they look at them?

Come on, I though they taught the police how to handle evidence. Are you telling me that CSI tv show is a LIE!!!!

Re:First POST (0)

Anonymous Coward | about 6 years ago | (#24867969)

Yep. All they need to do is wrap them up in some aluminum foil. Then let the technicians deal with getting the data.

Re:First POST (5, Insightful)

MightyYar (622222) | about 6 years ago | (#24867891)

Not to mention right near the top of the ARTICLE ITSELF:

"Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem," he noted.

Um, so the problem is? Talk about sensationalism.

Re:First POST (0, Troll)

OECD (639690) | about 6 years ago | (#24867899)

I'm glad these articles focus on the negative facts that police have trouble with, and not the USEFUL part of remote data wipe so that millions of customers data can be deleted when a device is lost...

Yeah, that would be useful. How do you do that on an iPhone? I thought that the lack of that feature was one of it's problems for Enterprise.

Re:First POST (4, Informative)

Karlt1 (231423) | about 6 years ago | (#24868157)

Yeah, that would be useful. How do you do that on an iPhone? I thought that the lack of that feature was one of it's problems for Enterprise.

It was added as part of the 2.0 firmware upgrade.

http://www.apple.com/iphone/enterprise/ [apple.com]

eatures include:

        * Push email
        * Push contacts
        * Push calendar
        * Global Address List (GAL) support
        * Certificates and identities
        * WPA2/802.1X
        * Enforced security policies
        * Cisco logo More VPN protocols
        * Device configuration
        * Remote wipe

Re:First POST (1)

sootman (158191) | about 6 years ago | (#24868575)

No doubt. They should have said "Remote wipe is useful in situations such as..." and then link to all the stories we've seen about lost laptops in the last year.

Re:First POST (1)

bigplrbear (1179259) | about 6 years ago | (#24867847)

*file "First POST" has been deleted*

*have a nice day*

Woah (1, Interesting)

Anonymous Coward | about 6 years ago | (#24867251)

I can wipe my blackberry to make data irretrievable? I can do it remotely too? HOW?

Re:Woah (3, Informative)

RiotingPacifist (1228016) | about 6 years ago | (#24867341)

what do they mean by irretrievable:
destroying the filesystem table? (easy to get the data back)
writing all bits to zero? (still retrievable)
writing over all bits with (psuedo-)random data? (aparaently this can be retrieved)
writing over all bits repeatedly?

Re:Woah (2, Insightful)

Anonymous Coward | about 6 years ago | (#24867459)

on a hard disk you would be correct, try it with anything else and you get bupkis back.

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24867463)

writing all bits to zero? (still retrievable)

Why is that the case? I've always wondered how that's possible.

Re:Woah (4, Informative)

blueg3 (192743) | about 6 years ago | (#24867497)

You have to use something like squid, but it's because of magnetic hysteresis. (I could explain, but Wikipedia is pretty acccurate.)

It's possible in theory, but in practice, it's technology that law enforcement doesn't have access to.

Re:Woah (5, Informative)

khellendros1984 (792761) | about 6 years ago | (#24867505)

Magnetism is an analog property used to store digital information. A bit can be wiped so that a standard detector would read it as a zero, but the bit may be legible by a more sensitive detector.

For instance, say that anything above "0.5" (half of the full possible theoretical strength of the magnetic field there) is a 1, and anything below is a 0. Maybe, the drive would actually write "0.9", which would be correctly interpreted as 1. If that number was blanked, maybe it becomes "0.3"....low enough to be a 0, but maybe another detector could tell the difference and know what the original value was.

Re:Woah (3, Interesting)

Rorschach1 (174480) | about 6 years ago | (#24867749)

And there's probably a certain amount of hysteresis too, so maybe that 0.3 gets overwritten with a 1 to become 0.93, and then with another 0 to become 0.393, and you can recover previous values to a degree limited by the amount of hysteresis, sensitivity of the detector, and noise floor. Or at least that's the theory I've always heard on why you're supposed to overwrite hard drives multiple times... I've never actually heard of it being done, but the assumption has always been that 'they' have the ability to do it. Anyone care to provide more substantial information on the feasibility of this sort of recovery?

Re:Woah (5, Interesting)

Xanius (955737) | about 6 years ago | (#24867935)

When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously.
We had a guest speaker that told us some of what he does, he's a forensic analyst that pulls information from drives in criminal cases. He said that it takes somewhere around 72 hours to read a decent sized drive and costs around $10k to get it done.(It's been a few years so the details are fuzzy but that sounds about right)
But he wasn't too specific on what tools they use etc. Something around 10 full wipes is easy enough to recover the original data but if you write over it and delete actual data it becomes more corrupted and harder to get back than just all 1 then all 0.

Re:Woah (2, Insightful)

piojo (995934) | about 6 years ago | (#24868389)

When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously.

Do you know how this is done? Because if one just uses a hex editor, wouldn't the hex editor simply see a disk full of nulls?

Re:Woah (1)

v1 (525388) | about 6 years ago | (#24868501)

the 7 pass random wipe is generally accepted as sufficient

Re:Woah (5, Informative)

lgw (121541) | about 6 years ago | (#24867905)

Modern hard drives pack bits *very* densely. The bits overlap by a large amount. The technology to determine whether a bit is 1 or 0 by calling everything above 0.5 a "1" is already necessary to read the bit *normally*. Writing random data to the drive is enough to make any active sectors unrecoverable.

However, modern drives have a huge count of spare sectors, and sectors get retired constantly, and there's no way to wipe those with normal reads and writes. So there's a random sampling of everything you've ever written stored in the retired sectors of a hard drive, and no in-band way to wipe those sectors.

The is why the government standard for hard drves that have ever contained classified information is to shred the hard drive so that the pieces fit through a 1mm sieve. Of course, in reality, the government is just as likely to sell the drives unwiped on Ebay, but that's bureaucracy for you.

Re:Woah (1)

Jah-Wren Ryel (80510) | about 6 years ago | (#24868111)

However, modern drives have a huge count of spare sectors, and sectors get retired constantly, and there's no way to wipe those with normal reads and writes. So there's a random sampling of everything you've ever written stored in the retired sectors of a hard drive, and no in-band way to wipe those sectors.

Does anyone know, off-hand, a way to query a sata disk for at least a count of how many sectors have been re-allocated, if not an actual map of them?

Re:Woah (4, Informative)

piojo (995934) | about 6 years ago | (#24868433)

Does anyone know, off-hand, a way to query a sata disk for at least a count of how many sectors have been re-allocated, if not an actual map of them?

In linux, you can use smartctl (from smartmontools, I think)--
smartctl --all /dev/sda, and look for "Reallocated_Sector_Ct" in the output.

Re:Woah (1)

TheLink (130905) | about 6 years ago | (#24869201)

If I see a reallocated sector, I start thinking about replacing the drive, even if I can't get a warranty for it (the manufacturer will probably say it's still fine by their standards etc).

Re:Woah (3, Interesting)

v1 (525388) | about 6 years ago | (#24868515)

any tool that accesses the drive's smart data can get this. the drive has to be directly connected to the computer, you cannot read smart via usb or firewire bridge. All drives track a small set of smart data including reallocated blocks. Most drives have additional smart parameters whose meaning varies.

Re:Woah (-1, Troll)

Anonymous Coward | about 6 years ago | (#24868317)

The technology to determine whether a bit is 1 or 0 by calling everything above 0.5 a "1"

What does that even mean?? I'd just say we redefined what a "1" was since we have better heads.

Re:Woah (3, Interesting)

jcuervo (715139) | about 6 years ago | (#24868751)

Two things.

First, ever had a magnet accidentally come into contact with your TV? Ever tried to fix it with another magnet, and deemed it "close enough"? There you go. You are a floating head. Your TV is a disk platter.

Second, hand in your geek card.

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24867915)

To linear.

The bit is written onto an area of the disk, but not the entire section allocated to that bit. Using a more sensitive read head can see what the entire region looks like, and thus peek behind the most recent bit written.

The technology does exist it is just expensive, and generally not worth it.

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24867479)

what do they mean by irretrievable:
destroying the filesystem table? (easy to get the data back)
writing all bits to zero? (still retrievable)
writing over all bits with (psuedo-)random data? (aparaently this can be retrieved)
writing over all bits repeatedly?

All of the above is theoretical, for magnetic (platter based) disks. Do a 9 pass 0/1/Rnd pattern set and you're pretty well protected on those.

Flash memory is a little different, figuring out what *was written* after a single pass is a bit like finding what temperature it was yesterday, for every square inch of a room, by reading the temperature for today and trying to guess how it was affected by yesterdays temperature.

Re:Woah (5, Insightful)

Pfhor (40220) | about 6 years ago | (#24867507)

Remember, this is flash, not magnetic bits stored on a spinning metal platter were header drift and other things would theoretically allow you to retrieve data that has long been removed.

Recovering from (intentionally overwritten flash) may be considerably harder than a traditional drive. Most flash recovery apps for cameras, etc. are really just reading the stray bits, as the formatting, etc. does not actually wipe each sector (because flash is rated in number of write operations the individual bits can support before going bad, so you want to minimize that).

Overwriting a flash storage partition on an iphone or other device also makes this harder because you can't easily pop those things open and mount the custom flash chip into some universal adapter and read its filesystem like you can do with any old hard drive (they even make forensic, read only, hard drive enclosures).

So I zero out the data on my iphone, and well, there aren't any jailbroken or app store apps that you can run on the damn thing to do a low level recovery anyway, and I don't know of any target disk raw access mode to the device when attached to a computer that is available outside of apple's developer labs.

Re:Woah (5, Interesting)

v1 (525388) | about 6 years ago | (#24868561)

you can't easily pop those things open and mount the custom flash chip into some universal adapter

Very very few devices use custom flash chips. The iPhone uses off the shelf standard flash memory chips. And in addition to readers that require the removal of the chip, there are units that have cables with clips that just attach right to the chip in the (powered off) device and can pull the data straight off.

And yes you can pop them open pretty easy. Some ipods are harder to open than an iPhone.

Re:Woah (1)

MrZilla (682337) | about 6 years ago | (#24868847)

Indeed. I have not worked with iPhones, but I have been in contact with embedded flash chips from a variety of vendors.

Most use a PATA interface for their disks, and provide a complete layout of all the I/O pins. With this, it is easy enough to throw something together which can let you plug the chip into a regular 80-pin PATA connector, or CF reader if you have one of those laying around.

Re:Woah (1)

v1 (525388) | about 6 years ago | (#24868487)

I'd be willing to wager all it does is offer features like "clear addressbook" which just resets the addressbook database.

In other words, fairly trivial to undo.

Re:Woah (1)

Dan541 (1032000) | about 6 years ago | (#24868771)

writing all bits to zero? (still retrievable)

How is that possible, I assume it's a hardware vulnerability?

Re:Woah (4, Informative)

Constantine XVI (880691) | about 6 years ago | (#24867557)

Go to Options-Security Options-General Settings. Enable password and content protection. Set the security timeout and password attempts to your preference. Now, when the timeout expires (X minutes after you stop hitting buttons) or you hook it to a PC, it asks for a password. If someone types in the wrong password Y times (10 is default, but you can go lower), it forces a reboot, and scrubs down the memory, which takes 20 minutes to an hour.

To force the scrub, go to Options-Security Options-General Settings. Click the menu button, select "Wipe Handheld", type blackberry.

Send me a PIN message at 244EB7DA if you need a hand.

Re:Woah (5, Informative)

Constantine XVI (880691) | about 6 years ago | (#24867629)

PS: For remote wiping, you need to be on a BlackBerry Enterprise Server (BES), which usually means your BB is company-issued. If you need it nuked, call up your admin and ask him to trigger the remote wipe. Keep in mind that the BES can (and usually does) track anything and everything that happens on a BES-connected BB, so a wipe will do nothing to hide things from your company.

Re:Woah (1)

Piranhaa (672441) | about 6 years ago | (#24868597)

It is nice that RIM releases a free registration code to use with ONE blackberry. I have an Exchange setup here with BES tied in. It's nice how much you can actually do remotely. Everything from remote application install, to remote lock/change pin, remote wipe, etc.

Not that I ever lose my phone in bars like people do with theirs. like socks, but it's reassuring knowing all this can be done if it does ever get out of my reach.

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24867675)

You need to write an application that uses the assembly-language CFH opcode (Catch Fire and Halt).

Re:Woah (1)

ColdWetDog (752185) | about 6 years ago | (#24867793)

Too late, I've got it....

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24868807)

If you don't have access to the BES, you can (locally) wipe a blackberry (password store and all) by entering the password to the unit incorrectly 10 times. If the unit has no password, set one, and enter it incorrectly 10 times.

Note: After the fourth time the blackberry will require you to enter "blackberry" to ensure your keyboard isn't malfunctioning / being butt dialed. It will also then SHOW you the password as you type it, in case the keyboard is faulty.

Re:Woah (0)

Anonymous Coward | about 6 years ago | (#24869081)

I can wipe my blackberry to make data irretrievable? I can do it remotely too? HOW?

Blackberries have had this functionality for years. You need a blackberry enterprise server to do it.

I can't be the only one on /.... (5, Interesting)

bistromath007 (1253428) | about 6 years ago | (#24867283)

...who took one look at this and thought "good."

Re:I can't be the only one on /.... (-1, Redundant)

HairyCanary (688865) | about 6 years ago | (#24867499)

Indeed not. That was my first reaction as well.

Re:I can't be the only one on /.... (1, Funny)

Anonymous Coward | about 6 years ago | (#24867511)

No, I'm sure there are other criminals besides yourself on slashdot.

Re:I can't be the only one on /.... (1)

kabocox (199019) | about 6 years ago | (#24867547)

...who took one look at this and thought "good."

I did. I thought hmm, I'd want all the data loaded from a CF card that would be set to wipe if either an incorrect or emergency password were entered. Heck, you could even have a secure CF card that was guaranteed to wipe once its emergency code was sent. Basically, you've got to reformat and copy from another card if you want to reuse it. Or if you really want to go scifi you could have the card and phone turn to dust once the emergency code is entered.

Heck, 8 GB flash cards should be more than enough to store all your average top secret spreadsheet/db files from whomever, unless you've got A/V that you need to protect. Then you've got to wait until 1 TB cards come out.

Re:I can't be the only one on /.... (3, Interesting)

Constantine XVI (880691) | about 6 years ago | (#24867685)

Actually, if you slot a microSD card in a BlackBerry, you can set it up to encrypt the card along with the rest of the device, and it's scrubbed along with everything else if too many wrong passwords are entered in*

*The password and encryption is done device-side, so it even works in Linux.

Re:I can't be the only one on /.... (5, Funny)

Sockatume (732728) | about 6 years ago | (#24867597)

Yeah, after the bean burrito special I really wish I could wipe remotely too.

Re:I can't be the only one on /.... (0)

Anonymous Coward | about 6 years ago | (#24869219)

I say we just take off and wipe the site from orbit. It's the only way to be sure.

Re:I can't be the only one on /.... (1)

iceborer (684929) | about 6 years ago | (#24867609)

Me and Vinny thinks it's great!

Sent from my iPh

Re:I can't be the only one on /.... (1)

nine-times (778537) | about 6 years ago | (#24867873)

Indeed. And this has very little to do with the remote wipe feature. If I have access to a laptop, I can wipe the data there, too. If police get access to my smartphone, they should be able to turn on "airplane mode" and prevent anyone from wiping it.

In fact, it might be a bit suspect for them not to disable the wireless connection as their first act. Imagine if they confiscated your laptop and then immediately connected it to the Internet and left it connected. How could they claim to have secured any data from tampering either way if it's connected to the Internet?

Re:I can't be the only one on /.... (0)

Anonymous Coward | about 6 years ago | (#24868035)

I hope there is mob mentality when they find out the person doing this.

I wouldn't mine kicking the shit out of a person who wiped my phone with all my personal info.

I think (0)

Anonymous Coward | about 6 years ago | (#24868171)

that you have been on windows for far too long and do not understand the meaning of envy.

Re:I can't be the only one on /.... (1)

Ilgaz (86384) | about 6 years ago | (#24868267)

Just days ago, I tried so hard to explain why insecure smart phone can be the most evil thing and one can simply own your real life, identity with it. That happens on a technical site. I just couldn't explain to iPhone owners why their data or simply the smart device itself matters.

There are also opposite camp of idiots who thinks running pirated antivirus with root access to their device is a security solution!

I think the "phone" in "smartphone" confuses people. If they understand it is a mini laptop with excellent communications abilities which aren't found on their laptops, things would be easier.

Since when did anyone pay $15.000 bill because their computer got infected by a virus? It is easy and possible on smart phones :) If one is fool/ignorant enough, it is even possible via WAP or J2ME!

Good. (3, Insightful)

mactard (1223412) | about 6 years ago | (#24867295)

That just means the police need to work a little harder to make a case. It doesn't make it impossible though. The next hope is that they don't outlaw these devices or something. The Brits are a bit jumpy.

Good.-"/." on empty. (0)

Anonymous Coward | about 6 years ago | (#24867363)

"That just means the police need to work a little harder to make a case. "

Care to be more specific?

"It doesn't make it impossible though."

Are you sure?

Re:Good.-"/." on empty. (0)

Anonymous Coward | about 6 years ago | (#24867801)

There is no imaginable scenario in which someone might be successfully prosecuted on the basis of something said, told, or threatened. Therefore, there is no imaginable scenario in which the contents of somebody's emailing phone could prove important in a prosecution.

Re:Good.-"/." on empty. (0)

Anonymous Coward | about 6 years ago | (#24868093)

.......... Wow. You've never heard of conspiracy [wikipedia.org] , have you?

Criminals? (0)

Anonymous Coward | about 6 years ago | (#24867331)

People concerned about THEIR data are wiping their phones.

They MAY be involved in criminal activity but are they criminals?

News At 11 (5, Funny)

CastrTroy (595695) | about 6 years ago | (#24867353)

Criminals destroy evidence that could be used against them. News At 11.

Re:News At 11 (3, Funny)

Nymz (905908) | about 6 years ago | (#24867869)

Let's give the 11 o'clock news some credit. I'm sure they would realize this is computer crime, and use the more accurate and appropriate term. "Hackers destroy evidence that could be used against them."

not even as newsworthy as what you ridicule (1)

commodoresloat (172735) | about 6 years ago | (#24868655)

I actually RTFAd, and there's no evidence whatsoever in the article of criminals actually, you know, doing this sort of thing. It's a forensics expert saying that this cell phone feature "could be exploited by lawbreakers." Gee. And he even says it's not a big problem if it actually ever does happen as it's easily countered by any forensics shop: "He added the unit took precautions to guard against the feature being exploited. 'Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem,' he noted." The whole story is pretty empty, a little bit of whining about how new technology is making their jobs tougher, but that's about it.... Welcome to the 21st century.

Re:News At 11 (1)

Spy der Mann (805235) | about 6 years ago | (#24869099)

And after commercial break: Criminals give new uses to existing technology! :(

photos (4, Interesting)

bbdd (733681) | about 6 years ago | (#24867405)

Don't forget to view the photos. I thought the photos were more interesting than the article.

http://software.silicon.com/security/0,39024655,39270417,00.htm [silicon.com]

Re:photos (1)

Samantha Wright (1324923) | about 6 years ago | (#24867437)

Wow! An electronic nose that can smell incriminating information. We could replace the entire detective industry with these.

"Has my wife been cheating on me, detective?"
"Let's find out!"
*waves electronic nose over computer*
"No—but you've been falsifying information on your tax returns! Consider yourself under arrest."

Encryption (2, Insightful)

Boogaroo (604901) | about 6 years ago | (#24867693)

Here's an interesting bit too. Looks like they try simple password protection breaking, but...

The team does not attempt to crack high-grade encryption, relying instead on the threat of a prison sentence for individuals refusing to hand over passwords or decrypted files.

Re:Encryption (0)

Anonymous Coward | about 6 years ago | (#24867725)

As been said previously, you wouldn't have to give up your passphrase or your key simply because they threaten you.

I know I never will.

Re:Encryption (1)

supernova_hq (1014429) | about 6 years ago | (#24867807)

Sir, we require that you give us information about your device so as we may incarcerate you!
Nope, sorry, I plead the fifth.

Encryption-Constitution. (1, Informative)

Anonymous Coward | about 6 years ago | (#24867843)

"Nope, sorry, I plead the fifth."

The UK doesn't have the fifth.

Re:Encryption-Constitution. (1, Funny)

Anonymous Coward | about 6 years ago | (#24868139)

No fifth? Well give him a couple pints then, maybe they will loosen his tongue.

Re:Encryption (1)

philipgar (595691) | about 6 years ago | (#24867895)

Uh, in the UK you can be forced to (http://yro.slashdot.org/article.pl?sid=07/10/02/1237215)

phil

Re:photos (0)

Anonymous Coward | about 6 years ago | (#24868899)

That suitcase can hold 300TB of data. Hard to believe, literally.

Oh no... (1)

VoltCurve (1248644) | about 6 years ago | (#24867411)

God help us of the terrorists and evil doers find out about the Format command.

Well... (4, Insightful)

Spazntwich (208070) | about 6 years ago | (#24867481)

If the only evidence the police have on said 'criminal' is a string of bits on his cell phone, they probably didn't have much of a case anyway, and likely shouldn't be arresting this criminal.

I genuinely hope small time 'criminals' continue getting these sorts of victories to the point that our police forces are forced to admit they have failed in the war on consensual acts between adults. The change certainly isn't going to come about while our various wars continue to make a tidy profit for those at the top.

Re:Well... (1)

Sockatume (732728) | about 6 years ago | (#24867559)

What about eBay scammers? Extortionists? Kidnappers? Somebody who just won't stop sending you a picture of their wang? In some cases communcations evidence can be very significant indeed.

Re:Well... (1)

Sockatume (732728) | about 6 years ago | (#24867611)

Heck, the article notes that smartphones are used by "enterprise", so that's corporate crime in there as well.

Re:Well... (1)

Rix (54095) | about 6 years ago | (#24867691)

I imagine police forces would have a lot more cooperation on those things if so many people weren't worried that they'd turn on them for smoking the wrong thing.

Re:Well... (1)

pitchpipe (708843) | about 6 years ago | (#24867961)

Somebody who just won't stop sending you a picture of their wang?

What's wrong with a good Wang? [wang2200.org]

Criminals Destroy Evidence on iPhones? (2, Funny)

Dieppe (668614) | about 6 years ago | (#24867551)

...that could be used against them?

Honestly, if the only case the prosecution has is possible evidence on an iPhone, their case is pretty shaky to begin with. Do REAL WORLD investigation you Nazi-a-holes, not worry about virtual evidence that you might or might not be able to get to!

Laptops and cell phones for the paranoid (2, Interesting)

davidwr (791652) | about 6 years ago | (#24867671)

If you are really paranoid, you'll want your laptop or cell phone to:

  • encrypt everything but the bootstrap code
  • store part of the encryption key off-device, such as on a memory stick
  • store part of the encryption key on-device and destroy it after a certain number of failed access attempts or after a specified time period since the last authorized access
  • the on-device key could not be copied without tampering with the device
  • tamper-resistant, preferably destroying the on-device part of the key if the device is tampered with or the battery removed

With this, only experts will be able to copy your device much less decrypt it, and they will have a limited time window to do the copy.

Such a phone or laptop would be good for crossing national borders or any other place where it is subject to search or seizure. If the border guards take it and try to copy it, they may give you back a brick, but at least they won't have anything useful.

Of course, this means you should have your irreplaceable data someplace else for safe-keeping. Think of your phone or laptop as a "convenience copy."

Communications crime (1)

Sockatume (732728) | about 6 years ago | (#24867703)

Given that we have crimes which are commited pretty much entirely via communications (eBay scams, 419 scams, harrasment, extortion, stock mischief, etc. etc.) should it be particularly surprising that some forensic scientists are interested in preserving the evidence that the communications took place?

too bad they couldn't destroy homosexuals (-1, Troll)

Anonymous Coward | about 6 years ago | (#24867727)

fags are a detriment to society and need to be destroyed. don't let those fags in your home. let them rot with their aids until there are no more of them.

Easily prevented (1)

Peter Simpson (112887) | about 6 years ago | (#24867803)

With this...http://www.lessemf.com/fabric.html

Worked on a project to handle just this problem. Shielding fabric allows you to view and manipulate the phone, while preventing it from connecting to the network. A standard anti-static bag works pretty well, too...just make sure you get a good inside-to-inside seal.

Re:Easily prevented (1)

zygotic mitosis (833691) | about 6 years ago | (#24868475)

Maybe the cops should store their electronic evidence in a big Faraday cage [wikipedia.org] . They have existed for ~150 years. Your fabric seems more elegant, but still. This problem has a quick and effective fix, and it will damn sure be easier than getting the telcos to change their technology for you. Unless you're the CIA.

Where is the iPhone's "remote wipe" feature? (0)

Anonymous Coward | about 6 years ago | (#24867809)

Where is the iPhone's "remote wipe" feature?

Time for the police to step up. (1)

supernova_hq (1014429) | about 6 years ago | (#24867835)

Personally, I'm sick and tired of the government and the police agencies bitching and complaining that they can't keep up with all this technology stuff. The criminals seem to be figuring it out just fine and they usually don't have forensics training.

It's time for the police departments to start hiring some technology professionals to work on tech related crimes and evidence instead of simply trying to outlay any device they can't open up and read like a book.

Bottom Line: You guys are being paid by the people to know how to deal with this kind of stuff, so DEAL!

Tone (0)

riceboy50 (631755) | about 6 years ago | (#24867885)

They make it sound like it's a bad thing that people are able to protect their privacy from authorities. It's getting to the point where every time the authorities say something supports criminals/terrorism that you can pretty much bet that's actually a Good Thing.

No different (1)

ArchieBunker (132337) | about 6 years ago | (#24868019)

Than leaving incriminating notes or phone numbers written in a book. Instead of flipping through pages they dump your sim card. If you're going to do illegal things then don't leave anything tangible.

Data Recovery Much? (1)

SoapBox17 (1020345) | about 6 years ago | (#24867949)

Are these guys terrible at their jobs, or do the iPhone and Blackberry come with a way to remotely execute "shred"? Most of the data that is remotely "wiped" should be perfectly salvageable....

Re:Data Recovery Much? (0)

Anonymous Coward | about 6 years ago | (#24868011)

actually the iphone does have a secure wipe mode that takes several hours to complete

Re:Data Recovery Much? (2, Informative)

BSDevil (301159) | about 6 years ago | (#24868079)

If you manually enable "Content Protection" on your BlackBerry, doing a Security Wipe will take on the order of hours, and will overwrite the data several times with different patterns to the point that it's not recoverable by anyone, even RIM (if you don't have that mode enabled, a Security Wipe will only erase user-specific information, and it would be relatively trivial to recover it).

If you're on a BES (meaning your BlackBerry was issued and is controlled by your workplace), your BlackBerry administrator can enable this setting without your input though an IT Policy, and can remotely initiate a Wipe/Shred from within the BES control panel.

you FAil It (-1, Troll)

Anonymous Coward | about 6 years ago | (#24867975)

from the O4e8BSD [goat.cx]

We remote wipe our data in hands of criminals (3, Interesting)

Ilgaz (86384) | about 6 years ago | (#24868209)

Sorry it sounds like a "In Soviet Russia" thing but it is true.

Symbian/WinMobile smart phones have tools to lock the handset remotely or in case of new Kaspersky antivirus/security or other 3rd solutions, you can remotely instruct phone to delete all personal data irrecoverably and lock itself. I am almost sure Blackberry, being an enterprise focused device must have similar option.

Once the Apple decided not to allow background running processes, they lost that possible solution. Not just they don't allow anyone to implement it, they don't implement it themselves too.

It is a completely fool safe thing. User sends a previously set SMS to device, device locks itself. Or in Kaspersky case, it doesn't just lock itself, it wipes its data and optionally transforms itself to a white hat (for you) rootkit/trojan and sends the number of first SIM card plugged to device to previously set number.

Re:We remote wipe our data in hands of criminals (3, Informative)

nxtw (866177) | about 6 years ago | (#24868513)

Symbian/WinMobile smart phones have tools to lock the handset remotely or in case of new Kaspersky antivirus/security or other 3rd solutions, you can remotely instruct phone to delete all personal data irrecoverably and lock itself. I am almost sure Blackberry, being an enterprise focused device must have similar option.

Remote wipe is a feature of BlackBerry/BES and Windows Mobile/Exchange. No third-party software is needed, unless your phone isn't connected to a BES/Exchange server. When the phone receives the wipe signal, all data stored on the device will be wiped.

The iPhone has remote wipe, but I don't think it has encryption of any of the content stored on the device.

BlackBerry has content encryption and the latest Windows Mobile (6.1) has encryption for the entire user-writable storage area. The key is stored on the device, encrypted with a password. BlackBerry overwrites the key in RAM when the device is locked (that is, when the device is inactive for a certain amount of time or when it is placed in its holster); since WM's encryption operates at a lower level, the key does stay in memory while the device is powered on. Either way, cutting power to the RAM will erase the decrypted copy of the key. Both support encryption of storage cards as well.

As long as the device is set to automatically lock itself out and there is no way to bypass the lock screen [engadgetmobile.com] , there's not a whole lot you can do to a fully encrypted WM6.1 device without resorting to a RAM attack [tgdaily.com] or finding a weakness in the implementation. Since the BlackBerry will erase the unencrypted copy of the key when the device is not active, it's secure against searching for the key in RAM, too.

Serious Fraud Office (0)

Anonymous Coward | about 6 years ago | (#24868313)

" The UK police's Serious Fraud Office" as opposed to the Humourous Fraud Office, which goes around nightclubs catching and prosecuting bad comedians.

Next Step (1)

MRB Constant (1333473) | about 6 years ago | (#24868459)

The next step is to demand evidence of business activity -- just to make sure no laws have been broken.

I love my Treo (2, Interesting)

Zorque (894011) | about 6 years ago | (#24868495)

I have a program on there that'll reformat the hard drive and zero everything else out, as well as disabling the SIM card, if I text it a certain phrase. Of course, it isn't all that helpful if whoever gets ahold of my phone just turns the radio off or removes the antenna so it can't receive that message, but I guess I have to count on criminals not knowing much about PalmOS since it's apparently a dying platform or something.

Though fucking noogies (1)

Pig Hogger (10379) | about 6 years ago | (#24868725)

It seems that law enforcement sees itself as more and more godlike when it comes to assume power over mere mortals they are investigating. This arrogance has to be stopped dead, because if left to themselves, they will expect total compliance and disclosure upon request to anyone without any safeguard whatsoever against abuse.

We have to resist indomitably, in order to drive the point home that our information is not a plaything to be rummaged through at will; if the administration of justice suffers for it, better let a criminal escape than harass an innocent.

Re:Though fucking noogies (1)

hyades1 (1149581) | about 6 years ago | (#24869369)

Have you reached the point yet, as I have, where the next person who says, "If you aren't doing something wrong, what are you afraid of" is liable to get a quick kick in the arse in lieu of an extended lesson in civics, freedom, rights and responsibilities?

Your phone is a honeypot. (1)

AHuxley (892839) | about 6 years ago | (#24869235)

A quick history lesson.
Most of the UK's 'cell' tech came from ex Government Communications Headquarters workers.
It was designed on the lessons learned by the UK gov in 1970's in Ireland.
Interception, tracking, impersonation.
The idea that the UK gov ever lost this 'network' is really lol.

The work and deaths of Adamo Bove, head of security at Telecom Italia
and Costas Tsalikides, Vodafone's network planning manager in Greece,
show that all aspects of cell phone use are wide open to all.

cover up? (0)

Anonymous Coward | about 6 years ago | (#24869415)

Any other tin-foil-hatters think maybe the cops are really the ones doing the wiping to cover up their tracks? Then just tell everyone it's the criminals and nobody's the wiser.

Alright, I think I need to crawl back into the basement now...

I wish I could've said it was erasable... (1, Interesting)

Anonymous Coward | about 6 years ago | (#24869635)

I worked at a high school that was administering standardized tests--standard procedure is that cameras and phones stay in backpacks to keep students from leaking the exams. Makes sense.

Turns out a few students are so phone addicted they put their phone in their pocket, ask to use the bathroom, and whip the phone out the second they enter the hall. The phones were quickly confiscated by a hall monitor.

Being the school's sysadmin, there was insistence that I check every one of these confiscated phones for evidence of trying to leak exam information--page pictures, text messages, etc. Of course, I found nothing.

I explained that, IF the students were in fact doing this, they could easily delete any evidence they were leaking information--picture archive and sent-messages folder. I was looked at as if I had grown a third nipple--I might as well have been speaking Farsi.

BTW, there's a feature I want in a camera phone. Upon pressing one key, the camera phone commits to taking a picture and immediately e-mailing it to a predetermined e-mail address. That way, should a person/police officer take the phone or swat it out of your hand, it's too late, unless they can physically break the phone or remove the battery within the 3 seconds the picture takes to send...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?