A Device to Grab Data From Cell Phones

what about writes "Apparently there is a quick, simple, and undetectable way to grab all of your cellphone data. CNet reports on the Cellular Seizure Investigation (CSI) Stick, developed for law enforcement but available to the public, which 'connects to the data/charging port and will seamlessly grab e-mails, instant messages, dialed numbers, phone books and anything else that is stored in memory. It will even retrieve deleted files that have not been overwritten. And there is no trace whatsoever that the information has been compromised, nor any risk of corruption. This may be especially troublesome for corporate employees and those that work for government agencies.' I use mobile knox, a secure storage application, for my important data, but I would be very upset if somebody grabbed my telephone list, SMS, or anything else from my locked phone."

Probable Cause and Warrants

[Doc+Ruby]

In the US, we used to have this requirement that the government protect our rights:

Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Without probable cause and a legitimate warrant based on it, there is no reasonable search or seizure, no usable evidence. There's only an armed gang assaulting and violating their victim.

A fancy new way to invade privacy is just an expensive and effective battering ram.

Re:Probable Cause and Warrants

[noco80]

Actually, you should read up on your Supreme Court jurisprudence. The Court, led by Justice Thomas, has begun to read the text literally. If you notice, there is no requirement that a search be made after a warrant is granted. Instead, it protects people from unreasonable searches. WHEN a warrant is issued, that warrant must be based upon probable cause. Generally, it has been presumed that a search of an area where a person has a legitimate expectation of privacy is only reasonable when done pursuant to a warrant. This view, though, is not the only one. The Court has begun to evaluate a search as whether it is unreasonable - not merely if it was done pursuant to a warrant.

Re:This only works on SOME phones

I see a market for "secure" phones where the data part of the data/charging port is disabled unless you plug in a key or type in a code. Many companies will gladly pay for such a device.

You know what those "secure" phones are called? Blackberries. Go buy one today!

On a blackberry, you can have all content on the phone strongly encrypted with AES. If your company has a blackberry enterprise server, you can even make this mandatory and prevent the user from disabling content encryption.

If content encryption is on, then the blackberry won't send data via the data port or bluetooth until the password is entered. Enter the wrong password 10 times and the blackberry securely wipes itself.

Despite the proliferation of mobile phones & wireless email, no one comes close to the blackberry platform for features & security. Not iphone, not windows mobile, not nokia. Some very smart people at RIM have looked at wireless email from end-to-end. The blackberry platform has also been audited from end-to-end by many governments and tech experts. What RIM really needs is a good marketing campaign to establish themselves as a "cool" brand.

Re:How much? Where?

[GodBlessTexas]

Yeah, you can find it at csistick.com. Price is $299 for the hardware + Device Seizure Lite software to access the acquired data.

I have a couple of these at work, since my job is as a forensics investigator, and they're nifty, but they're very limited in what you can do with them since they only support Motorola and Samsung. There are better tools out there:
PDA Seizure, Cell Seizure, Pilot-Link (Open Source), BitPIM (Open Source), ForensicSIM, etc.