Criminals Remote-Wiping Cell Phones

← Back to Stories (view on slashdot.org)

Criminals Remote-Wiping Cell Phones

Posted by samzenpus on Wednesday September 3, 2008 @11:58AM from the this-phone-will-self-destruct dept.

An anonymous reader writes "Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."

191 comments

Min score:

Reason:

Sort:

First POST by vimm · 2008-09-03 11:59 · Score: 0, Troll

my touchpad iphone is faster than your blackberriii
1. Re:First POST by Anonymous Coward · 2008-09-03 12:34 · Score: 5, Insightful
  
  I'm glad these articles focus on the negative facts that police have trouble with, and not the USEFUL part of remote data wipe so that millions of customers data can be deleted when a device is lost, instead of having that information in the hands of people that could do some damage. I'll take a wipe of evidence for that security any day.
2. Re:First POST by bigplrbear · 2008-09-03 13:00 · Score: 1
  
  *file "First POST" has been deleted*
  
  *have a nice day*
3. Re:First POST by Lumpy · 2008-09-03 13:06 · Score: 4, Interesting
  
  if the cops had any brains they would shut off the phones (remove battery) the second they get it and then give it to forensics that should have the IQ to operate it in a faraday cage so that it cant be tampered with remotely. Do they take laptops and PC's they capture and hook them to the net and turn them on? Why do they connect phones to the network when they look at them?
  Come on, I though they taught the police how to handle evidence. Are you telling me that CSI tv show is a LIE!!!!
  
  --
  Do not look at laser with remaining good eye.
4. Re:First POST by MightyYar · 2008-09-03 13:06 · Score: 5, Insightful
  
  Not to mention right near the top of the ARTICLE ITSELF:
  
  "Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem," he noted.
  Um, so the problem is? Talk about sensationalism.
  
  --
  W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
5. Re:First POST by OECD · 2008-09-03 13:08 · Score: 0, Troll
  
  I'm glad these articles focus on the negative facts that police have trouble with, and not the USEFUL part of remote data wipe so that millions of customers data can be deleted when a device is lost...
  Yeah, that would be useful. How do you do that on an iPhone? I thought that the lack of that feature was one of it's problems for Enterprise.
  
  --
  One man's -1 Flamebait is another man's +5 Funny.
6. Re:First POST by Anonymous Coward · 2008-09-03 13:14 · Score: 0
  
  Yep. All they need to do is wrap them up in some aluminum foil. Then let the technicians deal with getting the data.
7. Re:First POST by Karlt1 · 2008-09-03 13:38 · Score: 4, Informative
  
  Yeah, that would be useful. How do you do that on an iPhone? I thought that the lack of that feature was one of it's problems for Enterprise.
  It was added as part of the 2.0 firmware upgrade.
  http://www.apple.com/iphone/enterprise/
  eatures include:
  * Push email
  * Push contacts
  * Push calendar
  * Global Address List (GAL) support
  * Certificates and identities
  * WPA2/802.1X
  * Enforced security policies
  * Cisco logo More VPN protocols
  * Device configuration
  * Remote wipe
8. Re:First POST by sootman · 2008-09-03 14:21 · Score: 1
  
  No doubt. They should have said "Remote wipe is useful in situations such as..." and then link to all the stories we've seen about lost laptops in the last year.
  
  --
  Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
9. Re:First POST by KGIII · 2008-09-03 17:27 · Score: 2, Funny
  
  The idea made me curious. I just wrapped my phone (mobile) in a rather large ball of aluminum foil. I then called it. Err... It still rang. I don't have any scientific evidence to say why, how, or all that but it rang. I obviously couldn't answer it.
  
  --
  "So long and thanks for all the fish."
10. Re:First POST by dougisfunny · 2008-09-03 18:23 · Score: 1
  
  it used the ball of aluminum foil as an antenna?
  
  --
  This is not the funny you're looking for.
11. Re:First POST by dashesy · 2008-09-03 18:31 · Score: 1, Informative
  
  Try a thicker foil (and make sure there exists no holes in it), at some point it would stop ringing because it should shield against the magnetic field.
12. Re:First POST by TheRaven64 · 2008-09-03 22:27 · Score: 0
  
  Did you earth the foil? If not, you'd be better off insulating it with a non-conductor, otherwise you're just wrapping your phone in a big antenna. There are paints designed specifically to block RF at certain frequencies. The police would be better off getting evidence bags that do this. Of course, then a competent criminal just needs to have a secondary circuit in their phone which physically destroys the flash chip if it's out of signal range for more than a fixed period.
  
  --
  I am TheRaven on Soylent News
13. Re:First POST by KGIII · 2008-09-03 22:53 · Score: 2, Funny
  
  NOT A SCIENTIST... So... I was curious. The dimensions were *about* 8" across with the phone in the center. Since I have had people tell me to drill holes in it. I will try that next.
  
  --
  "So long and thanks for all the fish."
14. Re:First POST by KGIII · 2008-09-03 23:05 · Score: 1
  
  Will ground in the morning.
  
  --
  "So long and thanks for all the fish."
15. Re:First POST by Z00L00K · 2008-09-03 23:07 · Score: 1
  
  Removal of battery is feasible, since most of the information of interest is stored in flash, but it doesn't work for all phones since a few uses ordinary RAM and a backup capacitor, which effectively will wipe the phone completely if the battery is removed for too long.
  So you have to know the phone to take the correct measures to allow the forensic team to have something to work with.
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
16. Re:First POST by Lumpy · 2008-09-03 23:22 · Score: 1
  
  The frequency you are using on your phone is very high, any tiny gaps in the foil will allow the signal in.
  Carefully wrap the phone in foil, make all seams double folded, creased and taped and then wrap it again that way and try again.
  
  --
  Do not look at laser with remaining good eye.
17. Re:First POST by speculatrix · 2008-09-04 00:33 · Score: 3, Funny
  
  yes, drilling holes in your phone would definitely stop it from connecting to the cell network.
18. Re:First POST by smoker2 · 2008-09-04 00:47 · Score: 2, Interesting
  
  A Faraday cage needs the cage and the object to be electrically separated. Otherwise, you just gave your device a big antenna.
19. Re:First POST by Anonymous Coward · 2008-09-04 01:10 · Score: 0
  
  Try putting it in the microwave - should stop the radio signal reaching it. Turn the microwave on if you want a delicious hot phone snack.
20. Re:First POST by PMuse · 2008-09-04 01:19 · Score: 1
  
  "Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem," he noted.
  So, law enforcement is deliberately keeping my company from protecting it's customers' data? Great. My customers will feel much more secure knowing that their data is safe in some random evidence locker in some random town than having it be gone.
  
  --
  "We reject as false the choice between our safety and our ideals." --The American President (20.1.2009)
21. Re:First POST by MightyYar · 2008-09-04 01:31 · Score: 2, Interesting
  
  I suppose if you are an organized crime syndicate, yes, they are interfering with your business plan. Perhaps you should inform all of your employees, er... henchmen, to please refrain from leaving their iPhone at any crime scenes they have created.
  
  --
  W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
22. Re:First POST by lucifuge31337 · 2008-09-04 03:05 · Score: 2, Funny
  
  Show me how to easily take the battery out of an iPhone. Please.
  
  --
  Do not fold, spindle or mutilate.
23. Re:First POST by dougmc · 2008-09-04 03:15 · Score: 2
  
  If it's truly a proper Faraday cage for the frequencies involved, it doesn't matter if the object and the cage are electrically separated or not -- it'll still work. This is a function of Gauss's law.
  In this case, either the aluminum foil wasn't thick enough, or the gaps in it were too large. A cell phone is generally pretty sensitive, so even if you reduce the signal by a factor of one million, it may still be able to pick it up.
24. Re:First POST by ChrisA90278 · 2008-09-04 05:00 · Score: 1
  
  Your ball of foil was NOT a faraday cage. Or rather it was a very poorly constructed one. You need a fully conductive enclosure with very tight seems. In professionally constructed enclosures you will notice things like copper gaskets and closely spaced bolts, doors where a copper knife edge is forced by a cam into a narrow slot. Even after the enclosure is built it must be tested and small air-gaps found and repaired.
  In your case, a foil to foil joint is likely not conductive. Oxide coating on the Al foil acts as an insulator and you get a few ohms of resistance, at least.
  Try another test using copper or brass pipe. Put the phone inside a length of pipe and screw end caps over each end of the pipe. Tighten until the bare metal on metal threads from a gas tight seal.
25. Re:First POST by pandrijeczko · 2008-09-04 05:20 · Score: 1
  
  How about making the aluminium foil into a hat shape before putting the mobile phone in it? It works for me.
  
  --
  Gentoo Linux - another day, another USE flag.
26. Re:First POST by An+ominous+Cow+art · 2008-09-04 06:24 · Score: 1
  
  Or maybe THEY programmed you to spread that disinformation.
27. Re:First POST by AndrewNeo · 2008-09-04 07:34 · Score: 1
  
  Don't most phones have an airplane mode, to turn off the radio...?
28. Re:First POST by KGIII · 2008-09-04 07:58 · Score: 2, Interesting
  
  Wrapped carefully and it did not ring. :)
  
  --
  "So long and thanks for all the fish."
29. Re:First POST by KGIII · 2008-09-04 07:59 · Score: 1
  
  I wrapped it, instead of balling it up, and it didn't ring. It didn't ring in a microwave either. :)
  
  --
  "So long and thanks for all the fish."
30. Re:First POST by KGIII · 2008-09-04 08:01 · Score: 1
  
  Nope, didn't ring in the microwave. (Then I put a lightbulb in water into the microwave. That's another story for another day.) I also wrapped it carefully (not balled) and folded all the seams over that I could and it no longer rang. Yes, I have no life and my wife thinks I'm insane.
  
  --
  "So long and thanks for all the fish."
31. Re:First POST by KGIII · 2008-09-04 08:03 · Score: 1
  
  That worked just wonderfully - it didn't ring. Nor in a microwave either. Yeah... I really need a life.
  
  --
  "So long and thanks for all the fish."
32. Re:First POST by jonbryce · 2008-09-04 09:58 · Score: 1
  
  Interesting. I put mine in my Microwave (switched off obviously), and called it.
  It rang.
  It was on the glass turntable, so it couldn't have used the walls of the microwave as an antenna.
Woah by Anonymous Coward · 2008-09-03 11:59 · Score: 1, Interesting

I can wipe my blackberry to make data irretrievable? I can do it remotely too? HOW?
1. Re:Woah by RiotingPacifist · 2008-09-03 12:08 · Score: 3, Informative
  
  what do they mean by irretrievable:
  destroying the filesystem table? (easy to get the data back)
  writing all bits to zero? (still retrievable)
  writing over all bits with (psuedo-)random data? (aparaently this can be retrieved)
  writing over all bits repeatedly?
  
  --
  IranAir Flight 655 never forget!
2. Re:Woah by Anonymous Coward · 2008-09-03 12:21 · Score: 2, Insightful
  
  on a hard disk you would be correct, try it with anything else and you get bupkis back.
3. Re:Woah by Anonymous Coward · 2008-09-03 12:22 · Score: 0
  
  writing all bits to zero? (still retrievable)
  Why is that the case? I've always wondered how that's possible.
4. Re:Woah by Anonymous Coward · 2008-09-03 12:25 · Score: 0
  
  what do they mean by irretrievable:
  destroying the filesystem table? (easy to get the data back)
  writing all bits to zero? (still retrievable)
  writing over all bits with (psuedo-)random data? (aparaently this can be retrieved)
  writing over all bits repeatedly?
  All of the above is theoretical, for magnetic (platter based) disks. Do a 9 pass 0/1/Rnd pattern set and you're pretty well protected on those.
  Flash memory is a little different, figuring out what *was written* after a single pass is a bit like finding what temperature it was yesterday, for every square inch of a room, by reading the temperature for today and trying to guess how it was affected by yesterdays temperature.
5. Re:Woah by blueg3 · 2008-09-03 12:26 · Score: 4, Informative
  
  You have to use something like squid, but it's because of magnetic hysteresis. (I could explain, but Wikipedia is pretty acccurate.)
  It's possible in theory, but in practice, it's technology that law enforcement doesn't have access to.
6. Re:Woah by khellendros1984 · 2008-09-03 12:27 · Score: 5, Informative
  
  Magnetism is an analog property used to store digital information. A bit can be wiped so that a standard detector would read it as a zero, but the bit may be legible by a more sensitive detector.
  
  For instance, say that anything above "0.5" (half of the full possible theoretical strength of the magnetic field there) is a 1, and anything below is a 0. Maybe, the drive would actually write "0.9", which would be correctly interpreted as 1. If that number was blanked, maybe it becomes "0.3"....low enough to be a 0, but maybe another detector could tell the difference and know what the original value was.
  
  --
  It is pitch black. You are likely to be eaten by a grue.
7. Re:Woah by Pfhor · 2008-09-03 12:27 · Score: 5, Insightful
  
  Remember, this is flash, not magnetic bits stored on a spinning metal platter were header drift and other things would theoretically allow you to retrieve data that has long been removed.
  Recovering from (intentionally overwritten flash) may be considerably harder than a traditional drive. Most flash recovery apps for cameras, etc. are really just reading the stray bits, as the formatting, etc. does not actually wipe each sector (because flash is rated in number of write operations the individual bits can support before going bad, so you want to minimize that).
  Overwriting a flash storage partition on an iphone or other device also makes this harder because you can't easily pop those things open and mount the custom flash chip into some universal adapter and read its filesystem like you can do with any old hard drive (they even make forensic, read only, hard drive enclosures).
  So I zero out the data on my iphone, and well, there aren't any jailbroken or app store apps that you can run on the damn thing to do a low level recovery anyway, and I don't know of any target disk raw access mode to the device when attached to a computer that is available outside of apple's developer labs.
8. Re:Woah by Constantine+XVI · 2008-09-03 12:32 · Score: 4, Informative
  
  Go to Options-Security Options-General Settings. Enable password and content protection. Set the security timeout and password attempts to your preference. Now, when the timeout expires (X minutes after you stop hitting buttons) or you hook it to a PC, it asks for a password. If someone types in the wrong password Y times (10 is default, but you can go lower), it forces a reboot, and scrubs down the memory, which takes 20 minutes to an hour.
  To force the scrub, go to Options-Security Options-General Settings. Click the menu button, select "Wipe Handheld", type blackberry.
  Send me a PIN message at 244EB7DA if you need a hand.
  
  --
  "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
9. Re:Woah by Constantine+XVI · 2008-09-03 12:37 · Score: 5, Informative
  
  PS: For remote wiping, you need to be on a BlackBerry Enterprise Server (BES), which usually means your BB is company-issued. If you need it nuked, call up your admin and ask him to trigger the remote wipe. Keep in mind that the BES can (and usually does) track anything and everything that happens on a BES-connected BB, so a wipe will do nothing to hide things from your company.
  
  --
  "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
10. Re:Woah by Anonymous Coward · 2008-09-03 12:42 · Score: 0
  
  You need to write an application that uses the assembly-language CFH opcode (Catch Fire and Halt).
11. Re:Woah by Rorschach1 · 2008-09-03 12:49 · Score: 3, Interesting
  
  And there's probably a certain amount of hysteresis too, so maybe that 0.3 gets overwritten with a 1 to become 0.93, and then with another 0 to become 0.393, and you can recover previous values to a degree limited by the amount of hysteresis, sensitivity of the detector, and noise floor. Or at least that's the theory I've always heard on why you're supposed to overwrite hard drives multiple times... I've never actually heard of it being done, but the assumption has always been that 'they' have the ability to do it. Anyone care to provide more substantial information on the feasibility of this sort of recovery?
12. Re:Woah by ColdWetDog · 2008-09-03 12:54 · Score: 1
  
  Too late, I've got it....
  
  --
  Faster! Faster! Faster would be better!
13. Re:Woah by lgw · 2008-09-03 13:08 · Score: 5, Informative
  
  Modern hard drives pack bits *very* densely. The bits overlap by a large amount. The technology to determine whether a bit is 1 or 0 by calling everything above 0.5 a "1" is already necessary to read the bit *normally*. Writing random data to the drive is enough to make any active sectors unrecoverable.
  However, modern drives have a huge count of spare sectors, and sectors get retired constantly, and there's no way to wipe those with normal reads and writes. So there's a random sampling of everything you've ever written stored in the retired sectors of a hard drive, and no in-band way to wipe those sectors.
  The is why the government standard for hard drves that have ever contained classified information is to shred the hard drive so that the pieces fit through a 1mm sieve. Of course, in reality, the government is just as likely to sell the drives unwiped on Ebay, but that's bureaucracy for you.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
14. Re:Woah by Anonymous Coward · 2008-09-03 13:10 · Score: 0
  
  To linear.
  The bit is written onto an area of the disk, but not the entire section allocated to that bit. Using a more sensitive read head can see what the entire region looks like, and thus peek behind the most recent bit written.
  The technology does exist it is just expensive, and generally not worth it.
15. Re:Woah by Xanius · 2008-09-03 13:11 · Score: 5, Interesting
  
  When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously.
  We had a guest speaker that told us some of what he does, he's a forensic analyst that pulls information from drives in criminal cases. He said that it takes somewhere around 72 hours to read a decent sized drive and costs around $10k to get it done.(It's been a few years so the details are fuzzy but that sounds about right)
  But he wasn't too specific on what tools they use etc. Something around 10 full wipes is easy enough to recover the original data but if you write over it and delete actual data it becomes more corrupted and harder to get back than just all 1 then all 0.
16. Re:Woah by Jah-Wren+Ryel · 2008-09-03 13:31 · Score: 1
  
  However, modern drives have a huge count of spare sectors, and sectors get retired constantly, and there's no way to wipe those with normal reads and writes. So there's a random sampling of everything you've ever written stored in the retired sectors of a hard drive, and no in-band way to wipe those sectors.
  Does anyone know, off-hand, a way to query a sata disk for at least a count of how many sectors have been re-allocated, if not an actual map of them?
  
  --
  When information is power, privacy is freedom.
17. Re:Woah by piojo · 2008-09-03 14:04 · Score: 2, Insightful
  
  When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously.
  Do you know how this is done? Because if one just uses a hex editor, wouldn't the hex editor simply see a disk full of nulls?
  
  --
  A cat can't teach a dog to bark.
18. Re:Woah by piojo · 2008-09-03 14:07 · Score: 4, Informative
  
  Does anyone know, off-hand, a way to query a sata disk for at least a count of how many sectors have been re-allocated, if not an actual map of them?
  In linux, you can use smartctl (from smartmontools, I think)--
  smartctl --all /dev/sda, and look for "Reallocated_Sector_Ct" in the output.
  
  --
  A cat can't teach a dog to bark.
19. Re:Woah by v1 · 2008-09-03 14:11 · Score: 1
  
  I'd be willing to wager all it does is offer features like "clear addressbook" which just resets the addressbook database.
  In other words, fairly trivial to undo.
  
  --
  I work for the Department of Redundancy Department.
20. Re:Woah by v1 · 2008-09-03 14:13 · Score: 1
  
  the 7 pass random wipe is generally accepted as sufficient
  
  --
  I work for the Department of Redundancy Department.
21. Re:Woah by v1 · 2008-09-03 14:15 · Score: 3, Interesting
  
  any tool that accesses the drive's smart data can get this. the drive has to be directly connected to the computer, you cannot read smart via usb or firewire bridge. All drives track a small set of smart data including reallocated blocks. Most drives have additional smart parameters whose meaning varies.
  
  --
  I work for the Department of Redundancy Department.
22. Re:Woah by v1 · 2008-09-03 14:20 · Score: 5, Interesting
  
  you can't easily pop those things open and mount the custom flash chip into some universal adapter
  Very very few devices use custom flash chips. The iPhone uses off the shelf standard flash memory chips. And in addition to readers that require the removal of the chip, there are units that have cables with clips that just attach right to the chip in the (powered off) device and can pull the data straight off.
  And yes you can pop them open pretty easy. Some ipods are harder to open than an iPhone.
  
  --
  I work for the Department of Redundancy Department.
23. Re:Woah by Piranhaa · 2008-09-03 14:22 · Score: 1
  
  It is nice that RIM releases a free registration code to use with ONE blackberry. I have an Exchange setup here with BES tied in. It's nice how much you can actually do remotely. Everything from remote application install, to remote lock/change pin, remote wipe, etc.
  Not that I ever lose my phone in bars like people do with theirs. like socks, but it's reassuring knowing all this can be done if it does ever get out of my reach.
24. Re:Woah by jcuervo · 2008-09-03 14:38 · Score: 3, Interesting
  
  Two things.
  
  First, ever had a magnet accidentally come into contact with your TV? Ever tried to fix it with another magnet, and deemed it "close enough"? There you go. You are a floating head. Your TV is a disk platter.
  
  Second, hand in your geek card.
  
  --
  Assume I was drunk when I posted this.
25. Re:Woah by Dan541 · 2008-09-03 14:42 · Score: 1
  
  writing all bits to zero? (still retrievable)
  How is that possible, I assume it's a hardware vulnerability?
  
  --
  An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
26. Re:Woah by Anonymous Coward · 2008-09-03 14:47 · Score: 0
  
  If you don't have access to the BES, you can (locally) wipe a blackberry (password store and all) by entering the password to the unit incorrectly 10 times. If the unit has no password, set one, and enter it incorrectly 10 times.
  Note: After the fourth time the blackberry will require you to enter "blackberry" to ensure your keyboard isn't malfunctioning / being butt dialed. It will also then SHOW you the password as you type it, in case the keyboard is faulty.
27. Re:Woah by MrZilla · 2008-09-03 14:51 · Score: 1
  
  Indeed. I have not worked with iPhones, but I have been in contact with embedded flash chips from a variety of vendors.
  
  Most use a PATA interface for their disks, and provide a complete layout of all the I/O pins. With this, it is easy enough to throw something together which can let you plug the chip into a regular 80-pin PATA connector, or CF reader if you have one of those laying around.
  
  --
  mov ax, 4c00h
  int 21h
28. Re:Woah by Anonymous Coward · 2008-09-03 15:21 · Score: 0
  
  I can wipe my blackberry to make data irretrievable? I can do it remotely too? HOW?
  Blackberries have had this functionality for years. You need a blackberry enterprise server to do it.
29. Re:Woah by TheLink · 2008-09-03 15:38 · Score: 1
  
  If I see a reallocated sector, I start thinking about replacing the drive, even if I can't get a warranty for it (the manufacturer will probably say it's still fine by their standards etc).
  --
  
  Too many replies beneath your current threshold
30. Re:Woah by lgw · 2008-09-03 16:40 · Score: 1
  
  Modern drives come with a huge number of spare sectors pre-allocated (nearly half for SCSI drives I think, giving them a longer life). Sectors fail in the normal operation of modern drives. Thanks to good error correction, this rarely results in data loss - less data loss than drives of 20 years ago, that you did want to toss on the first bad block.
  The hard drive business is *very* competitive. The manufacturers go to extremes to increase density, including raming the density up so high that the failure rate is so high that you need half the space on the disk for spare sectors and redundant bits for ECC, because you still come out ahead on available drive space.
  This is one reason I recommend quality tape over disk for long-term storage - the tape guys get to use actual compression, so they can play fewer dangerous games to increase capacity. This is also why SCSI is so much more expensive than SATA for the same capacity (and often the exact same hardware) - you significantly reduce the chance of bitwise data loss due to these games, because the vendors don't push the limits as much with the formatting.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
31. Re:Woah by Fulcrum+of+Evil · 2008-09-03 17:07 · Score: 1
  
  Thermite is proof against HD forensics. Of course, you need some notice period if you want to avoid burning down your house.
  
  --
  "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
32. Re:Woah by TheLink · 2008-09-03 19:25 · Score: 1
  
  I strongly doubt they allocate that much space (as you claim) for spare sectors.
  From what I see it's a small percentage - maybe at most thousands of spare sectors for hundreds of million sectors.
  Just a google for complaints shows that people are already in serious trouble when their drive starts using hundreds of spare sectors.
  Thus I think my current policy is safer.
  As for SCSI vs SATA there is evidence that the failure rates are not significantly different (at least for recent drives):
  http://labs.google.com/papers/disk_failures.html
  http://www.usenix.org/events/fast07/tech/schroeder/schroeder_html/index.html
  http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=disaster_recovery&articleId=9025380&taxonomyId=151&intsrc=kc_feat
  It'll be interesting if you have evidence that says otherwise.
  --
  
  Too many replies beneath your current threshold
33. Re:Woah by commodoresloat · 2008-09-03 20:03 · Score: 2, Insightful
  
  yeah that sounds like BS to me, I'd like to hear an explanation too. The magnetic explanations people have posted above are far more consistent with what I've heard about data recovery from wiped disks, which all involved hardware -- I've never heard of recovery through software alone, and it doesn't seem plausible. A hex editor would obviously be able to "undelete" data that had been "deleted" in the normal way, but I can't see how it would get to data that had been nulled.
34. Re:Woah by commodoresloat · 2008-09-03 20:12 · Score: 1
  
  Send me a PIN message at 244EB7DA if you need a hand.
  I would, but I just wiped all my data and deleted the PIN...
35. Re:Woah by commodoresloat · 2008-09-03 20:14 · Score: 1
  
  so a wipe will do nothing to hide things from your company.
  Plus it might seem just a little suspicious when you call the admin and ask them to wipe your machine.
36. Re:Woah by Anonymous Coward · 2008-09-03 20:33 · Score: 1, Funny
  
  Just to confirm, you are only a floating head if your TV contains a CRT. If it's an LCD or Plasma, you just look silly.
37. Re:Woah by Beale · 2008-09-03 22:06 · Score: 1
  
  I believe drilling is the more common approach.
38. Re:Woah by TheRaven64 · 2008-09-03 22:41 · Score: 1
  
  The technology to determine whether a bit is 1 or 0 by calling everything above 0.5 a "1" is already necessary to read the bit *normally*.
  It's all about size. The drives pack data as close as something that can fit in the drive and be powered by a computer can do and still get an accurate threshold value while spinning the disk at 7.2KRPM. Now, take the platter out of the drive (in a vacuum, or clean-room environment) and hook it up to a STEM or similar. You'll find that the accuracy of the analogue signal improves a lot.
  Often you can do well simply by replacing the controller. The thresholding is done in the ADC, which is on the bottom of most drives. If you spin the disk more slowly and put in a better ADC, then you can get back a range of digital values greater than 0-1 for every bit on the disk. This wouldn't help a normal drive. If you're now getting 0-3, then 0 means 0, 3 means 1, 1 means 0 but the last value was probably 1, and 2 means 1 but the last value was probably 0. Note the probably here - you can't accurately recover the data, but you might be lucky. If the person wiped with zeros instead of random data you get better results because every domain has had the same magnetic value applied (modulo leakage from surrounding domains).
  Since this requires significant tampering with the drive, it's not admissible in a court, but it is useful in intelligence circles.
  
  --
  I am TheRaven on Soylent News
39. Re:Woah by ale_ryu · 2008-09-03 23:55 · Score: 1
  
  Then writing all the bits to one should do the trick, wouldn't it?
  
  --
  Check out my blog!
40. Re:Woah by link-error · 2008-09-04 00:23 · Score: 1
  
  This is probably because most O/S's only erase the FAT entries but actually left the file intact on the disk. Browsing the low level sectors still showed the data. This is just from a simple delete, not a wipe process.
  
  --
  -Unresolved symbol? Byte me!
41. Re:Woah by AlecC · 2008-09-04 00:39 · Score: 1
  
  In a disk,the tracks have a physical size, and the heads don't always get to exactly the same position when they re-write the track. So if you write a data track, then overwrite it, the overwrite may be slightly to the left or right of the original, and a little bit of the original is not overwritten. If you then deliberately command the read to a small fraction out, you may get enough signal to pick up the deleted data.
  To actually overwrite the data, I would guess you have to have one overwrite slightly to the left of the original write, and one slightly to the right. But since you cannot predict what is going to happen, because it is dues to minute and unrepeatable mechanical effects, you need to overwrite it multiple times using different patterns of seeks to get to the track.
  
  --
  Consciousness is an illusion caused by an excess of self consciousness.
42. Re:Woah by AlecC · 2008-09-04 00:42 · Score: 1
  
  One drive I studied had a policy of one spare sector per track plus one spare track per cylinder (this was a while back, when disks often had five platters). Which meant that performance fell sharply as the number of faults passed one per track.
  
  --
  Consciousness is an illusion caused by an excess of self consciousness.
43. Re:Woah by AlecC · 2008-09-04 00:45 · Score: 1
  
  You need to distinguish between sectors reallocated at manufacturing time, which are relatively benign, and those auto-replaced later. For the latter, I would mostly agree with you. One or two reallocations don't seem to be a problem, but as many as five have usually shown a drive on its last legs.
  
  --
  Consciousness is an illusion caused by an excess of self consciousness.
44. Re:Woah by Hatta · 2008-09-04 02:39 · Score: 1
  
  What does a caching proxy have to do with securely deleting files?
  
  --
  Give me Classic Slashdot or give me death!
45. Re:Woah by NeoSkandranon · 2008-09-04 02:41 · Score: 1
  
  IIRC the iPhone's flash chips are fine pitch surface mount and soldered to a board--I don't know of any way you could feasibly attach leads to a chip like that without taking it off the board and putting it in some kind of specialized unit.
  
  --
  If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
46. Re:Woah by NeoSkandranon · 2008-09-04 02:49 · Score: 1
  
  Whoops, "surface mount and soldered" -1 redundant
  
  --
  If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
47. Re:Woah by dougmc · 2008-09-04 03:18 · Score: 1
  
  He probably got the details wrong. More likely is that the disk was erased via (quick) formatting (i.e. write a new FAT and not much else) and then the data was still found to be there with a hex editor.
48. Re:Woah by dougmc · 2008-09-04 03:23 · Score: 1
  
  In real world situations, once random will stop anybody who isn't ready to throw lots of money and time at the problem. Twice random will probably stop most of the rest. Three or four random passes will probably stop the NSA even if they have a million dollar budget to get your data.
  Seven pass is just massive overkill, `just in case'. But since it only takes a little longer than twice as long as three overwrites, might as well, just to be _sure_.
  Of course, this all assumes that the data is actually being overwritten. If your drive has a sector that was marked bad and remapped, it doesn't matter if your drive is written 1000 times with random data-- if this old sector isn't being rewritten, then it's still there for somebody with the right skills and equipment (who can bypass the remapping) to read.
49. Re:Woah by blueg3 · 2008-09-04 03:51 · Score: 1
  
  The other squid -- a Superconducting Quantum Interference Device.
50. Re:Woah by Anonymous Coward · 2008-09-04 04:13 · Score: 0
  
  "writing all bits to zero? (still retrievable)"
  I'm pretty sure Bruce Schneier (who originally found a theoretical way to retrieve 0ed out data) was both talking about a different kind of hard disk and has since stated that his method is non-applicable to modern storage. If you have data to the contrary I'd love to see it. Otherwise you're propagating an internet myth.
  So no, if you 0 everything, they really can't get the data back.
51. Re:Woah by ChrisA90278 · 2008-09-04 05:12 · Score: 1
  
  You don't have the shred the entire drive. I've seen security guys disassemble the drive and place each platter on a belt sander. Simply removing the coating is enough. Welding torches do a good job too. the coating come off with enough heat too.
  It all depends what's on the drive in most cases the over write the data 10 times with random data is "good enough" but with other types of data physical destruction is the only option. There are many, may agencies each with their own rules about this.
52. Re:Woah by lgw · 2008-09-04 07:58 · Score: 1
  
  If you have a *lot* of drives, it's easier and cheaper (per drive) to just buy an industrial metal shredder and be done with it. Think of the labor cost of disassembling a drive and belt-sanding it - that obviously doesn't scale.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
53. Re:Woah by lgw · 2008-09-04 08:01 · Score: 1
  
  Yep, 1 wipe with random data will protect you against anything but the resoruces of a major government, and even then it's pretty good.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
54. Re:Woah by home-electro.com · 2008-09-04 08:23 · Score: 1
  
  It's not that simple. I'm certain current drives already do not use just two levels to store bits at every position. It's more likely they use a lot more complex modulation scheme.
  To say that one pass of random write can be easily recovered means that you can ALSO double the capacity of the drive, in which case it would have been done by the drive's manufacturer. And THAT in fact has already been done, so in all likelihood one pass of zeros will be enough to stop anyone from recovering data.
55. Re:Woah by steelfood · 2008-09-04 09:13 · Score: 1
  
  The key is that you're wiping them with all 0's and all 1's repeatedly. If you wipe a drive with random data followed by patterned data followed by random data, you're pretty safe. And if you hold a magnet to the exposed platters themselves, you're almost guaranteed to get a decent wipe, though you'll also get an unusable drive afterwards. I know the military mandates a wipe of every classified drive with a high-powered magnet, but that might be with the platters still inside the casing.
  
  --
  "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
56. Re:Woah by Michael+Hunt · 2008-09-04 21:36 · Score: 1
  
  > When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously. (emphasis mine)
  
  If it was zero wiped, you'd see a meg and a bit of 0s. That said, if it's a floppy disk you're trying to wipe, the best way to go about it is a traditional low-level format, in which the drive mechanics physically remagnetise the surface of the media (this is the process which defines tracks and sectors.)
  
  Not a lot's going to survive that.
  
  --
  You're doing it wrong.
57. Re:Woah by Michael+Hunt · 2008-09-04 21:47 · Score: 1
  
  No, all that it infers is that doubling the capacity of the drive is physically possible, not that the requisite head assembly would be affordable (or, for that matter, fast) for a desktop disk. The sort of setup you need to do this level of disk forensics would get you several tens of petabytes of cheap SATA disk.
  
  --
  You're doing it wrong.
I can't be the only one on /.... by bistromath007 · 2008-09-03 12:03 · Score: 5, Interesting

...who took one look at this and thought "good."
1. Re:I can't be the only one on /.... by Anonymous Coward · 2008-09-03 12:27 · Score: 1, Funny
  
  No, I'm sure there are other criminals besides yourself on slashdot.
2. Re:I can't be the only one on /.... by kabocox · 2008-09-03 12:30 · Score: 1
  
  ...who took one look at this and thought "good."
  I did. I thought hmm, I'd want all the data loaded from a CF card that would be set to wipe if either an incorrect or emergency password were entered. Heck, you could even have a secure CF card that was guaranteed to wipe once its emergency code was sent. Basically, you've got to reformat and copy from another card if you want to reuse it. Or if you really want to go scifi you could have the card and phone turn to dust once the emergency code is entered.
  Heck, 8 GB flash cards should be more than enough to store all your average top secret spreadsheet/db files from whomever, unless you've got A/V that you need to protect. Then you've got to wait until 1 TB cards come out.
3. Re:I can't be the only one on /.... by Sockatume · 2008-09-03 12:35 · Score: 5, Funny
  
  Yeah, after the bean burrito special I really wish I could wipe remotely too.
  
  --
  No kidding!!! What do you say at this point?
4. Re:I can't be the only one on /.... by iceborer · 2008-09-03 12:36 · Score: 1
  
  Me and Vinny thinks it's great!
  
  Sent from my iPh
5. Re:I can't be the only one on /.... by Constantine+XVI · 2008-09-03 12:43 · Score: 3, Interesting
  
  Actually, if you slot a microSD card in a BlackBerry, you can set it up to encrypt the card along with the rest of the device, and it's scrubbed along with everything else if too many wrong passwords are entered in*
  *The password and encryption is done device-side, so it even works in Linux.
  
  --
  "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
6. Re:I can't be the only one on /.... by nine-times · 2008-09-03 13:01 · Score: 1
  
  Indeed. And this has very little to do with the remote wipe feature. If I have access to a laptop, I can wipe the data there, too. If police get access to my smartphone, they should be able to turn on "airplane mode" and prevent anyone from wiping it.
  In fact, it might be a bit suspect for them not to disable the wireless connection as their first act. Imagine if they confiscated your laptop and then immediately connected it to the Internet and left it connected. How could they claim to have secured any data from tampering either way if it's connected to the Internet?
7. Re:I can't be the only one on /.... by Anonymous Coward · 2008-09-03 13:22 · Score: 0
  
  I hope there is mob mentality when they find out the person doing this.
  I wouldn't mine kicking the shit out of a person who wiped my phone with all my personal info.
8. Re:I can't be the only one on /.... by Ilgaz · 2008-09-03 13:51 · Score: 1
  
  Just days ago, I tried so hard to explain why insecure smart phone can be the most evil thing and one can simply own your real life, identity with it. That happens on a technical site. I just couldn't explain to iPhone owners why their data or simply the smart device itself matters.
  There are also opposite camp of idiots who thinks running pirated antivirus with root access to their device is a security solution!
  I think the "phone" in "smartphone" confuses people. If they understand it is a mini laptop with excellent communications abilities which aren't found on their laptops, things would be easier.
  Since when did anyone pay $15.000 bill because their computer got infected by a virus? It is easy and possible on smart phones :) If one is fool/ignorant enough, it is even possible via WAP or J2ME!
9. Re:I can't be the only one on /.... by Anonymous Coward · 2008-09-03 15:40 · Score: 0
  
  I say we just take off and wipe the site from orbit. It's the only way to be sure.
10. Re:I can't be the only one on /.... by Anonymous Coward · 2008-09-03 21:28 · Score: 0
  
  I was looking at the Slashdot front page, and saw the summary for this article, and my immediate thought was "good!", and I wanted to make add that very comment to the discussion.
  When I clicked on the link to go to the comments, the first comment I see, and to which I am now responding, expressed my exact feeling, in exactly the manner in which I intended to express it : "good". (Actually, I was planning to write a comment that only had a single word : "good". However, I probably would have given in to a temptation to elaborate.)
  So, I'm glad I'm not alone in this sentiment. I don't like the fact that privacy will sometimes benefit people who have committed crimes, or sincerely intend to commit crimes, but privacy, even after the commission of a crime, and especially BEFORE the commission of any crime, should not be violated by the government, under any circumstances. Why? Because privacy is perhaps the only condition in which a person can think and behave in accordance with one's true nature. Any time there is even a chance (or one might say "threat") of a lack of privacy, a person's natural reaction is to behave differently, in order to present an image that will help that person thrive in the society in which he or she lives. One might call the gap between private behavior and public behavior a product of an unhealthy mental condition, or perhaps insincerity, or hypocrisy. But I disagree. I think people can be conscious of the perceptions of other people, or of a whole society, and choose to interact with other people in a manner that enables the individual to thrive in the community -- while continuing to live a private life with different ideals and beliefs.
  Society obviously benefits from entrusting and empowering some of its members with special powers to enforce the rules and ideals of that society. However, it seems that a majority of members of society don't recognize the value of a private life, or the threat that too much police authority might have on an "innocent" person's private life. I think that sometimes people don't recognize the value of a private life until their privacy is violated, in a manner that they hadn't anticipated or imagined. Also, I think that too many people don't comprehend how their own individual behavior would be subconsciously constrained if privacy is gradually eroded.
  I remember a story about a college-age student who left China to become an American citizen, and who cried in the middle of a college lecture when students argued with a professor, because that kind of critical debate, between students and professors, would never happen in China. That's in a classroom. However, in China, there is monitoring of Internet use, and possibly telephone conversations, etc. It's difficult to imagine the psychological consequences of being constantly monitored, especially when your own instincts and beliefs aren't "acceptable" by the system. One's brain must develop a kind of insanity to reconcile the seemingly obvious thoughts (like, people have the right to freedom of expression and the right to change their government) with the ones that are enforced by an oppressive system. Some people within the system claim to not feel oppressed, or they defend the system as being beneficial for all; however, I think they've simply adapted to their unhealthful environment.
  Anyhow, I hope the authorities become increasingly unable to violate privacy -- not because I want criminals to be protected or go unpunished, but because privacy is essential for the welfare of all human beings. Nothing justifies violation of privacy (or torture, for that matter, which is usually used as a method to violate one's most private realm -- one's own mind). There have been some developments with real-time brain scanning to determine basic mental status, for the purpose of lie detection, or stress level, etc, and I worry that this might lead to a new kind of privacy erosion. Suppose wearing a "thinking cap" became required at various types of jobs, to eliminate crime or to detect performance or productivity.
Good. by mactard · 2008-09-03 12:04 · Score: 3, Insightful

That just means the police need to work a little harder to make a case. It doesn't make it impossible though. The next hope is that they don't outlaw these devices or something. The Brits are a bit jumpy.
Criminals? by Anonymous Coward · 2008-09-03 12:07 · Score: 0

People concerned about THEIR data are wiping their phones.
They MAY be involved in criminal activity but are they criminals?
News At 11 by CastrTroy · 2008-09-03 12:09 · Score: 5, Funny

Criminals destroy evidence that could be used against them. News At 11.

--

Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
1. Re:News At 11 by Nymz · 2008-09-03 13:01 · Score: 3, Funny
  
  Let's give the 11 o'clock news some credit. I'm sure they would realize this is computer crime, and use the more accurate and appropriate term. "Hackers destroy evidence that could be used against them."
2. Re:News At 11 by Spy+der+Mann · 2008-09-03 15:24 · Score: 1
  
  And after commercial break: Criminals give new uses to existing technology! :(
3. Re:News At 11 by n3tcat · 2008-09-03 21:57 · Score: 1
  
  Well, it's on a phone. Perhaps the age of phreaking returns?
Good.-"/." on empty. by Anonymous Coward · 2008-09-03 12:10 · Score: 0

"That just means the police need to work a little harder to make a case. "
Care to be more specific?
"It doesn't make it impossible though."
Are you sure?
1. Re:Good.-"/." on empty. by Anonymous Coward · 2008-09-03 12:55 · Score: 0
  
  There is no imaginable scenario in which someone might be successfully prosecuted on the basis of something said, told, or threatened. Therefore, there is no imaginable scenario in which the contents of somebody's emailing phone could prove important in a prosecution.
2. Re:Good.-"/." on empty. by Anonymous Coward · 2008-09-03 13:29 · Score: 0
  
  .......... Wow. You've never heard of conspiracy, have you?
3. Re:Good.-"/." on empty. by KGIII · 2008-09-03 17:49 · Score: 1
  
  Err... How about kiddy porn on their phone?
  
  --
  "So long and thanks for all the fish."
4. Re:Good.-"/." on empty. by Anonymous Coward · 2008-09-04 03:23 · Score: 0
  
  I really hope that was a joke.
photos by bbdd · 2008-09-03 12:13 · Score: 4, Interesting

Don't forget to view the photos. I thought the photos were more interesting than the article.
http://software.silicon.com/security/0,39024655,39270417,00.htm
1. Re:photos by Samantha+Wright · 2008-09-03 12:19 · Score: 1
  
  Wow! An electronic nose that can smell incriminating information. We could replace the entire detective industry with these.
  
  "Has my wife been cheating on me, detective?"
  "Let's find out!"
  *waves electronic nose over computer*
  "No—but you've been falsifying information on your tax returns! Consider yourself under arrest."
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
2. Re:photos by Anonymous Coward · 2008-09-03 14:59 · Score: 0
  
  That suitcase can hold 300TB of data. Hard to believe, literally.
3. Re:photos by Statecraftsman · 2008-09-03 16:44 · Score: 1
  
  This is what I thought. Probably GB rather than TB but what's 3 orders of magnitude anyway. This is news!!
  
  OTOH, maybe there's a series of tubes in there.
4. Re:photos by Anonymous Coward · 2008-09-04 10:12 · Score: 0
  
  That article says there is 300TB of storage in that suitcase. Now I really want one.
Oh no... by VoltCurve · 2008-09-03 12:15 · Score: 0

God help us of the terrorists and evil doers find out about the Format command.
Well... by Spazntwich · 2008-09-03 12:25 · Score: 4, Insightful

If the only evidence the police have on said 'criminal' is a string of bits on his cell phone, they probably didn't have much of a case anyway, and likely shouldn't be arresting this criminal.
I genuinely hope small time 'criminals' continue getting these sorts of victories to the point that our police forces are forced to admit they have failed in the war on consensual acts between adults. The change certainly isn't going to come about while our various wars continue to make a tidy profit for those at the top.
1. Re:Well... by Sockatume · 2008-09-03 12:32 · Score: 1
  
  What about eBay scammers? Extortionists? Kidnappers? Somebody who just won't stop sending you a picture of their wang? In some cases communcations evidence can be very significant indeed.
  
  --
  No kidding!!! What do you say at this point?
2. Re:Well... by Sockatume · 2008-09-03 12:36 · Score: 1
  
  Heck, the article notes that smartphones are used by "enterprise", so that's corporate crime in there as well.
  
  --
  No kidding!!! What do you say at this point?
3. Re:Well... by Rix · 2008-09-03 12:43 · Score: 1
  
  I imagine police forces would have a lot more cooperation on those things if so many people weren't worried that they'd turn on them for smoking the wrong thing.
4. Re:Well... by pitchpipe · 2008-09-03 13:14 · Score: 1
  
  Somebody who just won't stop sending you a picture of their wang?
  What's wrong with a good Wang?
  
  --
  Look where all this talking got us, baby.
5. Re:Well... by Anonymous Coward · 2008-09-04 03:55 · Score: 0
  
  the war on consensual acts between adults
  Why do you assume that this is, and moreover could only be used in such a manner. "A string of bits" could very well be talking about $NEW_MOVIE from the pirate bay in which case many slashdotters would not care. Do you start to care if the 'string of bits' is corporate espionage? government espionage? A giant database of personal information about you?
  All these cases could even, depending on how the data was acquired even be considered to be 'consensual acts'
6. Re:Well... by indros13 · 2008-09-04 06:37 · Score: 1
  
  If the only evidence the police have on said 'criminal' is a string of bits on his cell phone, they probably didn't have much of a case anyway,
  Unless, of course, that string of bits says something like "April 18: Murder ex-girlfriend, 6pm"
  
  --
  Under capitalism man exploits man. Under communism it's the other way around.
Criminals Destroy Evidence on iPhones? by Dieppe · 2008-09-03 12:31 · Score: 2, Funny

...that could be used against them?
Honestly, if the only case the prosecution has is possible evidence on an iPhone, their case is pretty shaky to begin with. Do REAL WORLD investigation you Nazi-a-holes, not worry about virtual evidence that you might or might not be able to get to!
1. Re:Criminals Destroy Evidence on iPhones? by commodoresloat · 2008-09-03 20:21 · Score: 1
  
  Agreed; they make it sound like such a hardship and yet they can't even point to a single instance of a criminal ever actually doing this (plus they name an easy fix in the first few paragraphs of the article). Gee, guys, think how hard it must have been for investigators before iPhones, when they had to actually look for physical evidence and talk to complaining witnesses in order to document crimes.
Laptops and cell phones for the paranoid by davidwr · 2008-09-03 12:42 · Score: 2, Interesting
If you are really paranoid, you'll want your laptop or cell phone to:
- encrypt everything but the bootstrap code
- store part of the encryption key off-device, such as on a memory stick
- store part of the encryption key on-device and destroy it after a certain number of failed access attempts or after a specified time period since the last authorized access
- the on-device key could not be copied without tampering with the device
- tamper-resistant, preferably destroying the on-device part of the key if the device is tampered with or the battery removed
With this, only experts will be able to copy your device much less decrypt it, and they will have a limited time window to do the copy.
Such a phone or laptop would be good for crossing national borders or any other place where it is subject to search or seizure. If the border guards take it and try to copy it, they may give you back a brick, but at least they won't have anything useful.
Of course, this means you should have your irreplaceable data someplace else for safe-keeping. Think of your phone or laptop as a "convenience copy."
--
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Encryption by Boogaroo · 2008-09-03 12:44 · Score: 2, Insightful

Here's an interesting bit too. Looks like they try simple password protection breaking, but...

The team does not attempt to crack high-grade encryption, relying instead on the threat of a prison sentence for individuals refusing to hand over passwords or decrypted files.
1. Re:Encryption by Anonymous Coward · 2008-09-03 12:47 · Score: 0
  
  As been said previously, you wouldn't have to give up your passphrase or your key simply because they threaten you.
  I know I never will.
2. Re:Encryption by supernova_hq · 2008-09-03 12:55 · Score: 1
  
  Sir, we require that you give us information about your device so as we may incarcerate you!
  Nope, sorry, I plead the fifth.
3. Re:Encryption by philipgar · 2008-09-03 13:06 · Score: 1
  
  Uh, in the UK you can be forced to (http://yro.slashdot.org/article.pl?sid=07/10/02/1237215)
  
  phil
4. Re:Encryption by CodeBuster · 2008-09-03 17:47 · Score: 3, Informative
  
  Except that a Vermont judge recently ruled that password(s) contained in one's head are protected under the 5th Amendment to the United States Constitution. just like any other information in your head. It was discussed right here on Slashdot.
  As for threatening law enforcement officers: say nothing, know your rights, and keep your cool. The law enforcement officer is NOT your friend and you shouldn't speak to them or answer their questions. You have a right to remain silent and you should use it. BTW every attorney that I have ever heard opine on the subject has said that it is better to say nothing than to answer some of the questions but not others. Don't let them scare you into giving up your rights with their Gestapo crap. Remember, if they are questioning you, especially if they are threatening, then there is NO way that you are NOT going to be held (i.e. arrested) for a while anyway until the matter either goes before a judge or they have to let you go (48 hours max w/out cause before any attorney can force them to let you out), so don't be dumb and tip your hand right at the start. Also, remember that if you ever get your equipment back then you can never use it or those passwords again (who knows what bugs they may have planted before releasing it back to you). You basically have to wipe and start over on new hardware.
  Disclaimer: IANAL so if you find yourself in a situation like the one above find yourself one that you can trust and let them do the talking, but remember that the police are NOT your friends.
5. Re:Encryption by jimicus · 2008-09-03 20:38 · Score: 1
  
  Here's an interesting bit too. Looks like they try simple password protection breaking, but...
  
  The team does not attempt to crack high-grade encryption, relying instead on the threat of a prison sentence for individuals refusing to hand over passwords or decrypted files.
  Yep, the Regulation of Investigatory Powers Act gives them that power. If they believe you know how to get access to something that they can't (eg. you know a password), you are obliged to tell them or you face 3 years in prison.
  You'll note that the wording of the above paragraph turns "innocent until proven guilty" on its head. Furthermore, how on Earth can anyone prove that they have forgotten (or indeed never knew) a password?
  There was another clause to the effect "tell anyone that you've been coerced under this act and 3 year in prison becomes 5 years in prison" - I'm not sure what the exact wording was or even if that clause got passed though.
  Of course, if you're facing 3 years inside but giving the password would reveal evidence of crime which would get you 10 years inside, it's fairly obvious what the sensible course of action is.
6. Re:Encryption by Anonymous Coward · 2008-09-03 21:09 · Score: 0
  
  This is the UK though so no 5th ammendment.
  As others have said, RIPA compels owners to decrypt files. Note it does not say they have to give up passwords, just produce unencrypted data.
7. Re:Encryption by stewwy · 2008-09-04 00:52 · Score: 1
  
  Except that a Vermont judge recently ruled that password(s) contained in one's head are protected under the 5th Amendment to the United States Constitution. just like any other information in your head. It was discussed right here on Slashdot.
  As for threatening law enforcement officers: say nothing, know your rights, and keep your cool. The law enforcement officer is NOT your friend and you shouldn't speak to them or answer their questions. You have a right to remain silent and you should use it. BTW every attorney that I have ever heard opine on the subject has said that it is better to say nothing than to answer some of the questions but not others. Don't let them scare you into giving up your rights with their Gestapo crap. Remember, if they are questioning you, especially if they are threatening, then there is NO way that you are NOT going to be held (i.e. arrested) for a while anyway until the matter either goes before a judge or they have to let you go (48 hours max w/out cause before any attorney can force them to let you out), so don't be dumb and tip your hand right at the start. Also, remember that if you ever get your equipment back then you can never use it or those passwords again (who knows what bugs they may have planted before releasing it back to you). You basically have to wipe and start over on new hardware.
  Disclaimer: IANAL so if you find yourself in a situation like the one above find yourself one that you can trust and let them do the talking, but remember that the police are NOT your friends.
  yeah right but its not 48hours in the uk anymore.....you try keeping quiet for 42DAYS
8. Re:Encryption by mr100percent · 2008-09-04 05:40 · Score: 1
  
  Doesn't the UK have some sort of right against self-incrimination in testimony? Is it in the unwritten constitution?
9. Re:Encryption by jonbryce · 2008-09-04 10:11 · Score: 1
  
  Britain doesn't have a 5th Amendment. Instead it has the Regulation of Investigatory Powers Act, which requires you to tell the police your passwords etc under certain circumstances. And you are not allowed to tell anyone about it, not even your lawyer.
10. Re:Encryption by jonbryce · 2008-09-04 10:13 · Score: 1
  
  No.
  And anyway, an unwritten constitution isn't worth the paper it's written on.
Communications crime by Sockatume · 2008-09-03 12:44 · Score: 1

Given that we have crimes which are commited pretty much entirely via communications (eBay scams, 419 scams, harrasment, extortion, stock mischief, etc. etc.) should it be particularly surprising that some forensic scientists are interested in preserving the evidence that the communications took place?

--
No kidding!!! What do you say at this point?
Easily prevented by Peter+Simpson · 2008-09-03 12:55 · Score: 1

With this...http://www.lessemf.com/fabric.html
Worked on a project to handle just this problem. Shielding fabric allows you to view and manipulate the phone, while preventing it from connecting to the network. A standard anti-static bag works pretty well, too...just make sure you get a good inside-to-inside seal.
1. Re:Easily prevented by zygotic+mitosis · 2008-09-03 14:10 · Score: 1
  
  Maybe the cops should store their electronic evidence in a big Faraday cage. They have existed for ~150 years. Your fabric seems more elegant, but still. This problem has a quick and effective fix, and it will damn sure be easier than getting the telcos to change their technology for you. Unless you're the CIA.
Where is the iPhone's "remote wipe" feature? by Anonymous Coward · 2008-09-03 12:55 · Score: 0

Where is the iPhone's "remote wipe" feature?
1. Re:Where is the iPhone's "remote wipe" feature? by Anonymous Coward · 2008-09-03 19:21 · Score: 0
  
  Who cares? Steve Jobs can "remotely wipe" my ass before I buy any of his over-priced and locked down "fashion accessories for the discerning Starbuckser".
Time for the police to step up. by supernova_hq · 2008-09-03 12:58 · Score: 1

Personally, I'm sick and tired of the government and the police agencies bitching and complaining that they can't keep up with all this technology stuff. The criminals seem to be figuring it out just fine and they usually don't have forensics training.
It's time for the police departments to start hiring some technology professionals to work on tech related crimes and evidence instead of simply trying to outlay any device they can't open up and read like a book.
Bottom Line: You guys are being paid by the people to know how to deal with this kind of stuff, so DEAL!
1. Re:Time for the police to step up. by mandelbr0t · 2008-09-03 18:13 · Score: 1
  
  Right. The same technology professionals that cause most of the problems to begin with are going to get a job training the people who would catch them. But one can hope...
  
  --
  "Please describe the scientific nature of the 'whammy'" - Agent Scully
Encryption-Constitution. by Anonymous Coward · 2008-09-03 12:59 · Score: 1, Informative

"Nope, sorry, I plead the fifth."
The UK doesn't have the fifth.
1. Re:Encryption-Constitution. by Anonymous Coward · 2008-09-03 13:35 · Score: 1, Funny
  
  No fifth? Well give him a couple pints then, maybe they will loosen his tongue.
Tone by riceboy50 · 2008-09-03 13:05 · Score: 0

They make it sound like it's a bad thing that people are able to protect their privacy from authorities. It's getting to the point where every time the authorities say something supports criminals/terrorism that you can pretty much bet that's actually a Good Thing.

--
~ I am logged on, therefore I am.
Data Recovery Much? by SoapBox17 · 2008-09-03 13:12 · Score: 1

Are these guys terrible at their jobs, or do the iPhone and Blackberry come with a way to remotely execute "shred"? Most of the data that is remotely "wiped" should be perfectly salvageable....
1. Re:Data Recovery Much? by Anonymous Coward · 2008-09-03 13:18 · Score: 0
  
  actually the iphone does have a secure wipe mode that takes several hours to complete
2. Re:Data Recovery Much? by BSDevil · 2008-09-03 13:28 · Score: 2, Informative
  
  If you manually enable "Content Protection" on your BlackBerry, doing a Security Wipe will take on the order of hours, and will overwrite the data several times with different patterns to the point that it's not recoverable by anyone, even RIM (if you don't have that mode enabled, a Security Wipe will only erase user-specific information, and it would be relatively trivial to recover it).
  If you're on a BES (meaning your BlackBerry was issued and is controlled by your workplace), your BlackBerry administrator can enable this setting without your input though an IT Policy, and can remotely initiate a Wipe/Shred from within the BES control panel.
  
  --
  Cue The Sun...
3. Re:Data Recovery Much? by AndrewNeo · 2008-09-04 07:44 · Score: 1
  
  This reminds me of movies where a spy or the bad guy realizes they're noticed when their access gets locked out. Could you imagine working on your Blackberry, and all of the sudden, without notice, you're locked out for a security wipe? Hopefully your resume wasn't on it..
No different by ArchieBunker · 2008-09-03 13:19 · Score: 1

Than leaving incriminating notes or phone numbers written in a book. Instead of flipping through pages they dump your sim card. If you're going to do illegal things then don't leave anything tangible.

--
Only the State obtains its revenue by coercion. - Murray Rothbard
1. Re:No different by riceboy50 · 2008-09-03 17:46 · Score: 1
  
  I don't trust yours and the government's definition of incriminating.
  
  --
  ~ I am logged on, therefore I am.
I think by Anonymous Coward · 2008-09-03 13:40 · Score: 0

that you have been on windows for far too long and do not understand the meaning of envy.
We remote wipe our data in hands of criminals by Ilgaz · 2008-09-03 13:44 · Score: 3, Interesting

Sorry it sounds like a "In Soviet Russia" thing but it is true.
Symbian/WinMobile smart phones have tools to lock the handset remotely or in case of new Kaspersky antivirus/security or other 3rd solutions, you can remotely instruct phone to delete all personal data irrecoverably and lock itself. I am almost sure Blackberry, being an enterprise focused device must have similar option.
Once the Apple decided not to allow background running processes, they lost that possible solution. Not just they don't allow anyone to implement it, they don't implement it themselves too.
It is a completely fool safe thing. User sends a previously set SMS to device, device locks itself. Or in Kaspersky case, it doesn't just lock itself, it wipes its data and optionally transforms itself to a white hat (for you) rootkit/trojan and sends the number of first SIM card plugged to device to previously set number.
1. Re:We remote wipe our data in hands of criminals by nxtw · 2008-09-03 14:14 · Score: 3, Informative
  
  Symbian/WinMobile smart phones have tools to lock the handset remotely or in case of new Kaspersky antivirus/security or other 3rd solutions, you can remotely instruct phone to delete all personal data irrecoverably and lock itself. I am almost sure Blackberry, being an enterprise focused device must have similar option.
  Remote wipe is a feature of BlackBerry/BES and Windows Mobile/Exchange. No third-party software is needed, unless your phone isn't connected to a BES/Exchange server. When the phone receives the wipe signal, all data stored on the device will be wiped.
  The iPhone has remote wipe, but I don't think it has encryption of any of the content stored on the device.
  BlackBerry has content encryption and the latest Windows Mobile (6.1) has encryption for the entire user-writable storage area. The key is stored on the device, encrypted with a password. BlackBerry overwrites the key in RAM when the device is locked (that is, when the device is inactive for a certain amount of time or when it is placed in its holster); since WM's encryption operates at a lower level, the key does stay in memory while the device is powered on. Either way, cutting power to the RAM will erase the decrypted copy of the key. Both support encryption of storage cards as well.
  As long as the device is set to automatically lock itself out and there is no way to bypass the lock screen, there's not a whole lot you can do to a fully encrypted WM6.1 device without resorting to a RAM attack or finding a weakness in the implementation. Since the BlackBerry will erase the unencrypted copy of the key when the device is not active, it's secure against searching for the key in RAM, too.
2. Re:We remote wipe our data in hands of criminals by Anonymous Coward · 2008-09-03 17:47 · Score: 0
  
  The US Army use iPhones and develop specific software for it.. you can bet it's encrypted and that remote wipe works.
3. Re:We remote wipe our data in hands of criminals by mlts · 2008-09-03 18:57 · Score: 1
  
  I don't know about BES as much, but in Exchange, you can trigger the remote wipe function two ways. The user can do it by logging into Outlook Web Access (usually www.blarf.com/owa), hitting options, finding their device and selecting it to be wiped. The Exchange admin can also do it from the management console. You get a confirmation once the device is wiped, so you can delete the device from the "wipe as soon as it connects" list and repurpose if you recover it.
  Exchange's wipe works because the device periodically hits the Exchange server over a SSL connection. Here, the Exchange server can tell the smartphone/PDA/PocketPC to wipe itself. For someone to make a fake remote wipe, it would take spoofing both the domain name and URL of the Exchange server, as well as either compromising the SSL key of the IIS service or one of the top level root CA keys.
4. Re:We remote wipe our data in hands of criminals by Anonymous Coward · 2008-09-04 03:01 · Score: 0
  
  Correct but just a couple of things to add - the newer versions of BES as well as Nokia's management software (Intellisync, can manage other sorts of devices) have a feature that will tell the device to wipe the device if it has not successfully "called home" within a certain timeframe. So you can both wipe a device if it's on the network (gsm/cdma/wifi/usb to ip) or if it's NOT on the network...
  Oh and RIM has spent a significant amount of effort hardnening BlackBerry memory against all sorts of physical attacks including disassembly, EM side channel stuff, etc.
5. Re:We remote wipe our data in hands of criminals by Ilgaz · 2008-09-05 00:29 · Score: 1
  
  "The US Army use iPhones and develop specific software for it.. you can bet it's encrypted and that remote wipe works."
  So to get a secure iphone, you have to apply to marines and become a soldier?
  That is my point. All animals must be equal. Every byte of data which isn't part of device ROM is very private data. It doesn't have to be military secret. Your home number is equally private too.
Serious Fraud Office by Anonymous Coward · 2008-09-03 13:58 · Score: 0

" The UK police's Serious Fraud Office" as opposed to the Humourous Fraud Office, which goes around nightclubs catching and prosecuting bad comedians.
1. Re:Serious Fraud Office by meringuoid · 2008-09-03 20:42 · Score: 1
  
  " The UK police's Serious Fraud Office" as opposed to the Humourous Fraud Office, which goes around nightclubs catching and prosecuting bad comedians.
  The Humourous Fraud Office are mostly known as the people you call if you buy a pet which, when you get it home not half an hour later, turns out not to have been just resting at all, but in fact to be stone dead and nailed to the perch.
  
  --
  Real Daleks don't climb stairs - they level the building.
Next Step by MRB+Constant · 2008-09-03 14:09 · Score: 1

The next step is to demand evidence of business activity -- just to make sure no laws have been broken.
I love my Treo by Zorque · 2008-09-03 14:12 · Score: 2, Interesting

I have a program on there that'll reformat the hard drive and zero everything else out, as well as disabling the SIM card, if I text it a certain phrase. Of course, it isn't all that helpful if whoever gets ahold of my phone just turns the radio off or removes the antenna so it can't receive that message, but I guess I have to count on criminals not knowing much about PalmOS since it's apparently a dying platform or something.
1. Re:I love my Treo by tekrat · 2008-09-03 16:49 · Score: 1
  
  What program is that? (Link please).
  I love the idea of being able to program my phone to self destruct if needed.
  This way if my phone is ever stolen, I can immediately brick it.
  
  --
  If telephones are outlawed, then only outlaws will have telephones.
not even as newsworthy as what you ridicule by commodoresloat · 2008-09-03 14:29 · Score: 1

I actually RTFAd, and there's no evidence whatsoever in the article of criminals actually, you know, doing this sort of thing. It's a forensics expert saying that this cell phone feature "could be exploited by lawbreakers." Gee. And he even says it's not a big problem if it actually ever does happen as it's easily countered by any forensics shop: "He added the unit took precautions to guard against the feature being exploited. 'Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem,' he noted." The whole story is pretty empty, a little bit of whining about how new technology is making their jobs tougher, but that's about it.... Welcome to the 21st century.
Though fucking noogies by Pig+Hogger · 2008-09-03 14:36 · Score: 1

It seems that law enforcement sees itself as more and more godlike when it comes to assume power over mere mortals they are investigating. This arrogance has to be stopped dead, because if left to themselves, they will expect total compliance and disclosure upon request to anyone without any safeguard whatsoever against abuse.
We have to resist indomitably, in order to drive the point home that our information is not a plaything to be rummaged through at will; if the administration of justice suffers for it, better let a criminal escape than harass an innocent.
1. Re:Though fucking noogies by hyades1 · 2008-09-03 16:01 · Score: 1
  
  Have you reached the point yet, as I have, where the next person who says, "If you aren't doing something wrong, what are you afraid of" is liable to get a quick kick in the arse in lieu of an extended lesson in civics, freedom, rights and responsibilities?
  
  --
  I've calculated my velocity with such exquisite precision that I have no idea where I am.
2. Re:Though fucking noogies by Pig+Hogger · 2008-09-03 16:52 · Score: 1
  
  For more than thirty years I have endured my sheep of parents getting shafted left and right, and whenever I wanted to point out they were shafted and that they happenned to have right, I was laughed-off.
Your phone is a honeypot. by AHuxley · 2008-09-03 15:41 · Score: 1

A quick history lesson.
Most of the UK's 'cell' tech came from ex Government Communications Headquarters workers.
It was designed on the lessons learned by the UK gov in 1970's in Ireland.
Interception, tracking, impersonation.
The idea that the UK gov ever lost this 'network' is really lol.

The work and deaths of Adamo Bove, head of security at Telecom Italia
and Costas Tsalikides, Vodafone's network planning manager in Greece,
show that all aspects of cell phone use are wide open to all.

--
Domestic spying is now "Benign Information Gathering"
cover up? by Anonymous Coward · 2008-09-03 16:06 · Score: 0

Any other tin-foil-hatters think maybe the cops are really the ones doing the wiping to cover up their tracks? Then just tell everyone it's the criminals and nobody's the wiser.
Alright, I think I need to crawl back into the basement now...
I wish I could've said it was erasable... by Anonymous Coward · 2008-09-03 16:30 · Score: 1, Interesting

I worked at a high school that was administering standardized tests--standard procedure is that cameras and phones stay in backpacks to keep students from leaking the exams. Makes sense.
Turns out a few students are so phone addicted they put their phone in their pocket, ask to use the bathroom, and whip the phone out the second they enter the hall. The phones were quickly confiscated by a hall monitor.
Being the school's sysadmin, there was insistence that I check every one of these confiscated phones for evidence of trying to leak exam information--page pictures, text messages, etc. Of course, I found nothing.
I explained that, IF the students were in fact doing this, they could easily delete any evidence they were leaking information--picture archive and sent-messages folder. I was looked at as if I had grown a third nipple--I might as well have been speaking Farsi.
BTW, there's a feature I want in a camera phone. Upon pressing one key, the camera phone commits to taking a picture and immediately e-mailing it to a predetermined e-mail address. That way, should a person/police officer take the phone or swat it out of your hand, it's too late, unless they can physically break the phone or remove the battery within the 3 seconds the picture takes to send...
Oh noes! There goes my tinfoil hat industry! by Mathinker · 2008-09-03 17:39 · Score: 1

And "Stainless steel mesh shielding fabric hat" just doesn't have the right ring to it; it sounds too woody, not tinny enough!
(More seriously, thanks for the link; I might buy some of this stuff when my passport gets chipped...)
Does the iPhone us a HD? No, then your are an idio by SmallFurryCreature · 2008-09-03 21:57 · Score: 1

Shred is for HD's, not flash. Learn the difference. It seems you are terrible at your job if you do not know the difference.

--

MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Degaussing by RogL · 2008-09-04 00:29 · Score: 1

Great example! A vivid (if slightly damaging) real-world example.
It's been a while since I learned about CRT deflection coils, and demonstrated my new-found knowledge to my siblings by making pretty patterns with a magnet held up to my parent's TV. I still remember the horror when I removed the magnet and the wild colors didn't go away...
And that's why you don't fix it with another magnet: you buy/beg/borrow/steal or build a degaussing coil and demagnetize it. Which may take a few tries if you've never done it before.
Foil by Joeyspecial · 2008-09-04 01:04 · Score: 1

The idea made me curious. I just wrapped my phone (mobile) in a rather large ball of aluminum foil. I then called it. Err... It still rang. I don't have any scientific evidence to say why, how, or all that but it rang. I obviously couldn't answer it.
No no no, you have it wrong. You are supposed to wear the tin foil hat on YOUR head.
Good, I'm tired of hearing cops complain by gelfling · 2008-09-04 01:14 · Score: 1

that the world isn't completely a police state, yet. Let them figure out how to fix their 'problem'.
Hmm - next feature set??? by GuyverDH · 2008-09-04 01:21 · Score: 1

Automatic wipe when certain *signals* aren't received periodically???
Maybe the crooks already thought of it...
If not - don't read this - my idea has been stored in printed form, in a sealed mason jar, under the front porch.

--
Who is general failure, and why is he reading my hard drive?
Highly specialized knowledge by Minwee · 2008-09-04 02:23 · Score: 1

Foggon believes that the unit's years of experience in unearthing evidence from everything from 186s to MacBooks will mean it will have a key role to play in any central UK e-crime policing unit.
186s? That will come in very handy if they happen to catch a criminal mastermind happens to be carrying around a BBC Master 512, Tandy 2000 or Wang Office Assistant in his pocket.
1. Re:Highly specialized knowledge by Hatta · 2008-09-04 02:58 · Score: 1
  
  I've got a Wang Office Assistant in my pocket. Want to see?
  
  --
  Give me Classic Slashdot or give me death!
White paper on date deleting & recovery by BigGar' · 2008-09-04 03:35 · Score: 2, Informative

Since every time something like this comes out all kinds of FUD pops up about data erasure, etc...
A classic paper on secure data deletion & recovery:
http://www.cs.cornell.edu/people/clarkson/secdg/papers.sp06/secure_deletion.pdf
Enjoy

--

Shop smart, Shop S-Mart.
How? by mr100percent · 2008-09-04 05:34 · Score: 1

That makes me curious, is there any way to remote wipe an iPhone without being part of the Enterprise program? (You can wipe it on the iPhone settings menu itself already)
that's even more ambiguous by Anonymous Coward · 2008-09-04 05:40 · Score: 0

the word 'hacker' is even more ambiguous than the word 'criminal.' Why would this be to the evening news' credit...? ... oh hahaha, that was a "whoosh" fake out. sorry, not handing them out for free today!
And according to the article... by LittleMolar · 2008-09-04 07:02 · Score: 1

"Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem"
Sounds like they have the problem under control. Still must be a slow news week.