Slashdot Mirror

← Back to Stories (view on slashdot.org)

Criminals Remote-Wiping Cell Phones

Posted by samzenpus on from the this-phone-will-self-destruct dept.

An anonymous reader writes "Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."

7 of 191 comments (clear)

  1. Re:Woah by blueg3 · · Score: 4, Informative

    You have to use something like squid, but it's because of magnetic hysteresis. (I could explain, but Wikipedia is pretty acccurate.)

    It's possible in theory, but in practice, it's technology that law enforcement doesn't have access to.

  2. Re:Woah by khellendros1984 · · Score: 5, Informative

    Magnetism is an analog property used to store digital information. A bit can be wiped so that a standard detector would read it as a zero, but the bit may be legible by a more sensitive detector.

    For instance, say that anything above "0.5" (half of the full possible theoretical strength of the magnetic field there) is a 1, and anything below is a 0. Maybe, the drive would actually write "0.9", which would be correctly interpreted as 1. If that number was blanked, maybe it becomes "0.3"....low enough to be a 0, but maybe another detector could tell the difference and know what the original value was.

    --
    It is pitch black. You are likely to be eaten by a grue.
  3. Re:Woah by Constantine+XVI · · Score: 4, Informative

    Go to Options-Security Options-General Settings. Enable password and content protection. Set the security timeout and password attempts to your preference. Now, when the timeout expires (X minutes after you stop hitting buttons) or you hook it to a PC, it asks for a password. If someone types in the wrong password Y times (10 is default, but you can go lower), it forces a reboot, and scrubs down the memory, which takes 20 minutes to an hour.

    To force the scrub, go to Options-Security Options-General Settings. Click the menu button, select "Wipe Handheld", type blackberry.

    Send me a PIN message at 244EB7DA if you need a hand.

    --
    "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
  4. Re:Woah by Constantine+XVI · · Score: 5, Informative

    PS: For remote wiping, you need to be on a BlackBerry Enterprise Server (BES), which usually means your BB is company-issued. If you need it nuked, call up your admin and ask him to trigger the remote wipe. Keep in mind that the BES can (and usually does) track anything and everything that happens on a BES-connected BB, so a wipe will do nothing to hide things from your company.

    --
    "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
  5. Re:Woah by lgw · · Score: 5, Informative

    Modern hard drives pack bits *very* densely. The bits overlap by a large amount. The technology to determine whether a bit is 1 or 0 by calling everything above 0.5 a "1" is already necessary to read the bit *normally*. Writing random data to the drive is enough to make any active sectors unrecoverable.

    However, modern drives have a huge count of spare sectors, and sectors get retired constantly, and there's no way to wipe those with normal reads and writes. So there's a random sampling of everything you've ever written stored in the retired sectors of a hard drive, and no in-band way to wipe those sectors.

    The is why the government standard for hard drves that have ever contained classified information is to shred the hard drive so that the pieces fit through a 1mm sieve. Of course, in reality, the government is just as likely to sell the drives unwiped on Ebay, but that's bureaucracy for you.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  6. Re:First POST by Karlt1 · · Score: 4, Informative

    Yeah, that would be useful. How do you do that on an iPhone? I thought that the lack of that feature was one of it's problems for Enterprise.

    It was added as part of the 2.0 firmware upgrade.

    http://www.apple.com/iphone/enterprise/

    eatures include:

            * Push email
            * Push contacts
            * Push calendar
            * Global Address List (GAL) support
            * Certificates and identities
            * WPA2/802.1X
            * Enforced security policies
            * Cisco logo More VPN protocols
            * Device configuration
            * Remote wipe

  7. Re:Woah by piojo · · Score: 4, Informative

    Does anyone know, off-hand, a way to query a sata disk for at least a count of how many sectors have been re-allocated, if not an actual map of them?

    In linux, you can use smartctl (from smartmontools, I think)--
    smartctl --all /dev/sda, and look for "Reallocated_Sector_Ct" in the output.

    --
    A cat can't teach a dog to bark.