Slashdot Mirror
Criminals Remote-Wiping Cell Phones
An anonymous reader writes "Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."
...who took one look at this and thought "good."
When I took my computer forensics class they showed that you could use a hex editor on a zero wiped floppy disk and recover most of the data that was on it previously.
We had a guest speaker that told us some of what he does, he's a forensic analyst that pulls information from drives in criminal cases. He said that it takes somewhere around 72 hours to read a decent sized drive and costs around $10k to get it done.(It's been a few years so the details are fuzzy but that sounds about right)
But he wasn't too specific on what tools they use etc. Something around 10 full wipes is easy enough to recover the original data but if you write over it and delete actual data it becomes more corrupted and harder to get back than just all 1 then all 0.
you can't easily pop those things open and mount the custom flash chip into some universal adapter
Very very few devices use custom flash chips. The iPhone uses off the shelf standard flash memory chips. And in addition to readers that require the removal of the chip, there are units that have cables with clips that just attach right to the chip in the (powered off) device and can pull the data straight off.
And yes you can pop them open pretty easy. Some ipods are harder to open than an iPhone.
I work for the Department of Redundancy Department.