Mobile 'Remote Wipe' Thwarts Secret Service

bennyboy64 writes "Smartphones that offer the ability to 'remote wipe' are great for when your device goes missing and you want to delete your data so that someone else can't look at it, but not so great for the United States Secret Service, ZDNet reports. The ability to 'remote wipe' some smartphones such as BlackBerry and iPhone was causing havoc for law enforcement agencies, according to USSS special agent Andy Kearns, speaking on mobile phone forensics at a security conference in Australia."

Aww..

[Jaysyn]

My heart bleeds for these guys. Really, it does.

Re:Aww..

Cool, I love photography!

Re:Aww..

[daid303]

I might have been playing to much Commandos, The Saboteur, Wolvenstein and Day of Defeat. But when you say S.S. I think about a whole different kind of 'cop'.

Scary enough, you see them the same way as the original S.S. was seen by the public many years ago.

Gist of the story

[thesaurus]

If officers don't follow evidence procedures correctly, evidence gets screwed up. And it doesn't happen very often.

"Sometimes you'll get a cellphone that comes in that is wiped, [but] it's not all that common," he said. Agents were trained to incapacitate devices, but Kearns cautioned that not all enforcement agencies had the same knowledge.

from the cry-them-a-river dept.

[syrinx]

So the Slashdot groupthink's anti-law enforcement stance has extended to the Secret Service now? Which part are we in favor of: counterfeiting money or assassinating the president? Personally I'll go ahead and take a bold anti-counterfeiting/anti-assassination position and say that this is a bad thing.

Re:from the cry-them-a-river dept.

[bzzfzz]

I think most Slashdotters will agree that the Service is well within their rights to perform forensic analysis on any device that they obtain during a lawful search, whether conducted under a warrant, incidental to an arrest, or based on probable cause. I do not believe that the Service suffers a poor track record regarding extralegal searches as does INS and some other agencies.

On the other hand, the availability of an effective "remote wipe" of a personal device is a rightful means of exercising freedom.

It's about balance.

Re:Secure wipes?

Are they secure wipes or can data still be gleaned?

I don't know about iphone, but blackberry wipes securely. The blackberry platform has been tested, audited & certified by many government & private agencies:

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

The iphone has been tested, audited & certified by... nobody.

But there is one advantage to the iphone - since you can't take out the battery, it remains on the network for a longer time to receive the wipe signal.

Re:Proper procedure

[natehoy]

My Blackberry locks itself after 15 minutes of non-use. The key to decrypt the data on the phone is itself encrypted by the password (8 characters minimum) that I use to unlock the phone. Screw that password up ten times and the phone wipes. It also locks itself on power-up.

About the only real option would be to either have someone press a button on the phone every 10 minutes (assuming it's not already locked when taken), which would be a real trick when the thing is in a Faraday cage or bag.

The very same things that make the Blackberry and newer iPhones attractive to businesses (and Government agencies, for that matter) are what make it undesirable from a forensics point of view. These things are designed so they can be configured to be extremely paranoid, and are very tough to crack.

And therein lies the problem. If you allow your citizens their own security, you can't see everything they do, and that makes it harder to catch the wrongdoers. If you want absolute information to catch wrongdoers, perhaps a democratic republic with constitutional protection of its citizens is not for you.