Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Teaches iPhone Forensics To Police

Posted by samzenpus on from the strange-bedfellows dept.

Ponca City, We love you writes "The Mercury News reports that former hacker Jonathan Zdziarski has been tapped by law-enforcement agencies nationwide to teach them just how much information is stored in iPhones — and how to get it. 'These devices are people's companions today,' says Zdziarski. 'They're not mobile phones anymore. They organize people's lives. And if you're doing something criminal, something about it is probably going to go through that phone.' For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it. Savvy law-enforcement agents armed with search warrants can use those snapshots to see if a suspect is lying about whereabouts during a crime."

12 of 193 comments (clear)

  1. Re:iPhone secret screenshots? by Ethanol-fueled · · Score: 4, Funny

    Haw. If you're gonna rob a bank or burglarize a home, why not do it in style?

    Envision a crook trying to scream at the clerk to empty out the register while pausing to say, "Hold up, I gotta take this call..." Or instructing his getaway driver, "Turn left here....um, right here...oh, Mike just broke up with Jen...turn left here, exit 95..."

    Compartmentalize, crooks. Compartmentalize.

  2. Re:iPhone secret screenshots? by auntieNeo · · Score: 4, Insightful

    "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

    I'm guessing it does that because when it opens it wants to look just as spiffy as it looked when the user closed it, and it can't do that if it has to re-render the map from scratch.

  3. Criminals usually aren't very smart by Sycraft-fu · · Score: 5, Insightful

    Most smart people find other work for two reasons:

    1) When you are smart, you have options. Smart is a talent people want, particularly practical smarts of the problem solving nature. So you find that when you have that, you have options of where to work and what to do. Makes crime less attractive.

    2) Smart people can better understand the consequences for crime, and the likelihood of getting caught especially on repeated attempts. So even if crime is tempting, they don't do it because they are smart enough to think ahead and realize it isn't worth the risk over all.

    Most criminals are just not that bright. A friend of mine has worked with the public defender's office and the stories he has of the stupid criminals they try to defend and just amazing. They get caught and busted by their own stupidity more than anything else. They love to run their mouths to the police, they never plan their crimes, etc, etc. More or less the only time they were able to get someone off the hook was when the police made a mistake. Otherwise, the criminals sunk themselves.

    1. Re:Criminals usually aren't very smart by Sycraft-fu · · Score: 4, Insightful

      Guess what? We've got a pretty good idea how many crimes are committed where people aren't caught. People tend to report crimes, especially big ones. Turns out there are not tons of profitable crimes begin committed where nobody is caught for it. Most of the stuff that goes unsolved is minor things, because it doesn't get much attention, and one off things, like crimes of passion. Go look it up, the US DOJ has all the stats you could want.

      Also crime does not pay better than legit work in any significant way. A popular myth, but a myth. Steven Levitt did a great analysis on this that I encourage you to read. What people also think about when they talk about that is drug lords. You are right, the top drug lords make a lot of money... But then so do the top business executives and there are a LOT of those. The people at the top make a lot, this is true regardless of what you are talking about. However it also turns out the people at the bottom don't make much. The low skill people slinging drugs on the corner make shit.

      There actually is a reason that there needs to be repeated attempts. Unless you commit a really profitable crime, you are going to need more money at some point. I mean suppose you want to maintain a lower middle class lifestyle. You say you want to be able to live like someone who makes $40,000 a year. To pull that off, you'd need to net about $2-2.5 million dollars to be able to pay your taxes on it (and you'd better pay taxes, lifestyle that doesn't match with taxes is a prime way people get caught) and save enough to live off of for the rest of your life. Well that's a hell of a lot to steal in one go, and you then have to be frugal. You have to live that $40k/year lifestyle, no living like a rich person. This is also assuming you could invest the money so that inflation didn't eat it up.

      You want to live a high class lifestyle? Well that figure increases rather sharply. Turns out it just isn't easy to get that much money in a single incident. Goes double since most things you might think of would require multiple people, all of who want a piece of the action and each which is an additional risk.

      Robbing a house or a bank won't do the trick, don't even talk about kidnapping for ransom (the FBI has closed 100% of kidnapping for ransom cases), drugs are a continuing operation, etc. Not easy to find that big haul that you can get at, get away with, and then live off of.

  4. Gadgets are not trustworthy.. by xtal · · Score: 4, Interesting

    Nobody would ever be clever enough to generate false data.. for an iAlibi? ..or clever enough to hack into and plant incriminating evidence? (not that there's ever been a security breach!)

    --
    ..don't panic
  5. Re:iPhone secret screenshots? by Graff · · Score: 4, Informative

    "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

    It's called caching. When an iPhone application switches to another application it can quickly store an image of the app's current state. When the user switches back it displays that image while the real view is being built. That way the user gets an immediate view of the last state of the app rather than having to wait around for that state to be re-built.

    Your desktop computer's web browser (and many other programs and devices) does the same thing, it stores data for quick access and responsiveness. You'd be surprised at just how many devices use this technique, the iPhone is far from the only device to cache data.

    It's a smart technique but yeah, if you're committing crimes then too bad for you. I'd suggest that maybe you shouldn't be using ANY electronic device during a crime that you don't completely understand what data it sends and stores and how to deal with it before it becomes evidence.

    --
    Sapere aude!
  6. Re:More good resons for not buying a iPhone (iSpy) by phantomfive · · Score: 4, Insightful

    I'm not a lawyer, but as far as I can tell, those laws apply to remote data gathering, not storage on your own computing device. Otherwise every program that caches something would be illegal.

    --
    Qxe4
  7. Statistics, motherfucker. Can you do it? by Hognoxious · · Score: 4, Insightful

    .. he discusses the story of Christopher Langan, a man who ended up working on a horse farm in rural Missouri despite having an IQ of 195 (Einstein's was 150).[2] Gladwell points out that Langan has not reached a high level of success because of the environment he grew up in.

    Do ALL people who work on horse farms have an IQ higher than Einstein's? Or is it just most of them? Or is he just basically a freak case that proves nothing?

    I guess you grandfather smoked 80 cigarettes a day since he was 12 and he got run over by a truck one day short of his 120th birthday while training for a marathon.

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  8. The iPhone is Not Your Friend by Nom+du+Keyboard · · Score: 4, Interesting

    Your iPhone is clearly not your friend, and this isn't the only story about why today. It's the fink waiting to rat you out at the first opportunity. Go look up the new Safari html 5 database tracking that uniquely identifies you to advertisers. Until the phone comes with strong enough encryption to defeat this hacker in addition to remote wipe that truly wipes the phone, you shouldn't be sleeping too well at night, courtesy of Mr. Steve Jobs.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  9. Re:iPhone secret screenshots? by BasilBrush · · Score: 5, Insightful

    You're both right. It only keeps one image - it's called Default.png. Yet it's possible multiple versions could be retrieved if the file's data blocks on the flash disk have not yet been overwritten by another file.

    Point is: iPhone is doing nothing nefarious, secretive or underhand, as some here would love to imagine. Yet forensics could discover more than a person might first imagine.

  10. Re:iPhone secret screenshots? by BasilBrush · · Score: 4, Insightful

    It's not an early morning and a lack of coffee that's not allowing you to explain yourself. It's the fact that you are voicing your hatred rather than a rational viewpoint. There absolutely nothing related to a walled garden here. It's a cache, pure and simple, and it's documented. Even free software uses caches.

  11. Re:WTF? by ScrewMaster · · Score: 4, Insightful

    The meanings of words change, deal with it. In popular usage, hacker means someone who does illegal things with computers. I don't care if that wasn't what it was supposed to me, that is what it means. You have to deal with that in terms of common usage.

    The Hell I do. Every sub-group in a complex culture has its own terminology, its own private vocabulary, its own jargon. Doctors do, lawyers do, mechanics do, soldiers do, programmers do ... and I feel perfectly free to use the term "hacker" as it was originally intended when communicating with a group of largely like-minded individuals (like here, on Slashdot.) You either learn to communicate on our terms, or find another site that habitually uses the more common usage.

    It is silly to get all overly pedantic about it because it accomplishes nothing. You have to accept that languages are living things, and usages change.

    Sure it does, it accomplishes quite a lot, in fact. When people who regularly interact use certain words to mean certain things, to use as verbal shortcuts, it can enhance their communication. An outsider may find that confusing, but that's irrelevant ... either that person learns the jargon, or stays confused. In this case, you comprehend the true meaning of "hacker", but you just want all of us to use the corrupted popular term, one that you find more appealing.

    Thing is, there's no reason whatsoever that we should. I will continue to use the term "hacker" to mean someone who lives, eats, and breathes technology, and is always trying to push the limit, to see if he can make another hacker who is at least as good as he himself is say, "Whoa. Now that is cool."

    The popular media can go on about "evil" hackers trying to breaking into banks and classified military installations, but those of us who know better call such people what they are: criminals.

    --
    The higher the technology, the sharper that two-edged sword.