Mobile 'Remote Wipe' Thwarts Secret Service

bennyboy64 writes "Smartphones that offer the ability to 'remote wipe' are great for when your device goes missing and you want to delete your data so that someone else can't look at it, but not so great for the United States Secret Service, ZDNet reports. The ability to 'remote wipe' some smartphones such as BlackBerry and iPhone was causing havoc for law enforcement agencies, according to USSS special agent Andy Kearns, speaking on mobile phone forensics at a security conference in Australia."

Re:Secure wipes?

[Anonymous Coward]

Are they secure wipes or can data still be gleaned?

I don't know about iphone, but blackberry wipes securely. The blackberry platform has been tested, audited & certified by many government & private agencies:

http://na.blackberry.com/eng/ataglance/security/certifications.jsp [blackberry.com]

The iphone has been tested, audited & certified by... nobody.

But there is one advantage to the iphone - since you can't take out the battery, it remains on the network for a longer time to receive the wipe signal.

Re:Secure wipes?

[fuzzyfuzzyfungus]

Depends on the phone model, I suspect.

My understanding is that the accepted "proper" way to do it is to have all the user-relevant data on the phone stored in encrypted form, with a stored key making it transparently accessible. That way, when the "wipe" command comes, you just have to nuke the key, which takes mere moments, rather than a potentially quite large block of Flash, possibly hiding behind one or more controller chips that are abstracting things, and remapping, and doing other stuff that interferes with your ability to wipe the data hard enough to resist an adversary willing to physically inspect the memory chips, or even a raw dump of their contents.

If a phone implements that correctly, any three-letter-agency without a magic quantum computer stolen from the Greys isn't going to be able to do much about it. If there is some nasty flaw in their implementation, or if they use an inferior system of some sort, it is quite possible that fairly trivial attacks will reveal most or all of the information.

Re:Aww..

[Anonymous Coward]

It protects our privacy..

That is a good thing. Our freedoms are much more important than the life of a politician, king, or anybody else. Like Bary Goldwater, I take a very hard line. "Extremism in the defense of liberty is no vice..."

Remote wipe requires remote signal, yes?

[DdJ]

As I understand it, doing any of the following should be able to prevent a remote wipe from happening:

* put it into "airplane mode"
* remove the SIM (assuming GSM with no wifi)
* remove the battery

If you need the SIM or battery to get the data off the device, you can then take it to a faraday cage and put the SIM or battery back in once you're sure no signal can get to the phone. Yes?

Anything that protected against these "attacks" would also make it so the phone's user couldn't access their data when the signal strength was sufficiently poor. Which some folks might choose as their configuration, but then they're open to a new kind of denial-of-service attack.

Remote wipe is useful when you want to prevent a random schlub (eg. pickpocket, guy at bar) from getting data off a randomly-acquired phone (eg. "iPhone HD"). I do not think it's useful for preventing a professional with intent from getting data off a phone they're targeting specifically because of its data. Am I wrong?

Re:Aww..

[Chris Mattern]

Because they want to keep it in an unchanged state until it can be handed to the forensics techs. Turning off the power will wipe anything in the ram. Now they have to make the decision to kill the power or risk a remote wipe.

Or they can have Faraday cage boxes made up and pop the phone into a box as part of the standard procedure of picking it up. Putting the phone into a locked box as soon as it's picked up is good for the evidence chain anyways.

Re:from the cry-them-a-river dept.

[maxume]

It's a bit much to read that as a blanket anti-law enforcement comment, it simply means that Taco feels that the law enforcement needs of the Secret Service are subordinate to his right to secure his possessions.

Proper procedure

[cdrguru]

Well, if they followed proper procedures, this wouldn't be a problem.

Walk around the exhibits at any forensic conference and you will see a variety of devices for making sure this does not happen. You can use any of them - they all work. Anything from the Paraben "tent" to the HTCI "glove box". The idea is that you put the phone into a shielded container where you can operate on it to collect evidence.

When the phone is collected you have the choice: either remove the battery or put the phone into a shielded bag. No special shielded bags handy? Then you have to remove power and hope the phone doesn't lock itself. Don't want to deal with a locked phone? Get some shielded bags then.

This isn't a real problem with phones, it is a real problem with having the right knowledge and procedures. It shouldn't even be a matter of training anymore.

Re:Secure wipes?

[natehoy]

You've always had multitasking and background processes of stuff Apple writes into the OS. It's third-party apps that don't allow multitasking.

Plus, if the phone is being wiped, I don't think any other processes are going to be running. :)

Re:Proper procedure

[natehoy]

My Blackberry locks itself after 15 minutes of non-use. The key to decrypt the data on the phone is itself encrypted by the password (8 characters minimum) that I use to unlock the phone. Screw that password up ten times and the phone wipes. It also locks itself on power-up.

About the only real option would be to either have someone press a button on the phone every 10 minutes (assuming it's not already locked when taken), which would be a real trick when the thing is in a Faraday cage or bag.

The very same things that make the Blackberry and newer iPhones attractive to businesses (and Government agencies, for that matter) are what make it undesirable from a forensics point of view. These things are designed so they can be configured to be extremely paranoid, and are very tough to crack.

And therein lies the problem. If you allow your citizens their own security, you can't see everything they do, and that makes it harder to catch the wrongdoers. If you want absolute information to catch wrongdoers, perhaps a democratic republic with constitutional protection of its citizens is not for you.

Re:Aww..

[Anonymous Coward]

Here's an interesting case where government cops entered the wrong house (therefore an illegal warrantless search) to do a drug raid.

Not true. Read the article you linked to. There was a warrant issued for that house. The warrant was based on complete BS though - an uncorroborated unidentified confidential informant claiming that large amounts of drugs were in the house.

Of course there were no drugs at the address (again: wrong house),

Not true. Read the article you linked to. A tiny amount of drugs was found, which would have rated a $50 fine under applicable law.

Re:Aww..

[Fulcrum of Evil]

And hiding in the bedroom can be seen as attempting to avoid a deadly confrontation. Killing the intruder when he backs you into a corner is then the action of last resort.

Re:from the cry-them-a-river dept.

[Anonymous Coward]

I do not believe that the Service suffers a poor track record regarding extralegal searches as does INS and some other agencies.

Steve Jackson Games [wikipedia.org] would disagree.

Re:Aww..

[barberousse]

You have your history all messed up. The United States Secret Service [wikipedia.org] was formed in 1865. The SS [wikipedia.org] from WW2? 1925.

Re:Aww..

[aunticrist]

Depends on where you live, but most places that even have conceal and carry also have a fun thing called the Castle Doctrine, which means no lawyer can come close to successfully arguing your point above. In fact, if you retreat to the furthest part in your home and have to wait there to defend yourself, and end up doing so, most states with the CD will rule it a clean kill after an investigation and you can go on with your life.