Advertisement
Promo

Security threats Toolkit

iPhone's remote wiping may help crooks cover tracks

Nick Heath silicon.com

Published: 03 Sep 2008 08:33 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Criminals can remotely destroy incriminating evidence by exploiting security features on the Apple iPhone, a leading digital-forensics expert has warned.

The head of the Serious Fraud Office's digital forensics unit, Keith Foggon, cautioned that the ability to remotely wipe the iPhone and other smartphones used by enterprises could be exploited by law-breakers.

Foggon said: "The iPhone 3G is brand new, there are not many tools for dealing with it and it can be remotely wiped. It's a bit like the BlackBerrys, where users can carry out remote deletion."

He added that the unit took precautions to guard against the feature being exploited. "Because we isolate the devices immediately and never reconnect them to their network, the remote-wiping capability does not present us with much of a problem," he noted.

The 21-strong unit, which hunts out incriminating evidence from crime scenes, uses a number of hi-tech tools to get the sensitive data needed by the police to build a case. Advanced forensics tools, such as the Logicube CellDEK, allow the forensics organisation to pull data from more than 1,100 of the most popular mobile phones and PDAs, while the team members carry suitcases containing handset connectors of every shape and size to help collect data from the devices.

However, Foggon warned that the shift away from PCs towards mobile devices is posing an increasing headache for the digital-forensics teams.

He said: "It is a concern that society is moving more towards using mobile phones. The PC architecture is usually stable but, with mobile devices, they change daily. If a mobile device comes out tomorrow, we will not be able to look at it until a tool becomes available."

"We can still analyse it, by photographing every screen on it, but we won't be able to get hidden data on it, so photographing every screen is not a very practical way of doing it," Foggon said. "That is an area where we are almost playing catch-up."

Another growing problem, as regards forensics teams' ability to recover evidence, is the encryption features found in modern operating systems.

"With Windows Vista, you have BitLocker, which will cause us some problems," Foggon noted.

Read this

Feature
Protect your mobile devices in any location

Forget the recent hype about about Chinese hackers — users and organisations should be securing mobile systems as a matter of course, so follow these tips to find out how

Read more +

"It ties in the encryption to a chip. There are ways around it but it is something we can't crack; we need a pass to get around that."

The team cracks low-grade encryption using 100 quad-core PCs but, for high-grade encryption, it relies on the threat of a prison sentence for individuals refusing to hand over passwords or decrypted files.

Foggon believes that the unit's years of experience in unearthing evidence from everything from 186s to MacBooks will mean it will have a key role to play in any central UK e-crime policing unit.

The government has committed itself to funding such a unit and indicated it could be part of the proposed National Fraud Reporting Centre, under the Attorney General's Office, while the Metropolitan Police Service and the Association of Chief Police Officers have put forward proposals to the government to establish a policing central e-crime unit.

Foggon said the unit's structure could soon be transformed, and it may even tackle a wider range of criminal investigations, following the publication of its reaction, due imminently, to a review of the Serious Fraud Office carried out by former senior New York City prosecutor Jessica de Grazia.

The review called for clarity about the roles, responsibilities and qualifications of case controllers and assistant directors within the Serious Fraud Office.

Credit: UK crime fighters grapple with iPhone wipe threat from silicon.com

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
0 out of 2 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

1 comment

  1. Remote wipe capability Curmudgeon

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:









Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters