Your Iphone Is A Snitch!

[Homes Labs]

http://www.freep.com/apps/pbcs.dll/article?AID=/20100707/NEWS06/7070336/1318/Smartphones-nab-dumb-crooks&template=fullarticle

 

Michigan

Local news main: Detroit | Oakland | Wayne | Macomb | Michigan | Politics | Lottery

Posted: July 7, 2010

iPhone makes great snitch for savvy cops

BY AMBER HUNT

FREE PRESS STAFF WRITER

 

Comments (51) Recommend (7) Print E-mail Letter to the editor Share

Facebook Twitter FarkIt Digg Del.icio.us Reddit Newsvine

Buzz up!Got an iPhone in your pocket? Then you might be storing even more personal information than you realize.

 

 

 

And some of it could be used against you if you're ever charged with a crime.

 

There's a burgeoning field of forensic study that deals with iPhones specifically because of their popularity, the demographics of those who own them and what the phone's technology records during its use. Law-enforcement experts said iPhone technology records a wealth of information that can be tapped more easily than BlackBerry and Android devices to help police learn where you've been, what you were doing there and whether you've got something to hide.

 

"Very, very few people have any idea how to actually remove data from their phone," said Sam Brothers, a cell phone forensic researcher with U.S. Customs and Border Protection who teaches law-enforcement agents how to retrieve information from iPhones in criminal cases.

 

"It may look like everything's gone," he said, "but for anybody who's got a clue, retrieving that information is easy."

 

Clues lurk in deleted bins and screenshots

Two years ago, as iPhone sales skyrocketed, former hacker Jonathan Zdziarski decided law-enforcement agencies might need help retrieving data from the devices.

 

So he set out to write a 15-page, how-to manual that turned into a 144-page book ("iPhone Forensics," O'Reilly Media). That, in turn, led to Zdziarski being tapped by law-enforcement agencies nationwide to teach them just how much information is stored in iPhones -- and how that data can be gathered for evidence in criminal cases.

 

"These devices are people's companions today," said Zdziarski, 34, who lives in Maine. "They're not mobile phones anymore. They organize people's lives, and if you're doing something criminal, something about it is probably going to go through that phone."

 

It's an area of forensic science that's just beginning to explode, law-enforcement and cell phone experts said. Zdziarski said the focus of forensics recovery has been on the iPhone over other smartphones in large part because of its popularity.

 

An estimated 1.7 million people rushed to buy the latest iPhone version released last month. Before that, Apple had sold more than 50 million iPhones, according to company figures.

 

Although some high-stakes criminal cases have used cell phone towers to estimate a suspect or victim's whereabouts, few have laid out the information that iPhones have to offer. For example:

 

• Every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it. Savvy law-enforcement agents armed with search warrants could use those snapshots to see if a suspect is lying about whereabouts during a crime.

 

• iPhone photos are embedded with GEO tags and identifying information, meaning that photos posted online might not only include GPS coordinates of where the picture was taken, but also the serial number of the phone that took it.

 

• Even more information is stored by the applications themselves, including the user's browser history. That data is meant in part to direct custom-tailored advertisements to the user, but experts said that some of it could prove useful to police.

 

Clearing out user histories isn't enough to clean the device of that data, said John B. Minor, a communications expert and member of the International Society of Forensic Computer Examiners who has written articles for law enforcement about iPhone evidence.

 

"With the iPhone, even if it's in the deleted bin, it may still be in the database," Minor said. "Much is contained deep within the phone."

 

What users don't know

Some of that usable data is in screenshots.

 

Just as users can take and store a picture of their iPhone's screen, the phone itself automatically shoots and stores hundreds of such images as people close out one application to use another.

 

"Those screen snapshots can contain images of e-mails or proof of activities that might be inculpatory, or exculpatory," Minor said.

 

Most iPhone users agree to let the device locate them so they can use fully the phone's mapping functions, as well as various global positioning system (GPS) applications.

 

The free application Urbanspoon is primarily designed to help users locate nearby restaurants. Yet the data stored there might not only help police pinpoint where a victim was shortly before dying, but it also might lead to the restaurant that served the victim's last meal.

 

"Most people enable the location services because they want the benefits of the applications," Minor said. "What they don't know is that it's recording your GPS coordinates."

 

A tremendous source

Bill Cataldo, an assistant Macomb County prosecutor who heads the office's homicide unit, said iPhones are treated more like small computers than mobile phones.

 

"People are keeping a tremendous amount of information on there," he said.

 

Cataldo said he has found phone call histories and text messages most useful in homicide cases. But Zdziarski, who has helped federal and state law-enforcement agencies gather evidence, said those elements are just scratching the surface when it comes to the information police and prosecutors soon will start pulling from iPhones.

 

"There are some terrorists out there who obtained some information about a network from an iPhone," he said.

 

Sam Brothers, who works for U.S. Customs and Border Protection and helps train law-enforcement agencies about cell phone forensics, said he also has testified in state and federal cases about data he has retrieved from iPhones.

 

Although he can't comment about specific cases, he provided a hypothetical:

 

"Let's say you have a gang and somebody's killed a gang member on the street," he said. "The killer takes a picture on his iPhone ... We as law enforcement may retrieve that image and might have proof not only of the death, but the time of death."

 

Even people who don't take pictures or leave GPS coordinates behind often unwittingly leave other trails, Zdziarski said.

 

"Like the keyboard cache," he said. "The iPhone logs everything that you type in to learn autocorrect" so that it can correct a user's typing mistakes.

 

Apple doesn't store that cache very securely, Zdziarski contended, so someone with know-how could recover months of typing in the order that it was typed, even if the e-mail or text it was part of has long since been deleted.

 

Apple did not return phone calls or an e-mail seeking comment for this story.

 

Concerns about privacy

Adam Gershowitz, who teaches criminal procedure at the University of Houston Law Center, said that the new technology brings with it concerns about privacy -- especially when it comes to whether investigators have the right to search someone's iPhone after an arrest.

 

So far, the courts have treated mobile phones like a within-reach container that police can search the same way they can check items in a glove box or cigarette pack, Gershowitz said, though the Ohio Supreme Court in 2009 ruled to bar warrantless searches of cell phone data. That case is being appealed to the U.S. Supreme Court.

 

"Phones are regular tools of the drug trade," Gershowitz said. As police become more familiar with iPhones, he said, they become more adept at flipping through photos, map searches and text messages as they look for evidence.

 

Zdziarski said some examiners are "afraid to touch" iPhones because of privacy concerns.

 

"I personally will never work on civil cases," he said, adding that when he advises law-enforcement agencies about obtaining search warrants for iPhones, he instructs them to add iPhone-specific language to the warrant.

 

But, he said, as iPhones appear to keep selling in record numbers, law enforcement appears poised to keep up.

 

"It's no longer about a list of phone numbers and maybe a couple of pictures," Zdziarski said. "You're talking about data that can travel back a year or longer. That's useful to law enforcement."

 

Contact AMBER HUNT: 313-223-4526 or alhunt@freepress.com.

[phaquetoo]

Call me!

 

Good post! read something similar a while ago!

FTW

Peace

Jim

[Guest Wayne]

So if you send your iPhone on an extended trip with a friend, perfect alibi? Interesting applications this has.

[+420Atheist]

This is one of those times when I may be saying too much. Let's just say that article is only the tip of the iceberg of electronic forensics. While I was at the doctor getting my recommendation I noticed they used the copy machine. Do you know those copy machines have hard drives that retains the information long after the copy machine is dead? One of the big hacker things to do these days is get a used copy machine from a car dealership for a couple hundred dollars and get all the personal information from credit apps that were copied. We should all be using the Tor network when communicating with this board. And if you don't use truecrypt on your sensitive files you are really missing the boat. As for the phone thing you should buy a tracfone and pay with a greendot credit card. If you are in trouble and still have the phone dunk it in water (works best if turned on when dunking in water.) That makes it very hard to recover any data. Not impossible, but they got to want that data bad to get it.

[UrbanFarmer]

This is one of those times when I may be saying too much. Let's just say that article is only the tip of the iceberg of electronic forensics. While I was at the doctor getting my recommendation I noticed they used the copy machine. Do you know those copy machines have hard drives that retains the information long after the copy machine is dead? One of the big hacker things to do these days is get a used copy machine from a car dealership for a couple hundred dollars and get all the personal information from credit apps that were copied. We should all be using the Tor network when communicating with this board. And if you don't use truecrypt on your sensitive files you are really missing the boat. As for the phone thing you should buy a tracfone and pay with a greendot credit card. If you are in trouble and still have the phone dunk it in water (works best if turned on when dunking in water.) That makes it very hard to recover any data. Not impossible, but they got to want that data bad to get it.

 

Words of wisdom, indeed. Use Tor, switch to Firefox and get the Keyscrambler and Tor/Vidalia plugins.

 

Any cell can be triangulated once they have your number.

 

Everything you post online or IM (without your own security protocols) is on some disk, somewhere, forever.

 

Every electronic transmission (fax, phone, cell, email etc) (with one exception, last I heard) is monitored.

 

On the other hand, if you are like me, and are probably already on more than one or two "watchlists", and think we haven't had any privacy in over a decade, don't worry about it. "They" already now every damned thing about you, and if they want you, they'll come and get you. No matter what you do, lol. (My mindset for the last 5 years or so.)

[Guest Wayne]

I think what most fail to realize is how detailed and expansive the databases amassed and shared by corporate America really are. It's not the feds I fear it's who's pulling the feds strings. Michigan voters just don't stop to realize the battle for their right to vote on their own destiny that is taking place in regards to Proposal 1. You may vote but for who's prepackaged government? They'll let you know They have been quite vocal regarding their judgement of the intelligence of the voting public. Voters are people too ignorant to understand their own ignorance!

[shishka]

And always use gloves when spending cash at the hydro shop so fingerprint data can't be used against you. Oh ya and a disguise for the cameras, maybe a hotdog or a toothbrush.

 

Come on, how paranoid do you want to be?

 

This was sent by my IPhone.

[Guest Wayne]

Realistic, not paranoid. If the government wants you they will most certainly get you. One of the giggles I get about the radical right and guns. I'm pro second amendment but the argument that gun ownership protects me and my fellow citizen's from a tyrannical government is just plain foolish. Now marketing and politics? That's another matter. Sadly taking back our government is to date best represented by the cannabis community and supporters, politicians and LEO to date are making a joke of the whole thing, or simply ignoring it. You would think state wide voter revolt by at least 63%, not 30 people at a protest. November awaits us.

[puravida1974]

When I read the title "Your iphone is a snitch", it reminded me of what I heard one time in Flint, "snitches get stitches". Although considering how much it is to get out of a contract with AT&T it's probably not a good idea.

[Tommy217xxx]

If you think that your gonna avoid big brother lookin over your shoulder by avoiding new tech your wrong. And if you think that its just your phone that stores info, what about cars with built in GPS?

 

Technology - Love it or hate it.

 

If you really wanna avoid the government and LEO getting involved, you should take your 12 plants and move to the U.P. in the woods where no one will find you.

[LongHairBri]

ALL 3G phones w/gps leave a gps stamp on all your pictures, and show the EXACT location they were taken. Even shows it on a map! NOT a good thing if your taking pics of your ladies!

[md999]

When I read the title "Your iphone is a snitch", it reminded me of what I heard one time in Flint, "snitches get stitches". Although considering how much it is to get out of a contract with AT&T it's probably not a good idea.

Put your cell phones in your kids name and just use your credit to start the account. No one under 18 years old can be held to any contract.

[md999]

If you have a mobileme account with Apple, you can remotely wipe you phone clean of EVERYTHING including gps snapshots and any unpromted location tagging from any computer, anywhere, at anytime. then just re-sync when you get home. Apple added this cause they knew how easy it was retreiving info from them. Best phone ever...

[BubbleBerryKush]

google JJ luna....and then read......