By Nick Heath, 2 September 2008 12:45
NEWS
Criminals can remotely destroy incriminating evidence by exploiting security features on the Apple iPhone, a leading digital forensics expert has warned.
The head of the Serious Fraud Office digital forensics unit Keith Foggon cautioned that the ability to remotely wipe the iPhone and other smart phones used by enterprises could be exploited by lawbreakers.
iPhone take two: All the coverage
♦ Five iPhone apps for business
♦ Editor's Blog: Why we write about the iPhone
♦ iPhone 3G sales hit one million mark
♦ 10 things we'd change on the 3G iPhone
♦ 3G iPhone launch: Tech trouble for O2
♦ iPhone 3G: The wait is over
♦ ¿Dónde está el iPhone 3G?
♦ Photos: Steve Jobs dances the iPhone 3G tune
♦ Unveiled: The 3G iPhone
♦ iPhone 2.0 - ready for business?
♦ iPhone 2.0 - the rumours and the reality
Foggon said: "The 3G iPhone is brand new, there are not many tools for dealing with it and it can be remotely wiped. It's a bit like the BlackBerrys where users can carry out remote deletion."
He added the unit took precautions to guard against the feature being exploited. "Because we isolate the devices immediately, and never reconnect them to their network, the remote wiping capability does not present us with much of a problem," he noted.
The 21-strong unit, which sniffs out incriminating evidence from crime scenes, uses a number of high-tech tools to get the sensitive data the police needs to build a case. Advanced forensics tools such as the Logicube CellDEK allow the forensics organisation to pull data from more than 1,100 of the most popular mobile phones and PDAs, while its team carry suitcases containing handset connectors of every shape and size to help collect data from the devices.
However, Foggon warned that the shift away from PCs towards mobile devices is posing an increasing headache for the digital forensics teams.
(continues on page 2)
Comments
There are 4 comments. Join the discussion
1. euty
Government funding to crack security systems set up by companies for there consumers????? Government should pass legislation for companies to provide the law enforcers with ways to access data from devices (with a warrant of course) as a condition for a device to be on the consumer market.
2. Robert Charleston
It really is a shame that in UK the police/prosecution can lock you up if you refuse to hand over your encryption keys. In the US it was recently ruled to fall under 5th amendment - the self incrimination clause if I recall correctly. It really is scary when the US has better human rights and privacy than UK - not something you'd expect.
3. Ehud Gavron
ALL they have is the threat of a prison sentence if they aren't handed the key.
They are a tissue-paper tiger.
Ehud
4. Garry
Whilst the concept that real criminals can obscure or even delete evidence of their activities is of concern I frankly, am more concerned about the activities of our Governments in their efforts to have an iron control over us and spy on every aspect of our lives.