Hacker Teaches iPhone Forensics To Police

Ponca City, We love you writes "The Mercury News reports that former hacker Jonathan Zdziarski has been tapped by law-enforcement agencies nationwide to teach them just how much information is stored in iPhones — and how to get it. 'These devices are people's companions today,' says Zdziarski. 'They're not mobile phones anymore. They organize people's lives. And if you're doing something criminal, something about it is probably going to go through that phone.' For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it. Savvy law-enforcement agents armed with search warrants can use those snapshots to see if a suspect is lying about whereabouts during a crime."

Re:iPhone secret screenshots?

[auntieNeo]

"For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

I'm guessing it does that because when it opens it wants to look just as spiffy as it looked when the user closed it, and it can't do that if it has to re-render the map from scratch.

Re:your own personal lo-jack

[MobileTatsu-NJG]

You would think most criminals would know not to carry a cell phone at all, since the cell towers tracks and record their location at every moment.

Criminals still get busted by leaving fingerprints.

Criminals usually aren't very smart

[Sycraft-fu]

Most smart people find other work for two reasons:

1) When you are smart, you have options. Smart is a talent people want, particularly practical smarts of the problem solving nature. So you find that when you have that, you have options of where to work and what to do. Makes crime less attractive.

2) Smart people can better understand the consequences for crime, and the likelihood of getting caught especially on repeated attempts. So even if crime is tempting, they don't do it because they are smart enough to think ahead and realize it isn't worth the risk over all.

Most criminals are just not that bright. A friend of mine has worked with the public defender's office and the stories he has of the stupid criminals they try to defend and just amazing. They get caught and busted by their own stupidity more than anything else. They love to run their mouths to the police, they never plan their crimes, etc, etc. More or less the only time they were able to get someone off the hook was when the police made a mistake. Otherwise, the criminals sunk themselves.

Re:Criminals usually aren't very smart

[antifoidulus]

The really smart criminals just bribe the cops or even better just bribe the politicians to make what they are doing not illegal.

Re:Criminals usually aren't very smart

[Anonymous Coward]

The really smart criminals just bribe the cops or even better just bribe the politicians to make what they are doing not illegal.

No, the really smart criminals are all WEARING the suits.

Re:More good resons for not buying a iPhone (iSpy)

[phantomfive]

I'm not a lawyer, but as far as I can tell, those laws apply to remote data gathering, not storage on your own computing device. Otherwise every program that caches something would be illegal.

Re:Criminals usually aren't very smart

[Scrameustache]

Most criminals who get caught are just not that bright.

ftfy

Re:Criminals usually aren't very smart

[Sycraft-fu]

The problem is that when you do things over and over, you WILL get caught. Everyone fucks up every day, we all make mistakes. What this means is that when you keep committing crimes, the chances you will do something that will give you away approaches certainty. It is just near impossible to keep committing crimes and not get caught.

So sure, I suppose a smart person might commit a single crime and get away with it. However hard to get enough money from a single crime to make it worth doing as the only thing for your life.

Also the bigger the crime, the most heat it draws, the more it is scrutinized and the smaller the fuckup that can lead to you getting caught.

Re:WTF?

[Sycraft-fu]

The meanings of words change, deal with it. In popular usage, hacker means someone who does illegal things with computers. I don't care if that wasn't what it was supposed to me, that is what it means. You have to deal with that in terms of common usage.

Some other examples would be interference or acceleration. In the scientific context, interference just means something that changes a system. There is no positive or negative to it. However in popular usage, interference means messing with something to cause a bad result. Likewise acceleration is the process of changing speed or direction. You accelerate to a stop, or in a turn. However in popular usage it means to go faster, you decelerate to a stop.

It is silly to get all overly pedantic about it because it accomplishes nothing. You have to accept that languages are living things, and usages change.

Statistics, motherfucker. Can you do it?

[Hognoxious]

.. he discusses the story of Christopher Langan, a man who ended up working on a horse farm in rural Missouri despite having an IQ of 195 (Einstein's was 150).[2] Gladwell points out that Langan has not reached a high level of success because of the environment he grew up in.

Do ALL people who work on horse farms have an IQ higher than Einstein's? Or is it just most of them? Or is he just basically a freak case that proves nothing?

I guess you grandfather smoked 80 cigarettes a day since he was 12 and he got run over by a truck one day short of his 120th birthday while training for a marathon.

Re:Real criminals use pre-paid phones

[SydShamino]

The people that were smashing car windows in our neighborhood were seen, and followed running back to their house in our neighborhood.

In my opinion learning to not hit your own neighborhood where you'll be recognized and followed on foot to our house is the first, basic thing to learn as a new criminal. Apparently that's too much for some people. Planning ahead so far as to coordinate your efforts with a throw-away phone is several steps down that list.

Re:Criminals usually aren't very smart

[shaitand]

"Most criminals are just not that bright. A friend of mine has worked with the public defender's office and the stories he has of the stupid criminals they try to defend and just amazing. They get caught and busted by their own stupidity more than anything else."

Most people are not that bright so it stands to reason most crooks aren't either. That said, has it ever occurred to you that your friend and most others in the justice system aren't catching many smart crooks because smart crooks aren't getting caught?

"So you find that when you have that, you have options of where to work and what to do. Makes crime less attractive."

Crime pays better than legit work. That makes crime more attractive. Most smart people choosing legit work today simply haven't found a smart opportunity for crime or don't have the guts. With a big enough payoff, small enough risk, and small enough amount of effort most people would be all over it.

"especially on repeated attempts"

That's a given. But there is no particular reason there needs to be repeated attempts.

Re:iPhone secret screenshots?

[BasilBrush]

You're both right. It only keeps one image - it's called Default.png. Yet it's possible multiple versions could be retrieved if the file's data blocks on the flash disk have not yet been overwritten by another file.

Point is: iPhone is doing nothing nefarious, secretive or underhand, as some here would love to imagine. Yet forensics could discover more than a person might first imagine.

Re:Criminals usually aren't very smart

[Sycraft-fu]

Guess what? We've got a pretty good idea how many crimes are committed where people aren't caught. People tend to report crimes, especially big ones. Turns out there are not tons of profitable crimes begin committed where nobody is caught for it. Most of the stuff that goes unsolved is minor things, because it doesn't get much attention, and one off things, like crimes of passion. Go look it up, the US DOJ has all the stats you could want.

Also crime does not pay better than legit work in any significant way. A popular myth, but a myth. Steven Levitt did a great analysis on this that I encourage you to read. What people also think about when they talk about that is drug lords. You are right, the top drug lords make a lot of money... But then so do the top business executives and there are a LOT of those. The people at the top make a lot, this is true regardless of what you are talking about. However it also turns out the people at the bottom don't make much. The low skill people slinging drugs on the corner make shit.

There actually is a reason that there needs to be repeated attempts. Unless you commit a really profitable crime, you are going to need more money at some point. I mean suppose you want to maintain a lower middle class lifestyle. You say you want to be able to live like someone who makes $40,000 a year. To pull that off, you'd need to net about $2-2.5 million dollars to be able to pay your taxes on it (and you'd better pay taxes, lifestyle that doesn't match with taxes is a prime way people get caught) and save enough to live off of for the rest of your life. Well that's a hell of a lot to steal in one go, and you then have to be frugal. You have to live that $40k/year lifestyle, no living like a rich person. This is also assuming you could invest the money so that inflation didn't eat it up.

You want to live a high class lifestyle? Well that figure increases rather sharply. Turns out it just isn't easy to get that much money in a single incident. Goes double since most things you might think of would require multiple people, all of who want a piece of the action and each which is an additional risk.

Robbing a house or a bank won't do the trick, don't even talk about kidnapping for ransom (the FBI has closed 100% of kidnapping for ransom cases), drugs are a continuing operation, etc. Not easy to find that big haul that you can get at, get away with, and then live off of.

Re:iPhone secret screenshots?

[BasilBrush]

It's not an early morning and a lack of coffee that's not allowing you to explain yourself. It's the fact that you are voicing your hatred rather than a rational viewpoint. There absolutely nothing related to a walled garden here. It's a cache, pure and simple, and it's documented. Even free software uses caches.

Re:WTF?

[ScrewMaster]

The meanings of words change, deal with it. In popular usage, hacker means someone who does illegal things with computers. I don't care if that wasn't what it was supposed to me, that is what it means. You have to deal with that in terms of common usage.

The Hell I do. Every sub-group in a complex culture has its own terminology, its own private vocabulary, its own jargon. Doctors do, lawyers do, mechanics do, soldiers do, programmers do ... and I feel perfectly free to use the term "hacker" as it was originally intended when communicating with a group of largely like-minded individuals (like here, on Slashdot.) You either learn to communicate on our terms, or find another site that habitually uses the more common usage.

It is silly to get all overly pedantic about it because it accomplishes nothing. You have to accept that languages are living things, and usages change.

Sure it does, it accomplishes quite a lot, in fact. When people who regularly interact use certain words to mean certain things, to use as verbal shortcuts, it can enhance their communication. An outsider may find that confusing, but that's irrelevant ... either that person learns the jargon, or stays confused. In this case, you comprehend the true meaning of "hacker", but you just want all of us to use the corrupted popular term, one that you find more appealing.

Thing is, there's no reason whatsoever that we should. I will continue to use the term "hacker" to mean someone who lives, eats, and breathes technology, and is always trying to push the limit, to see if he can make another hacker who is at least as good as he himself is say, "Whoa. Now that is cool."

The popular media can go on about "evil" hackers trying to breaking into banks and classified military installations, but those of us who know better call such people what they are: criminals.

Re:The iPhone is Not Your Friend

[Super_Z]

Yes, because caching app data, inserting exif data in pictures, offering location service API to applications, storing SMS messages and storing browser history are unique to the iOS. As for "the new Safari html 5 database" storing unique IDs in Web SQL databases, this is a W3C specification also currently supported by Opera and Google Chrome. Not to forget that other browsers also stores unique IDs through flash-cookies.
Why do you think that other mobile OSs like Android does not suffer from the same "problems"? Perhaps it is your obvious Apple hate that clouds your reasoning?

Re:The iPhone is Not Your Friend

[lordDallan]

Yes. And then you go to Settings->Safari->Databases and erase any databases you don't want to keep. Just like you clear out cookies you don't want. Cookies that allow "cookie tracking" that "uniquely identifies you to advertisers". From a "managing my private data on my iPhone" perspective, I happen to prefer the databases so far, because they are easier to identify and delete than cookies are.

Also, as far as I can see, the databases are based on sqlite, making it really nice for web developers to keep well-organized data client-side that they can retrieve using standard SQL queries embedded in javascript. I for one would rather have more of my data on my local device where I can easily(see above) delete it than stored out in the cloud. If having a good way to store more data in an organized fashion encourages developers (yes even "evil" ad developers) to store more of my data locally by making local storage more convenient and powerful for those developers, I'm all for that.

If you want to complain about something, complain that mobile Safari doesn't have a private browsing mode, meaning you have to manually delete cache/history/cookies/databases after any browsing you'd prefer to keep anonymous. That stinks IMHO.