Forgot your password?
typodupeerror
Crime Handhelds Iphone Security Apple Your Rights Online

Hacker Teaches iPhone Forensics To Police 193

Posted by samzenpus
from the strange-bedfellows dept.
Ponca City, We love you writes "The Mercury News reports that former hacker Jonathan Zdziarski has been tapped by law-enforcement agencies nationwide to teach them just how much information is stored in iPhones — and how to get it. 'These devices are people's companions today,' says Zdziarski. 'They're not mobile phones anymore. They organize people's lives. And if you're doing something criminal, something about it is probably going to go through that phone.' For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it. Savvy law-enforcement agents armed with search warrants can use those snapshots to see if a suspect is lying about whereabouts during a crime."
This discussion has been archived. No new comments can be posted.

Hacker Teaches iPhone Forensics To Police

Comments Filter:
  • "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?
    • by Ethanol-fueled (1125189) * on Sunday September 12, 2010 @12:11AM (#33550318) Homepage Journal
      Haw. If you're gonna rob a bank or burglarize a home, why not do it in style?

      Envision a crook trying to scream at the clerk to empty out the register while pausing to say, "Hold up, I gotta take this call..." Or instructing his getaway driver, "Turn left here....um, right here...oh, Mike just broke up with Jen...turn left here, exit 95..."

      Compartmentalize, crooks. Compartmentalize.
    • by auntieNeo (1605623) on Sunday September 12, 2010 @12:18AM (#33550354)

      "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

      I'm guessing it does that because when it opens it wants to look just as spiffy as it looked when the user closed it, and it can't do that if it has to re-render the map from scratch.

      • by icebike (68054)

        Exactly. It has only ONE image, the last one.
        Not a history of images. Open your map tap the Locate icon when at home or any other common place, and problem solved.

        Besides, everyone who watches TV knows you use a untraceable "burner" phone, right?

        Sun Glasses....
        Yeaaaaaaaahhhh!

        • Exactly. It has only ONE image, the last one.
          Not a history of images.

          You’re quite sure of that? Even assuming it does purge the old image files when it saves a new one – the old screenshots can’t be undeleted?

          • [CSI] Restore previous. Zoom. Enhance. [/]

          • by BasilBrush (643681) on Sunday September 12, 2010 @05:19AM (#33551388)

            You're both right. It only keeps one image - it's called Default.png. Yet it's possible multiple versions could be retrieved if the file's data blocks on the flash disk have not yet been overwritten by another file.

            Point is: iPhone is doing nothing nefarious, secretive or underhand, as some here would love to imagine. Yet forensics could discover more than a person might first imagine.

        • Besides, everyone who watches TV knows you use a untraceable "burner" phone, right?

          Street cred. If your phone ain't blang you ain't da realz shizzle for shizzle, dizzle, yo.

          Translation: There's a segment of the criminal populace that are more worried about being in-style while doing their thing, than getting away with it. So what if a big guy whose name might be Bubba takes a few liberties in the communal shower? At least I carjacked Joe Schmoe with an iPhone in the pocket that hovers between my knee and calf, depending on when I hitched my pants up last.

      • by hitmark (640295)

        yep, and i suspect the iphone do many such tricks to look more responsive and fast working then it actually is.

        Like say using still images in transitions rather then rendering every icon or ui element.

    • Re: (Score:3, Interesting)

      by PNutts (199112)

      This is for the animation of screens opening and closing. This news is about two years old. It doesn't specifically call out the iPhone model so it may not apply to the newer ones with hardware encryption unless the book's been updated since 2008.

      • by bcmm (768152)

        It doesn't specifically call out the iPhone model so it may not apply to the newer ones with hardware encryption unless the book's been updated since 2008.

        If the key is stored on the same device as the encrypted data, the encryption is a particularly funny instance of security through obscurity.

        The only other options are to have the user memorise a key, which will practically inevitably be far too short, use around some kind of separate authentication device, or having the user memorise a password that i

    • by Graff (532189) on Sunday September 12, 2010 @12:58AM (#33550536)

      "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

      It's called caching. When an iPhone application switches to another application it can quickly store an image of the app's current state. When the user switches back it displays that image while the real view is being built. That way the user gets an immediate view of the last state of the app rather than having to wait around for that state to be re-built.

      Your desktop computer's web browser (and many other programs and devices) does the same thing, it stores data for quick access and responsiveness. You'd be surprised at just how many devices use this technique, the iPhone is far from the only device to cache data.

      It's a smart technique but yeah, if you're committing crimes then too bad for you. I'd suggest that maybe you shouldn't be using ANY electronic device during a crime that you don't completely understand what data it sends and stores and how to deal with it before it becomes evidence.

      • how to deal with it before it becomes evidence.

        Detonation or thermite. Pretty easy solution if you must be encumbered by an electronic device.

        Personally, I like the Thermite, because it's fun to watch...but not always practical.

      • by w0mprat (1317953)

        "For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

        It's called caching. When an iPhone application switches to another application it can quickly store an image of the app's current state. When the user switches back it displays that image while the real view is being built. That way the user gets an immediate view of the last state of the app rather than having to wait around for that state to be re-built.

        Your desktop computer's web browser (and many other programs and devices) does the same thing, it stores data for quick access and responsiveness. You'd be surprised at just how many devices use this technique, the iPhone is far from the only device to cache data.

        It's a smart technique but yeah, if you're committing crimes then too bad for you. I'd suggest that maybe you shouldn't be using ANY electronic device during a crime that you don't completely understand what data it sends and stores and how to deal with it before it becomes evidence.

        Yes I would be surprised how many devices use that technique, and I don't think it's that defensible. It's a obvious security/privacy problem.

        As far as I'm aware most browsers don't do this, and certainly not cache screendumps to permanent storage, with the exception of Opera and Chrome's "Speed Dial" feature requiring a thumbnail of the page.

        A smart technique? It's a bit cheeky, but then such tricks are frequently used to fake responsiveness in UIs. Aside from the benefits of 'cheating', it's quite si

        • by Abcd1234 (188840)

          As far as I'm aware most browsers don't do this, and certainly not cache screendumps to permanent storage, with the exception of Opera and Chrome's "Speed Dial" feature requiring a thumbnail of the page.

          Why would they? They cache *the entire page contents, including a pre-rendered DOM*.

          Seriously, if you're worried about little screenshots in your iPhone, your PC is probably a *far FAR* bigger problem for you.

    • by MrCrassic (994046)
      Well, the thing to remember is that physical access = game over. Without exploits or clearly open holes (i.e. jailbreakers opening SSH and forgetting to change the root password), it's pretty hard to gain access to an iPhone or Android device by default. Unless the phone is encrypted (very unlikely), most of the juicy bits are very easy to get and extract after physical possession (e.g. one can still browse the flash RAM on an iPhone even if it has a PIN lock, which is one of the reasons why it's not very h
  • by romanval (556418) on Sunday September 12, 2010 @12:15AM (#33550336)
    You would think most criminals would know not to carry a cell phone at all, since the cell towers tracks and record their location at every moment.
    • Re: (Score:3, Insightful)

      You would think most criminals would know not to carry a cell phone at all, since the cell towers tracks and record their location at every moment.

      Criminals still get busted by leaving fingerprints.

      • Despite what CSI shows tell you, fingerprints are not some magical thing left behind at every crime scene. It's tough to get a clear fingerprint, it's mutually excusive with getting DNA off a surface, actually checking the fingerprint against various databases has a backlog of days to weeks, and unless the person who did it is in one of those databases (i.e. former criminal, law enforcement, someone with a security clearance, foreigner) or matches someone you already suspect and can get a warrant to get a f
        • Heh. I said busted, not convicted.

          You would think with 50+ years of TV and movies telling us about fingerprints that every would-be criminal would wear gloves. But.. nope, as you said, there's a backlog.

    • by Sycraft-fu (314770) on Sunday September 12, 2010 @12:27AM (#33550402)

      Most smart people find other work for two reasons:

      1) When you are smart, you have options. Smart is a talent people want, particularly practical smarts of the problem solving nature. So you find that when you have that, you have options of where to work and what to do. Makes crime less attractive.

      2) Smart people can better understand the consequences for crime, and the likelihood of getting caught especially on repeated attempts. So even if crime is tempting, they don't do it because they are smart enough to think ahead and realize it isn't worth the risk over all.

      Most criminals are just not that bright. A friend of mine has worked with the public defender's office and the stories he has of the stupid criminals they try to defend and just amazing. They get caught and busted by their own stupidity more than anything else. They love to run their mouths to the police, they never plan their crimes, etc, etc. More or less the only time they were able to get someone off the hook was when the police made a mistake. Otherwise, the criminals sunk themselves.

      • Re: (Score:2, Insightful)

        by antifoidulus (807088)
        The really smart criminals just bribe the cops or even better just bribe the politicians to make what they are doing not illegal.
        • Re: (Score:2, Insightful)

          by Anonymous Coward

          The really smart criminals just bribe the cops or even better just bribe the politicians to make what they are doing not illegal.

          No, the really smart criminals are all WEARING the suits.

        • even better just bribe the politicians to make what they are doing not illegal.

          It's not always smart to make what you are doing legal. In many areas that would really destroy your profits. Just imagine what would happen to the market for illegal drugs if everyone could manufacture and import drugs legally.

        • by morari (1080535)

          The smart criminals never get caught. Likely, you might never even realize a crime was committed.

      • Re: (Score:3, Insightful)

        by Scrameustache (459504)

        Most criminals who get caught are just not that bright.

        ftfy

        • Re: (Score:3, Insightful)

          by Sycraft-fu (314770)

          The problem is that when you do things over and over, you WILL get caught. Everyone fucks up every day, we all make mistakes. What this means is that when you keep committing crimes, the chances you will do something that will give you away approaches certainty. It is just near impossible to keep committing crimes and not get caught.

          So sure, I suppose a smart person might commit a single crime and get away with it. However hard to get enough money from a single crime to make it worth doing as the only thing

          • The problem is that when you do things over and over, you WILL get caught. Everyone fucks up every day, we all make mistakes. What this means is that when you keep committing crimes, the chances you will do something that will give you away approaches certainty. It is just near impossible to keep committing crimes and not get caught.

            You need to balance that up with the fact that the average policeman isn't that smart either, and is probably overworked. You don't just have to fuck up to be caught. You need

            • Re: (Score:3, Interesting)

              by Sycraft-fu (314770)

              The more crimes you commit, the more people look for you. Despite your best efforts, you'll leave a signature and this'll get noticed. It may take time, but if you keep committing crimes you'll wind up on bigger and bigger radars, more people, at a higher level, will be looking for you.

              Also there's no such thing as no risk crime. So you say ok just stick to property crime. Then it turns out your break in to a house that's wired. A silent alarm goes off, security company sees you on video. Before you know it

              • The risks you point out are those relating to the stupid. The smart criminal wouldn't break into a house they don't know to be empty. The existence of a video camera doesn't matter because his face is covered or disguised and he's not wearing any easily distinguishable clothing. The fact that you are suggesting these things as problems suggests that you haven't the smarts to be a smart criminal. But it certainly doesn't mean that other people don't.

                As to risk, everything has risk. But there are plenty of r

                • by Jeremi (14640)

                  As to risk, everything has risk. But there are plenty of roofers who last an entire career without falling off a roof.

                  That is a misleading analogy... a roof is an unintelligent object whose behavior is (relatively) simple and predictable. A criminal isn't going up against simple, unpredictable objects, he's going up against human beings, many of whom are quite intelligent, and all of whom can behave unpredictably.

                  Furthermore, when a roofer does fall off of a roof (or suffer some other kind of injury) there

      • by shaitand (626655) on Sunday September 12, 2010 @03:14AM (#33551022) Journal

        "Most criminals are just not that bright. A friend of mine has worked with the public defender's office and the stories he has of the stupid criminals they try to defend and just amazing. They get caught and busted by their own stupidity more than anything else."

        Most people are not that bright so it stands to reason most crooks aren't either. That said, has it ever occurred to you that your friend and most others in the justice system aren't catching many smart crooks because smart crooks aren't getting caught?

        "So you find that when you have that, you have options of where to work and what to do. Makes crime less attractive."

        Crime pays better than legit work. That makes crime more attractive. Most smart people choosing legit work today simply haven't found a smart opportunity for crime or don't have the guts. With a big enough payoff, small enough risk, and small enough amount of effort most people would be all over it.

        "especially on repeated attempts"

        That's a given. But there is no particular reason there needs to be repeated attempts.

        • by Sycraft-fu (314770) on Sunday September 12, 2010 @06:38AM (#33551644)

          Guess what? We've got a pretty good idea how many crimes are committed where people aren't caught. People tend to report crimes, especially big ones. Turns out there are not tons of profitable crimes begin committed where nobody is caught for it. Most of the stuff that goes unsolved is minor things, because it doesn't get much attention, and one off things, like crimes of passion. Go look it up, the US DOJ has all the stats you could want.

          Also crime does not pay better than legit work in any significant way. A popular myth, but a myth. Steven Levitt did a great analysis on this that I encourage you to read. What people also think about when they talk about that is drug lords. You are right, the top drug lords make a lot of money... But then so do the top business executives and there are a LOT of those. The people at the top make a lot, this is true regardless of what you are talking about. However it also turns out the people at the bottom don't make much. The low skill people slinging drugs on the corner make shit.

          There actually is a reason that there needs to be repeated attempts. Unless you commit a really profitable crime, you are going to need more money at some point. I mean suppose you want to maintain a lower middle class lifestyle. You say you want to be able to live like someone who makes $40,000 a year. To pull that off, you'd need to net about $2-2.5 million dollars to be able to pay your taxes on it (and you'd better pay taxes, lifestyle that doesn't match with taxes is a prime way people get caught) and save enough to live off of for the rest of your life. Well that's a hell of a lot to steal in one go, and you then have to be frugal. You have to live that $40k/year lifestyle, no living like a rich person. This is also assuming you could invest the money so that inflation didn't eat it up.

          You want to live a high class lifestyle? Well that figure increases rather sharply. Turns out it just isn't easy to get that much money in a single incident. Goes double since most things you might think of would require multiple people, all of who want a piece of the action and each which is an additional risk.

          Robbing a house or a bank won't do the trick, don't even talk about kidnapping for ransom (the FBI has closed 100% of kidnapping for ransom cases), drugs are a continuing operation, etc. Not easy to find that big haul that you can get at, get away with, and then live off of.

          • by shaitand (626655) on Sunday September 12, 2010 @04:21PM (#33554974) Journal

            "Guess what? We've got a pretty good idea how many crimes are committed where people aren't caught. People tend to report crimes, especially big ones."

            That a rather large assertion without any support. I can't speak of all areas of crime, only 'cybercrime'. I can assure that most of this type of crime DOES NOT go reported regardless of size.

            The reason is very simple. At this level both the robbed and the insurance company both have a great interest in making sure the event doesn't go public. That interest is greater than whatever help the police might provide. The insurance company has other clients who are likely vulnerable to the same thing. It is usually better to prevent others from finding out how to copycat than to stop this one guy. Especially if the guy is reported and not caught! The company robbed doesn't want to see a story about how they were attacked on MSNBC the next day. Their stock would plummet! Forget the company getting robbed, that would cost the CEO, VP's, and the board a lot of money on a personal level.

            Your numbers about crime not being profitable run counter to common sense. The bulk of the things we outlaw are only called bad because they shift a large amount of wealth from one to another easily, consistently, and rapidly.

            Also you pose this false dichotomy where one has to repeatedly take the same chance or else be able to live off a single event.

            Five years ago it took 3hrs worth of work (but not time since you have to wait for mailings and such) to fake an identity get a few thousand in credit extended and convert that credit into cash. A reasonably intelligent person could figure out how to perform this task and make tracing and catching him meet the 'hard enough' threshold within an afternoon. That person could walk away with $5000. That is a pretty large chunk of cash for most of us.

            The credit card company not only wouldn't report this but would fight with law enforcement in every way they legally could if law enforcement tried to investigate. Because of this if the 'victim' tries to report the crime the local police would say that interstate banking is the FBI problem. The FBI would tell her not to file the report because the card companies won't cooperate!

            How do I know? I saw it first hand many times. If you did this enough the card companies would see a pattern and report you. They would cooperate. But if you were bright enough to stop at one or two times you could make $5k-$10k pretty much risk free.* Afterward you could continue your life the same as before but with a pretty substantial chunk, perhaps to invest for retirement. Perhaps for a child's college fund. Or maybe just to blow, it was free and easy money after all. As for taxes, $5k-$10k doesn't change a lifestyle and can easily be absorbed without having to pay the taxes as long as you don't deposit it all at once (or even at the same bank within a 3 month period, banks have to report large cash transactions over $5k or a suspicious combination of them).

            * This is no longer the case. So many bright and unreported criminals did this that identity theft laws were lobbied for and put into place to make this more difficult.

      • by roman_mir (125474)

        of-course the most successful of the criminals are so bright, that they are doing what is not even considered crime, but they turn that into crime, they repeat it billions of times and they take very very little money from each separate crime individually, so that goes right against your proposition :)

        I talk about high frequency trading of-course.

      • by hoggoth (414195)

        Really smart people with no ethics or morals don't waste their time stealing thousands and risking punishment. They get elected to Congress and steal millions.

        Do not mod this 'funny'.

      • Incidentally that's also why smart people don't generally join the police : smart people have other options and realize the reward isn't worth the risks.

    • In other news, Some dickhead sells out to law enforcement with knowledge which is actually beknownst to many others. He has no more knowledge than any other person, but he is more willing to sell what he knows for personal gain.
  • This is just making it even easier than it already was.

    If it was really necessary, it is possible to triangulate the location of your phone by determining which towers your phone was communicating with.

    If your phone has a location feature, you'll notice that when you try to disable it you will be presented with the options "Location On" or "911 Only". There doesn't seem to be any way to completely disable this feature. At least this is the case on Motorola and Blackberry phones.

    If you are concerned about so

    • It's not that hard to disable, really. A propane torch applied to the antenna will do it. Ooops - you melted down all the rest of the phone, and the antenna is still pretty much intact? No problem - without the rest of the phone, the antenna isn't going to broadcast anything!
      • by Nethead (1563)

        Ya know we have nicer soldering irons than the one you got in your Tandy leather burning kit in 1965.

        But yeah, you'd have better luck using the local 2m phone patch. Hell, I still hear an old IMTS mobile phone system still on the air in my area (hacked it back in the 80s with a tube final phone.) Let's see them trace that sucker!

  • instead of "checking if the suspect" is lying, how about "verifying what he says". Would sound nicer, especially taking into account that the screenshots were not originally designed for tracking persons.

  • by xtal (49134) on Sunday September 12, 2010 @12:42AM (#33550480) Homepage

    Nobody would ever be clever enough to generate false data.. for an iAlibi? ..or clever enough to hack into and plant incriminating evidence? (not that there's ever been a security breach!)

    • by RajivSLK (398494)

      That's true for almost all evidence... Nobody would be clever enough to plant DNA evidence? or hair strands. So I guess we should just do away with all evidence then...

      • Digital data is TRIVIAL to fake, with the right software it's even easier than that.

        Physical evidence is MUCH harder to fake

        read above post about smart criminals

  • If you're a criminal and you're using a cell phone or, especially, a smart phone to conduct your criminal activities, you deserve what you get. Stupidity often solves a lot of problems that way.
  • WTF? (Score:3, Informative)

    by Runaway1956 (1322357) on Sunday September 12, 2010 @01:01AM (#33550544) Homepage Journal
    Just WTF is a "former hacker"? That's like a "former scientist" or a "former student" or - - I suppose if you accept "hacking" to mean "criminal cretin living in his mother's basement breaks into email accounts and spreads bots around the internt" - then someone COULD be a "former hacker". A real hacker never stops hacking. It's more than a way of life - it's a way of thinking!
    • Re: (Score:2, Insightful)

      by Sycraft-fu (314770)

      The meanings of words change, deal with it. In popular usage, hacker means someone who does illegal things with computers. I don't care if that wasn't what it was supposed to me, that is what it means. You have to deal with that in terms of common usage.

      Some other examples would be interference or acceleration. In the scientific context, interference just means something that changes a system. There is no positive or negative to it. However in popular usage, interference means messing with something to caus

      • Nope. People are still hacking the Linux kernel - including Linux Thorvalds. Hacking in the "popular" context is just so much mindless drivel - much like most of the entertainment from Hollyweird. Oh yeah - that's where the "popular" definition came from - HOLLYWEIRD!!
        • by Urkki (668283)

          Nope. People are still hacking the Linux kernel - including Linux Thorvalds.

          I sure hope not... Wouldn't that be illegal ;-)

          But seriously, doing "standard" software development work isn't "hacking" as far as I'm concerned. A hack is by it's nature something ad-hoc, usually non-general, a quick (and preferably brilliant) solution to a particular problem. I sure hope that does not describe how Linux kernel is developed these days... :-)

          • But seriously, doing "standard" software development work isn't "hacking" as far as I'm concerned. A hack is by it's nature something ad-hoc, usually non-general, a quick (and preferably brilliant) solution to a particular problem. I sure hope that does not describe how Linux kernel is developed these days... :-)

            Not really, I think you're confusing two entirely different processes. The result of "hacking" is not necessarily to produce a hack. Hacking is a state of mind, and a hacker is someone is capable of, and and enjoys being in, that state. A hack is just, as you say, a quick solution which has nothing to do with "hacking" per se. One does not need to be a hacker to produce a hack, and in fact, most hacks are produced by hacks (that is, third-rate coders who couldn't write a decent like of code if you paid them

      • by Ihmhi (1206036)

        I don't know if I agree with that, though.

        I can understand additional definitions being added if a word acquires them through use of slang (i.e. "bad" equating to "good" is a prevalent example). However, the scholarly side of me has issues with a different definition supplanting the original meaning of the world, especially when it's tied to another language literal meaning. For example, the word "decimate" is sourced from the Latin word decimare, "to take the tenth part of anything". But nowadays, it's use

      • Re:WTF? (Score:5, Insightful)

        by ScrewMaster (602015) * on Sunday September 12, 2010 @10:02AM (#33552360)

        The meanings of words change, deal with it. In popular usage, hacker means someone who does illegal things with computers. I don't care if that wasn't what it was supposed to me, that is what it means. You have to deal with that in terms of common usage.

        The Hell I do. Every sub-group in a complex culture has its own terminology, its own private vocabulary, its own jargon. Doctors do, lawyers do, mechanics do, soldiers do, programmers do ... and I feel perfectly free to use the term "hacker" as it was originally intended when communicating with a group of largely like-minded individuals (like here, on Slashdot.) You either learn to communicate on our terms, or find another site that habitually uses the more common usage.

        It is silly to get all overly pedantic about it because it accomplishes nothing. You have to accept that languages are living things, and usages change.

        Sure it does, it accomplishes quite a lot, in fact. When people who regularly interact use certain words to mean certain things, to use as verbal shortcuts, it can enhance their communication. An outsider may find that confusing, but that's irrelevant ... either that person learns the jargon, or stays confused. In this case, you comprehend the true meaning of "hacker", but you just want all of us to use the corrupted popular term, one that you find more appealing.

        Thing is, there's no reason whatsoever that we should. I will continue to use the term "hacker" to mean someone who lives, eats, and breathes technology, and is always trying to push the limit, to see if he can make another hacker who is at least as good as he himself is say, "Whoa. Now that is cool."

        The popular media can go on about "evil" hackers trying to breaking into banks and classified military installations, but those of us who know better call such people what they are: criminals.

  • by Nom du Keyboard (633989) on Sunday September 12, 2010 @02:59AM (#33550978)
    Your iPhone is clearly not your friend, and this isn't the only story about why today. It's the fink waiting to rat you out at the first opportunity. Go look up the new Safari html 5 database tracking that uniquely identifies you to advertisers. Until the phone comes with strong enough encryption to defeat this hacker in addition to remote wipe that truly wipes the phone, you shouldn't be sleeping too well at night, courtesy of Mr. Steve Jobs.
    • Re: (Score:3, Insightful)

      by Super_Z (756391)
      Yes, because caching app data, inserting exif data in pictures, offering location service API to applications, storing SMS messages and storing browser history are unique to the iOS. As for "the new Safari html 5 database" storing unique IDs in Web SQL databases, this is a W3C specification also currently supported by Opera and Google Chrome. Not to forget that other browsers also stores unique IDs through flash-cookies.
      Why do you think that other mobile OSs like Android does not suffer from the same "pro
    • Re: (Score:3, Interesting)

      So your Droid has whole disk encryption ? What makes you think you're invulnerable to this kind forensics ?

    • Re: (Score:3, Insightful)

      by lordDallan (685707)
      Yes. And then you go to Settings->Safari->Databases and erase any databases you don't want to keep. Just like you clear out cookies you don't want. Cookies that allow "cookie tracking" that "uniquely identifies you to advertisers". From a "managing my private data on my iPhone" perspective, I happen to prefer the databases so far, because they are easier to identify and delete than cookies are.

      Also, as far as I can see, the databases are based on sqlite, making it really nice for web developers to
  • by AHuxley (892839) on Sunday September 12, 2010 @06:17AM (#33551580) Homepage Journal
    http://arstechnica.com/apple/news/2010/09/rldguid-tracking-cookies-in-safari-database-form.ars [arstechnica.com]
    I wonder how many will soon be tracked via Flash-based cookies and deep stored history options.
    The Safari database seems to be an open and safe way to track a user via a normal 'ad' after a site visit.
    Stop giving state task forces and feds signals intelligence via a next generation of toys in your pocket.
    Go simple and swap any used device out asap.
    Try a collection of dumb devices with no networking or life long databases.
    Recall the Malcolm X script... "Don't never write nothing down ....
    Cause if they can't find no [iphone] they ain't got no proof..."
    The serial numbers, hidden databases, location services ect, almost makes you think someone really put thought into tracking.
    Any ex CIA director's investment banks seed money linked to funding this stuff?
  • "...Savvy law-enforcement agents armed with search warrants can use those snapshots to see if a suspect is lying about whereabouts during a crime."

    Yes, and now that it has been announced to the world, saavy criminals will figure out a way to turn off this caching.

    It really does amaze me sometimes the blind ignorance in thinking there are no criminals out there that are computer saavy that also might happen to read articles online.

    Sometimes, the best "secrets" are ones that you keep that way.

  • Apple can easily change this and / or make so if you jailbreak then EULA says you no longer have the right to use ios? so you are stealing ios? Just like how they calm that useing payed boxed copys of osx non apple systems is stealing.

  • As the article states, Jonathan Zdziarski has been doing this for several years. He's the author of iErase/iWipe [saurik.com] (which seems to have been in the App Store previously but is Cydia-only now), runs iPhoneInsecurity.com [iphoneinsecurity.com], and has a blog with quite of bit of stuff related to iPhone forensics and security [zdziarski.com]. He even has a post specifically addressing the "screenshot leak" [zdziarski.com].
  • by katorga (623930)

    Why would anyone use an expensive smart phone to handle communications for illegal enterprises? Cheap, pre-paid, zero audit trail phones are the way to go. Why ditch a $600 phone every few days?

You are in a maze of little twisting passages, all alike.

Working...