Hacker Teaches iPhone Forensics To Police

Ponca City, We love you writes "The Mercury News reports that former hacker Jonathan Zdziarski has been tapped by law-enforcement agencies nationwide to teach them just how much information is stored in iPhones — and how to get it. 'These devices are people's companions today,' says Zdziarski. 'They're not mobile phones anymore. They organize people's lives. And if you're doing something criminal, something about it is probably going to go through that phone.' For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it. Savvy law-enforcement agents armed with search warrants can use those snapshots to see if a suspect is lying about whereabouts during a crime."

your own personal lo-jack

[romanval]

You would think most criminals would know not to carry a cell phone at all, since the cell towers tracks and record their location at every moment.

Re:More good resons for not buying a iPhone (iSpy)

[99BottlesOfBeerInMyF]

It is also illegal when your electronics spy on you. So in fact apple software breaks the law by taking a screen shot of the map application and storing it.

As far as I know, caching an image by the OS is not illegal in any jurisdiction. Taking an image and transmitting it to someone who is not the owner of the device, without their permission would be a problem in some jurisdictions. But then, that's not what anyone is claiming is happening.

Re:iPhone secret screenshots?

[Graff]

"For example, every time an iPhone user closes out of the built-in mapping application, the phone snaps a screenshot and stores it." - TFS What?

It's called caching. When an iPhone application switches to another application it can quickly store an image of the app's current state. When the user switches back it displays that image while the real view is being built. That way the user gets an immediate view of the last state of the app rather than having to wait around for that state to be re-built.

Your desktop computer's web browser (and many other programs and devices) does the same thing, it stores data for quick access and responsiveness. You'd be surprised at just how many devices use this technique, the iPhone is far from the only device to cache data.

It's a smart technique but yeah, if you're committing crimes then too bad for you. I'd suggest that maybe you shouldn't be using ANY electronic device during a crime that you don't completely understand what data it sends and stores and how to deal with it before it becomes evidence.

WTF?

[Runaway1956]

Just WTF is a "former hacker"? That's like a "former scientist" or a "former student" or - - I suppose if you accept "hacking" to mean "criminal cretin living in his mother's basement breaks into email accounts and spreads bots around the internt" - then someone COULD be a "former hacker". A real hacker never stops hacking. It's more than a way of life - it's a way of thinking!

Re:More good resons for not buying a iPhone (iSpy)

[acedotcom]

one thing i have noticed is that google maps stores the voice cache right at the top of the SD card in its own folder. so anyone with an SD card reader can plug in your phone and listen to the voice prompts for your route. i am sure that it using the same kind of caching for screens....but you dont need to be a "hacker" to find the voice prompts.

Re:your own personal lo-jack

[Anonymous Coward]

Not true; there are many ways the police can get your prints without you ever being a criminal. Concealed carry permits require you to submit prints, and so does the Military. In fact, I remember hearing some controversy when I was a kid because the police were collecting students prints from school, under the cover of showing kids how law enforcement works.

Zombie Flash cookies and going deep

[AHuxley]

http://arstechnica.com/apple/news/2010/09/rldguid-tracking-cookies-in-safari-database-form.ars [arstechnica.com]
I wonder how many will soon be tracked via Flash-based cookies and deep stored history options.
The Safari database seems to be an open and safe way to track a user via a normal 'ad' after a site visit.
Stop giving state task forces and feds signals intelligence via a next generation of toys in your pocket.
Go simple and swap any used device out asap.
Try a collection of dumb devices with no networking or life long databases.
Recall the Malcolm X script... "Don't never write nothing down ....
Cause if they can't find no [iphone] they ain't got no proof..."
The serial numbers, hidden databases, location services ect, almost makes you think someone really put thought into tracking.
Any ex CIA director's investment banks seed money linked to funding this stuff?

Re:Criminals usually aren't very smart

[Sycraft-fu]

My favourite was a guy who got busted stealing change out of newspaper machines. This was maybe 10 years ago. While more people bought the paper then as opposed to now, it still isn't what you'd call real brisk business, especially since they are cheap. What's more, those things are rather solidly built to withstand the rigors of being outside all the time. It took this guy a good amount of effort to get in to one, and he'd get a few bucks for his troubles. The cops said he literally could have made more per hour of work at McDonalds than doing this.