Feeds

Handset makers, the criminal's friend

See no evil, speak no evil

SANS - Survey on application security programs

Last month the United Arab Emirates mobile operator Etisalat tried to sneak malware onto customers' BlackBerry handsets. But what pushed an operator to try such an underhand trick, and do so in such an inept manner?

The snooping software was pushed out as an upgrade, authorised by the operator but almost certainly at the behest of the local government. In reality the package was designed to intercept email communications of selected individuals, but didn't work very well and was rather poorly written.

While inept, the attempt serves to highlight the challenge facing law enforcement around the world: manufacturers aren't interested in helping police recover data from criminals, or bodies, data that can be that can be protected by something as complex as the encryption used on the BlackBerry or something as simple as a handset locked with a PIN.

Users can, of course, lock their SIMs too: but the SIM is owned by the network operator, and can be unlocked using a PIN Unlock Code - or PUK - supplied by that operator. In the UK a fairly comprehensive system exists to allow police to extract data from network operators, with some judicial oversight and budgetary considerations that prevent fishing expeditions.

Police at the scene of a crime, or on discovering a body, will grab any mobile phones nearby for analysis, and can expect to get historical call and location information from the operator.

Silent witness

The operator will also supply the PUK code, if necessary, allowing officers to extract the SIM address book, SMS messages received and the last location in which the phone was used. But that's nothing compared to the data stored on a modern handset, which is also available to police as long as they've not switched the phone off or allowed the suspect/corpse to switch on any kind of lock.

In these days when hackers are threatening to take control of everything from mobile phones to fridges, one might imagine that it would be relatively easy for the police to extract the information a handset in their possession. But you'd be sadly mistaken. Going back a few years, it was true that handsets capable of connecting to a PC yielded their contents pretty easily. Less intelligent handsets such as the Nokia 1100, 1600 and 2310 were much more difficult to open up.

Intensive work has now switched that around, with the better-equipped terminals now being much more secure as the mobile forensics industry has prised open the secrets of the dumb handsets.

And "prised open" is the right term - none of this work has been supported by the manufacturers who have no motivation to help the law enforcement community or their subcontractors. The recent case accusing West Yorkshire police of copyright theft would not have happened if Nokia and friends had shared the codes in the first place.

The data in question had been reverse engineered by Forensic Telecommunications Services (FTS), at its expense. FTS claims West Yorkshire coppers neglected to repeat this work - but why should the UK taxpayer be paying anyone to reverse engineer mobile-phone security when the data is sitting around in Finland?

3 Big data security analytics techniques

Next page: Don't care to share

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.