Is Smartphone Security Good Enough?

Would you object if a police officer stopped you for speeding, then took your phone and cloned all its data--including photos, videos, e-mails, and recent GPS locations?

By Keir Thomas
Wed, April 20, 2011

PC World — Would you object if a police officer stopped you for speeding, then took your phone and cloned all its data--including photos, videos, e-mails, and recent GPS locations?

If you get pulled over by the Michigan State Police, this might be a reality, courtesy of handheld phone cloners that are designed for forensics use but which the American Civil Liberties Union (ACLU) claims are being used by patrol officers.

The ACLU has asked to see logs for any devices used this way, and the Michigan State Police responded by demanding half a million dollars to pay for retrieving the information. The ACLU has replied with a public letter (PDF link) mentioning constitutional rights and litigation, and that's where the matter rests at the moment.

It's alleged that the police force is using CelleBrite UFED devices out in the field. The handheld tool can quickly clone the data stored on more than 3000 different phone models, even if that data is protected by a PIN. It can even access deleted data no longer accessible by the owner of the phone.

It should be noted that, in a comment on the Popular Mechanics reporting of the issue, somebody claiming to be a former Michigan State Police officer says the ACLU has got it wrong, and that the police gave only five of the units, used in the forensic labs only after an arrest has taken place.

Whatever the case, the advice is simple: If you're stopped by the police and they ask if they can search your phone, simply refuse. The ACLU implies that state police in Michigan are cloning phones not by forcing people to hand them over, but simply by asking. Remember that they might phrase the request obscurely--such as, "Do you mind if we take a quick look at your phone?"-- so be on your guard. However, the whether cell phones are protected by the Fourth Amendment against searches is still being hashed out in the courts.

Bigger questions are raised closer to home: Are cell phone manufacturers enacting enough technical barriers to protect the data on handsets from snoops, whether that's law enforcement or anybody else?

A lot of work has gone into protecting transmissions, but it's wrongly assumed that if a person or agency has physical access to the phone, then they can be trusted. This simply isn't the case.

Modern smartphones contain extremely personal records of our lives. If Near Field Communications (NFC) take-off then phones may literally become our wallets when we use them to pay for purchases.

1 2 next page »

Originally published on www.pcworld.com. Click here to read the original story.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

You are here: Technology Topics » Mobile/Wireless » News

Most Recent Mobile/Wireless Stories

White Papers »

Gartner Report on BYOD: Media Tablets and Beyond

This research assesses the impact of the growth in media tablets and other "off desktop" form factors entering IT deployments and makes recommendations on building an enterprise management plan based on industry best practices.

BYOD Policy Implementation Guide

This BYOD implementation guide from Absolute Software provides three simple steps to legally secure and manage employee-owned devices within a corporate environment.

The most simple & secure solution for Intranet access from mobile devices

The promise of enterprise mobility means that employees are more productive and address business issues in a timely, untethered manner.

Mobile Middleware Strategies

Learn why a mobile development platform is critical to be able to support today's complex enterprise mobility strategies. Learn what to look for in a mobile development platform and how apply these tools whether you're developing a dedicated app for one device or multiple apps running across multiple devices.

Native & HTML5 Mobile Apps: Not an either or, but a where and when

Learn how developers are using HTML5 and native development methods to build mobile apps. Get practical insights on how these tools are being used, what's driving their usage, and how to choose the best development approach for your business.

The Evolution of Enterprise Mobile App Development

Driven by explosive growth in smartphone and tablet sales, enterprise mobility has become an essential part of business. Organizations across industries are developing internal- and external-facing mobile applications that drive revenue, build brand loyalty, strengthen communication with partners, and enhance employee productivity. Learn how keeping pace in this market requires an agile, flexible, and iterative approach to application development.

Webcasts »

Set It & Forget It - Apple Devices in the Enterprise

Ben Snyder, Desktop Support Analyst at Under Armour, discusses how this fast-growing company with thousands of mobile employees uses an automated process to manage its mix of PC and Apple devices from a single console.

Take Control and Empower users with BlackBerry Mobile Fusion from RIM

At one time, a smart phone was only on executive tool that increased productivity. But now, more employees than ever before are bringing their own mobile devices and tablets into the workplace. CIOs must satisfy this new class of users but they need the tools to manage the growing number of devices and tablets over a wider variety of mobile operating systems.

Join David Heit, Senior Director of Product Strategy for Research In Motion (RIM) and award-winning technology editor Stan Gibson for a look at the forces that are transforming mobile IT today. In this Webcast you will learn about BlackBerry(R) Mobile Fusion and now you can manage and secure BlackBerry(R), iOS and Android(TM) devices all from one unified interface.

Mobility KnowledgeVault

How "mobile ready" is your infrastructure? This Mobility Knowledge Vault provides a wide variety of expert advice on how to strike a balance between end user ease-of-use and security. Prepare your organization with primers on data encryption and user authentication, device disablement and devising an employee-liable device strategy that makes both IT and users happy.

Successful Mobility: Access and Performance Anywhere

Today's workforce is truly mobile. At the office, from customer sites, even at home or in a hotel - their connectivity and application performance needs remain the same. But even though their requirements don't change, the challenges in meeting their expectations do.

Workday's Mobile Solution for iPad

Stay connected while on the go
As the workforce around the world becomes more mobile, enterprises are enabling their workers to stay informed and connected while on the go. Deploying Workday's cloud-based mobile solutions could not be easier!

Embracing BYOD: Best Practices from the Front Lines

Mobility is reshaping business worldwide. It's also reshaping how IT operates, fueled by the "Bring Your Own Device" trend, a trend that's been in the making since at least 2008. In this webcast, you'll learn how world IT leader SAP has embraced BYOD for lower costs, higher employee satisfaction and better business outcomes.

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter