Remote wiping thwarts secret service

Remote wiping thwarts secret service

Summary: Smartphones that offer the ability to "remote wipe" are great for when your device goes missing and you want to delete your data so that someone else can't look at it, but not so great for the United States Secret Service (USSS).

SHARE:

Smartphones that offer the ability to "remote wipe" are great for when your device goes missing and you want to delete your data so that someone else can't look at it, but not so great for the United States Secret Service (USSS).

USSS

(Credit: USSS)

The ability to "remote wipe" some smartphones such as BlackBerry and iPhone was causing havoc for law enforcement agencies, according to USSS special agent Andy Kearns, speaking yesterday on mobile phone forensics at the AusCERT 2010 security conference.

The problem is that accomplices can remotely wipe the phones if the agencies don't remember to remove the battery or turn off smartphones before sending them off to the forensics laboratory, he said.

"So if you've got a suspect and you take the cell phone away from him, and he's got somebody on the outside that can help get on the [remote wipe] website to get his phone wiped, all your evidence is gone before you get a chance to examine," he said.

Kearns said he'd never personally faced the situation, but he knew other examiners who had.

"Sometimes you'll get a cellphone that comes in that is wiped, [but] it's not all that common," he said. Agents were trained to incapacitate devices, but Kearns cautioned that not all enforcement agencies had the same knowledge.

"Hopefully our officers are putting the cell phones in a Faraday bag that is shielded, pulling the battery [out] and turning them off [before] getting them into the shielded laboratory."

Ben Grubb is attending AusCERT 2010 on the Gold Coast as a guest of AusCERT.

Topics: BlackBerry, Apple, iPhone, Mobility, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • They should just keep the phone in a Faraday cage once they get it. Wrap it in aluminum foil, then do your testing in a large F-cage facility. Won't even have to turn the phone off. Silly government.
    fromeout11-07669
  • with new smartphones, they can just program in a failsafe if the battery is not taken out - if no phone signal if available for x amount of time, assume phone has been compromised, execute wipe.
    eli3k@...
  • Or, they could just turn the phones off, and still be able to retrieve the data in stead of spending time and money on building ridiculous cages for mobile transport and around forensics labratories. Problem solved. Silly poster.
    dhoward86
  • A really old PDA I had had a secondary (non removable) battery in it that could no doubt be configured to do wipes. There's a lot of possible things you could do with a relatively open OS like Android.
    meski.oz@...
  • This is 51% fake news, they can still recover the data.
    In a few years it might be true, but not today.
    scott2010au