Your iPhone is not safe

The average iPhoneA few days ago United Nations Deputy Secretary-General Jan Eliasson said that of the world’s seven billion people, six billion have mobile phones. However, only 4.5 billion have access to toilets or latrines. You can read the article by clicking here. I don’t know if it is stranger that I was reading the UN’s website or that they are saying more people have a cell phone than a loo. However I don’t doubt their facts. Cell phones have become such a huge part of our lives that clients joke about not being able to function without them. Not in the way the UN views the issue, but you know what I mean.

Which makes it all the worse when I have to sit down in the office with a client and tell them what the cops got off their iPhone. They just go ballistic when they see everything in the report. Kind of the same thing happens with bank records but we don’t take that stuff so personally. Cell phones are a combination of our secret best friends, confidential personal secretaries, and private journals all wrapped up in a little electronic package. Of course clients feel violated when the cops rampage through everything they though was secret.

I tell them that they have to be a little more careful next time because the cops have gotten really good at serving warrants everywhere. And I mean everywhere. They get a warrant for your email and computer records and suddenly your internet service provider is handing over huge amounts of information about all those weird sites you like, how often you visit them, and how much time you spent staring at what was there. They serve a warrant on every bank in town. The police will find your secret bank account and know exactly what you have been purchasing for both your girlfriend and your wife. All your email messages are stored in some gigantic electronic warehouse in Nebraska or somewhere and the police are going to get copies going back to the 90’s.

We live in a wired age and nothing is safe – or sacred. Nothing at all. You can say its scary or wrong or whatever you want but the fact is that law enforcement has really figured this stuff out and is watching. I sort of think that there are still too many of us and too few of them to monitor each of us all the time. That way I can still get away with stuff without landing on the no-fly list.

At least I hope so. I’m not sure, though. Every so often I see stuff about how some new federal program provided “assistance” to the local inter-agency narcotics team and it looks suspiciously like there is a spy satellite parked over my city. Or I get some police reports on a case and what isn’t blacked out for “National Security” leads me to think there is some kind of program going on that constantly searches every single one of our cell phone signals for key words.

I realize you think I’m going off on the crazy end here, but bear with me for a moment. A little while ago the government submitted a document in court in connection with a drug investigation and it provided a rare glimpse of the kinds of information that police can get off a seized iPhone.

This here is the Cellebrite UFED Touch Ultimate for all your phone cracking needs.
This here is the Cellebrite UFED Touch Ultimate for all your phone cracking needs.

The police ran the iPhone through a program designed to get everything off of it that would be valuable to law enforcement. If you are wondering if your Galaxy or Android phone is safe, the answer is no. Check out the Cellebrite website by clicking here. They boast of their ability to crack passwords and lift “call history, SMS messages, contacts, calendar, email, chat, media files, geo tags, passwords, location information (WiFi, cell tower and navigation applications) GPS fixes etc.” Read some of the other stuff on their website. It is scary.

Anyway, some of the data the report says they got from the iPhone isn’t too interesting, as the police are going to serve a routine warrant on your cell phone service provider anyway. They always get a list of all your phone calls for the past three years. But let me list some of the stuff they got off this iPhone so you get a feel for what they squeeze out of that device in your pocket:

  • Call activity (That was a given since the phone companies are going to roll over and give them your entire call history since you got your phone anyway)
  • Eight different passwords (Do you use the same password for everything to make sure you don’t forget it?)
  • Thirteen IP connections
  • Phone book directory information (Don’t rat on your friends)
  • Copies of stored voicemails, chat sessions, and text messages
  • 151 websites visited
  • Photos and videos
  • A list of all the applications the iPhone had installed on it
  • 659 geolocation points with dates of access including 227 cell towers, 28 ‘harvested wifi locations,’ and 403 WiFi networks with which the cell phone had previously connected
  • Six wireless networks the iPhone had used
  • 10,489 data files, some that were supposedly deleted by the iPhone owner but were recovered

iPhone search inventoryYou can read the actual original extraction report by clicking here. It’s not too big. You should read it to see what the cops can pull off your iPhone.

The report only listed the types of things that the iPhone gave up under interrogation. It’s hard to tell from the report what the details of the information were but things like those geolocation points are going to tell the feds approximately where you were standing when you were calling your bookie. The pictures and videos probably give the tech guys some laughs about how you enjoy cats doing funny things but their buddies noticed those pictures of large bales of illegal drugs in your garage.

Cellebrite also sells this convenient collection of connectors so you are never without a way to crack any cell phone on the planet.
Cellebrite also sells this convenient collection of connectors so you are never without a way to crack any cell phone on the planet.

I don’t do anything even mildly illegal with my iPhone. I even stay away from anything that could be, um, a little uncomfortable if my family read about it in the newspaper. But what I’m wondering is why we think it’s now OK for the government to get all this information about our private lives? And why isn’t Apple letting people actually and really delete stuff like old text messages and wifi network logs. There is no reason for Apple to keep that data except to cooperate with the government. I realize they kind of have to play ball and people should not be doing illegal stuff with their iPhones in the first place. But don’t we like to think there is a bit of privacy here? It seems like the government drew the line all by itself and it’s so far out there in favor of the feds that the idea of electronic privacy is a huge joke.

Of course in the case of the iPhone search I talk about above the government had a search warrant. There was a Judge or Magistrate looking this one over for probable cause and there is a process to review the reason for the search and whether the information seized should be suppressed. But what about border searches where the government doesn’t need a warrant? Sometimes border searches without warrants can occur pretty far from the actual border. The cops can just rip right through your iPhone without even telling you.

Or how about all those times you go through the line at the airport? Is there any reason why the government can’t set up an electronic surveillance booth and secretly scan everyone’s iPhone while you are putting the contents of your purse in one of those plastic buckets on the conveyor belt? I can’t tell but I doubt there is any technological reason why the government needs to physically possess your cell phone to get anything off of it.

And then there are the ‘searches incident to arrest’ and the ‘exigent circumstances’ searches. Both of those exceptions to the warrant requirement can be large enough to drive a truck through them. Just put one of these cell scanners in every cop car and let them drive around having fun, hopefully only when they are supposed to. Yikes. I think I might go back to the good old days of writing stuff down with an old fashioned pen. If I can find one.

-Samuel Owen

© Samuel Owen 2013. All rights reserved. Please read important notices and disclaimers by clicking here.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at

Up ↑

%d bloggers like this: