topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday March 18, 2024, 10:21 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Mobile Security and Privacy Landscape  (Read 2219 times)

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Mobile Security and Privacy Landscape
« on: February 25, 2013, 07:39 PM »

HTC Settlement Could Alter Mobile Security and Privacy Landscape
 
HTC America's settlement with the U.S. Federal Trade Commission on Friday has the potential to revamp not only how hardware manufacturers handle the security and privacy of mobile devices, but how carriers do so, as well.

“In many ways, this settlement is a shot across the bow of the handset and wireless industry and their practice of selling and abandoning devices after a few months,” said activist Chris Soghoian, principal technologist and senior policy analyst with the American Civil Liberties Union. “If I’m in those businesses, I’m seriously looking at this settlement.”

http://threatpost.co...acy-landscape-022513

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Mobile Security and Privacy Landscape
« Reply #1 on: February 27, 2013, 04:06 AM »
This sounds like all the more reason to decouple the carriers, hardware manufacturers, and the OS.

You can't decouple hardware SDKs/APIs, but there's no good reason why the OS can't be. Sure, some math issues for some chips, but still, those aren't that hard to work around with things like conditional compilation. (I've got a math issue on a couple of my devices in some cases - Raspberry Pis.)

Actually, it would be cool to see a hardware add-on to turn a Raspberry Pi into a smart phone! :D
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: Mobile Security and Privacy Landscape
« Reply #2 on: February 27, 2013, 05:09 AM »
It's something to be aware of and keep an eye on.

This ACLU article discusses some reasons why. Because when you get down to it, a smartphone can easily become a spy that lives in your pocket.
 :o

New Document Sheds Light on Government’s Ability to Search iPhones
By Chris Soghoian, Principal Technologist and Senior Policy Analyst, ACLU Speech, Privacy and Technology Project & Naomi Gilens, ACLU Speech, Privacy and Technology Project at 10:11am

Cell phone searches are a common law enforcement tool, but up until now, the public has largely been in the dark regarding how much sensitive information the government can get with this invasive surveillance technique. A document submitted to court in connection with a drug investigation, which we recently discovered, provides a rare inventory of the types of data that federal agents are able to obtain from a seized iPhone using advanced forensic analysis tools. The list, available here, starkly demonstrates just how invasive cell phone searches are—and why law enforcement should be required to obtain a warrant before conducting them.

Last fall, officers from Immigration and Customs Enforcement (ICE) seized an iPhone from the bedroom of a suspect in a drug investigation. In a single data extraction session, ICE collected a huge array of personal data from the phone. Among other information, ICE obtained:

  
  •   call activity
  •    phone book directory information
  •    stored voicemails and text messages
  •    photos and videos
  •    apps
  •    eight different passwords
  •    659 geolocation points, including 227 cell towers and 403 WiFi networks with which the cell phone had previously connected.
.
.
.
The type of data stored on a smartphone can paint a near-complete picture of even the most private details of someone’s personal life. Call history, voicemails, text messages and photographs can provide a catalogue of how—and with whom—a person spends his or her time, exposing everything from intimate photographs to 2 AM text messages. Web browsing history may include Google searches for Alcoholics Anonymous or local gay bars. Apps can expose what you’re reading and listening to. Location information might uncover a visit to an abortion clinic, a political protest, or a psychiatrist.

In this particular case, ICE obtained a warrant to search the house, and seized the iPhone during that search. They then obtained a second, separate warrant based on probable cause before conducting a detailed search of the phone. However, even though ICE obtained a warrant for this cell phone search, courts are divided about whether a warrant is necessary in these circumstances, and no statute requires one. As a result, there are many circumstances where police contend they do not need a warrant at all, such as searches incident to arrest and at the U.S. border.
...

 8)
« Last Edit: February 27, 2013, 06:11 AM by 40hz »