phone extraction device
Alex Samorukov
ml at os2.kiev.ua
Sun Oct 2 19:32:22 CEST 2011
On 10/02/2011 06:55 PM, Denis 'GNUtoo' Carikli wrote:
> On Sun, 2011-10-02 at 04:12 +0200, Rashid wrote:
>> "You may have heard about the Cellebrite cell phone extraction device
>> (UFED) in the news lately. It gives law enforcement officials the
>> ability to access all the information on your cell phone within a few
>> short minutes."
>>
>> http://translogic.aolautos.com/2011/04/29/police-device-used-to-steal-your-cell-phone-data-during-traffic/
>>
>> Does it work at free runners too? (Well a debug board could probably do
>> it but hey).
> I guess no one got one to test...
>
> PS: I wonder what's the relation between rooting a phone and that
> device(does the device need to root the phone to gather certain
> informations?).
>
As one of the ex. libsyncml developer i can add some details. There is
no "magic" here. When you are connected by cable to the typical phone,
you can:
1) Use syncml to fetch all contacts/notes/calendar events. There is no
authentication if you are using USB or Serial device.
2) OBEX protocol over USB or Serial usually also allows you to fetch a
lot of information from phone. Including phone book contents, SMS and
phone history.
3) AT modem on the most cheap phones (again - no password over serial
link) also adds a lot of "extended" features, e.g. you can work with
SMS, tel. history, make phone calls, send sms`s (it is very useful for
monitoring software or gateways) etc. I was using this on
Siemens/Nokia/Motorolla/Sony-Ericson and other devices. I am not
familiar with protocol on modern iphones/androids, but i am expecting
that they are not protected on usb connection as well.
So in practice its very easy to build such devices (with Linux on board,
hehe) and you don`t need to work in CIA for this, its could be done as
homebrew hardware. There is no known way to disable this functionality
in most of the phones. Locked/unlocked phone will work the same on such
interfaces.
Now back to OpenMoko. It depends on distro you are using (i am qtmoko
user) but typically there is nothing but ssh running on USB (USB over
Ethernet). If you setting up root password - then you are safe. There is
no way to extract any data without restarting the phone (or by using
debug board, what is also not possible w/o removing cover). If you are
very paranoiac about this - you can store all data in encrypted way
(using standard Linux tools for this) and disable all storage on the SIM
card.
The only problem i see in this method is that Police can get all this
information without touching your device, by requesting this information
from your network/roaming provider.
More information about the community
mailing list