Police probe cell phones to thwart criminals
Tom Abate, Chronicle Staff Writer//Monday, September 8, 2008 (09-07) 16:07

Deep in the bowels of San Francisco's Hall of Justice, Sgt. Wayne Hom plugs in a USB key to activate a new high-tech tool that has become the delight of cops, the bane of bad guys and a cloud over civil liberties - a device to extract contacts, text messages, pictures and videos from cell phones.

"Around here they call me Inspector Gadget because I can wire just about anything," said Hom, a former gang task force officer who now battles crime digitally with a new genre of cell phone forensic extraction devices.

Hom said these devices - made by companies including Cellebrite, Data Pilot and Oxygen Software - often can extract text messages, pictures or contact lists that the phone owner thinks they have erased, so long as new data hasn't written over the old location in the cell phone's memory.

Robert Morgester, a California deputy attorney general and expert on the topic, said that since cell phone extraction devices became available in the past couple of years, they have quickly become vital tools in solving crimes.

"The reason why the cell phone is important is that you are carrying around a personal diary of who you talk to and often what you talked about," Morgester said in reference not to conversations but rather to texting, adding: "Youth today communicate through MySpace and texting."

Cell phone forensic extraction is a relatively new technology that grew out of a problem faced by consumers who switch cell phone carriers and want to port their old data to their new device, said Adi Ofrat, chief executive of Cellebrite, which has offices in Israel and New Jersey, one of the vendors the San Francisco Police Department uses.

Since 2000, his 70-person company has sold more than 50,000 office-based cell phone data conversion systems to mobile phone carriers worldwide, he said.

"About one-and-a-half years ago we were approached by certain government agencies that said, 'We would like for you to provide us with XYZ,' " Ofrat said in a telephone interview from New Jersey.

Different technologies
Hom said the law enforcement version of the cell phone extraction devices differs from the commercial technology in one important regard - the police device can only read data and cannot write back to the cell phone, in order to protect the integrity of evidence.

At his office in the Hall of Justice, he used a Cellebrite device to extract data from a visiting reporter's cell phone.

"The main information is the contact phone book and the text messages," he said. But sometimes photos or videos can be relevant. Even ring tones can be useful if, for instance, a witness in an investigation recalled hearing a particular tune during the commission of a crime - in which case a cell phone extraction could help implicate or exculpate a suspect.

Worried about rights
But attorney Kevin Bankston with the Electronic Frontier Foundation in San Francisco said the ease-of-use and portability of forensic cell phone devices has started to chip away at the constitutional protections against searches without a warrant. It's a complex issue that boils down to what a police officer can do "incident to the arrest," meaning without a warrant.

Jim Dempsey, a civil libertarian with the Center for Democracy and Technology, explained that officers can search a suspect and his or her property, such as a backpack, at the time of arrest. But he said this was meant to discover things like weapons that could harm the officer - while extracting data from a cell phone should generally be done later, after the phone is seized but not before a search warrant is issued.

Search warrants sought
So far, most court decisions involving this new technology have allowed police officers to use forensic devices to extract information without a warrant. But civil libertarians favor one ruling by a federal judge in San Francisco that pushed the sliding scales toward requiring a warrant to search cell phones in most cases.

How does this affect the Inspector Gadgets of this world?

"That's a very gray area," said Hom. He said that before he does extracts, "My current policy is, 'I want paper.' " Ideally, that means a search warrant, but Hom said that in cases such as kidnappings and other life-or-death situations, that paper could be a written statement by the investigating officer explaining why a cell phone extract had to be done at the time of arrest and before getting a warrant.

Hom said data extracted from cell phones have helped secure two robbery convictions and one murder verdict in San Francisco, but he declined to provide details as a matter of department policy.

Another evidence protection technology built into such forensic systems involves a form of encryption to seal the extract in what might be thought of as a tamper-proof digital envelope.

Encryption can be hacked
But encryption expert Nate Lawson, with the Oakland consulting firm Root Labs, said the MD5 encryption technology used by Cellebrite already has been hacked in a way that allows experts to manipulate data inside the envelope without detection. Lawson said forensic cell phone devices should upgrade their digital security envelopes to a stronger protection called SHA-256.

Cellebrite's Ofrat said that despite the theoretical possibility of hacks to MD5, the likelihood is low. "You'd have to have the best hacker in the world," he said. But his firm is studying SHA-256 and will move to that if it becomes an industry standard, he said.

Dempsey, the civil libertarian, said it's important for the public not to be so overawed by evidence obtained by high-tech tools so as to use it willy-nilly or to ignore the possibility of tampering.

Meanwhile, Morgester, in the California attorney general's office, said law enforcement is often caught one step behind in an endless sprint to understand technologies that can be used to either perpetrate or solve crimes.

"The state of California does not have a software lab for computer forensics or cell phone extraction," he said.

E-mail Tom Abate at [email protected]
http://sfgate.com/.../08/BUPA12OC2V.DTL
This article appeared on page D - 1 of the San Francisco Chronicle

Heard about this a long time ago. Its just like a computer hard drive but smaller. Thats why I never donated a old cellphone or anything. I smash them then burn them, then let them soak in water before trashing =)

I hear you can put the thinner ones through some of the better office-grade paper shredders. Take out the battery first naturally.

Who could actually be shocked by this? That a computer keeps track of your data? That is what they are designed to do after all. It's like ID10ts that post themselves committing crimes on UTube from their home PC and wonder how they got busted...

There's only one other way to truly torch a hard drive that you want to keep on using, other than smashing it to a million pieces or using a demagnetizer.

Even a reformat will not take everything off of it. You have to set up the operating system to do something after it reformats, set it up to write 0's or something to the drive. Just fill the drive with nothing but useless data so that it fully overwrites the previous data on that drive. The only way to truly destroy it and still keep the drive is to overwrite it. The Department of Defense uses this technique with binary sequences written to the sectors of the drive and it's overwritten up to 32 times for them. Myself, I find it safe after 10 or 12.

I used to have a little widget I got from Gateway that did that. You'd set your drive up to reformat, let it finish, then put the cd in the drive and it'd boot from it, and run this little program that would write 0's or gibberish letters and numbers to the drive, your choice.

I'm paranoid about the contents of hard drives. I use encryption software that will do that, it will destroy whatever is there if someone manages to hack into it, it'll destroy it by overwriting the data with 0's a few times. I'll also set it up to do that if I'm going to dispose of the drive or use something to demagnetize it.

You could just get it demagnetized or degaussed. I don't like the shredder idea myself, you could always just try to reformat it, there's got to be a way to set it up to overwrite the thing with 0's afterwards.

Shael

Posted by underdark I hear you can put the thinner ones through some of the better office-grade paper shredders. Take out the battery first naturally.

Oh, leave the battery in, it makes for a really good light show

I just do this

http://www.youtube...atch?v=k0TSyIn5KMo