How cops hack your cellphone in 90 seconds

Posted on Sunday, April 24th, 2011 in data transfer, documentation, News, tools by the machinegeek

You may have seen reports in the media recently, such as this MSNBC report highlighting the practice by police of extracting data from the cellphones of innocent civilians. While we’re not going to discuss the political or legal aspects of this practice, from a hacker perspective it’s interesting to know what type of tools and equipment are being used. (After all, whether you’re Arduino or PIC, Propeller or CPLD, we all carry cellphones.)

Cellebrite, Inc., is an example of one of the companies producing the types of data extraction devices noted so far. Here’s a link to the corporate page for the Universal Forensics Extraction Device (UFED). Their support page has some interesting docs to download! Don’t forget to view their library of instructional videos. You may want to see if your phone is on this list of phones vulnerable to UFED.

This entry was posted on Sunday, April 24th, 2011 at 4:00 pm and is filed under data transfer, documentation, News, tools. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

5 Responses to “How cops hack your cellphone in 90 seconds”

  1. Chuckt says:

    You might want to archive the MSNBC article because they have a habit of taking the articles offline in a very short period of time.

  2. Brainiac27 says:

    This is not really new, cell phone stores use the exact same thing. Same arrow keys and center button setup. It has the same form factor and same features. Only difference is that the cell stores use it to copy data back onto the phones as well.

  3. Carlos says:

    So what you are telling me is that on my Android device I should use an exacto-knife on the data leads for USB; then create an app that looks like a lock screen but forces my jailbroken device to go into it’s recovery mode when it detects the device being plugged into power and perform a 3 pass zeroing of the attached SD Card and the Flash ROM locations. It wont delete all the data due to wear leveling but a good portion of it would and it effectively bricks the device but also preventing the officers from getting any information off me.

  4. WestfW says:

    Is a warrant required to read your cellphone?

  5. Kevin Groce says:

    Devices like this have been around for ever. I remember using Cellbrite stuff to transfer data from devices that had been damaged. The only reason it is now an issue is the technology has advanced to the point that now everything is done on the wireless devices. Another reason I don’t own a smart phone yet.

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Joe Desbonnet: Ya, I can recommend the low melting point solder. I used brand 'ChipQuik' and it's amazingly easy to use.
  • Jerome: I need a new BusPirate for the Fablab ;) Many thanks!
  • Max: Seems like an unexpectedly violent way to remove the chip indeed. A hot air station should of course do the job just fine, but in...
  • jose: Part removal described here is pure butchery, the cheapest hot air station will do a fast and clean job removing the QFP, heat air to...
  • Cody: Yes please