Hacker News new | ask | show | jobs
by nadams 3914 days ago
> When they arrest you and take your phone (or anything electronic, really) the first thing they do is clone the memory

Depends on the situation. If it's a raid due to software piracy - then probably. If they pulled you over for speeding and arresting you - they probably won't or even know what to look for.

And I really can't think of a way to clone a device like an Android device without unlocking it. ADB now a days requires your explicit permission from a prompt. And if you are like "oh they have ways" I would be very interested in that because that sounds like whatever they are doing are using an exploit or some sort of back door.
2 comments
cvwright 3914 days ago
Behold the Samsung Anyway Jig: http://forum.xda-developers.com/showthread.php?t=1629359

The link is a few years old. No idea if there is a current version that works on modern phones, but it seems reasonable to assume there would be.

link
nadams 3914 days ago
I found this article [1] and I'm already suspect of FUD.

The first part talks about bluetooth pairing with the device - which requires unlocking. The second page talks about unlocking an iPhone with plist files from a synced computer. So it's not a matter of some magical device that can backdoor a phone - but rather using interfaces that already exist.

I found this company [2] and it has the usual marketing ploy - but a quick google search doesn't reveal any actual reviews of people using it. I can paragraphs of marketing spin but no one actually saying "we used this to get into cell phones that were password protected".

I'm not saying it's not possible - I just find it hard to believe without it making modifications to the underlying software (ie flashing a ZIP on android that zeros out the pin password or something).

[1] http://arstechnica.com/tech-policy/2011/04/michigan-state-po...

[2] http://www.cellebrite.com/Mobile-Forensics/Products/ufed-tou...

link
tsotha 3914 days ago
>And I really can't think of a way to clone a device like an Android device without unlocking it. ADB now a days requires your explicit permission from a prompt. And if you are like "oh they have ways" I would be very interested in that because that sounds like whatever they are doing are using an exploit or some sort of back door.

No, they don't need to use any kind of exploit. They have hardware that allows them to clone the the device's memory. I doubt it has to be on at all.

There's no way to secure a device if the attacker has physical access. The best you can do is secure the data with encryption.

link