Forgot your password?
typodupeerror
Encryption Cellphones Communications Handhelds Privacy IT

Encrypt Your Smartphone — Or Else 304

Posted by timothy
from the red-phone-repeat-red-phone dept.
pin0chet writes "Modern smartphones contain ever-increasing volumes of our private personal data — from text messages to images to emails — yet many smartphone security features can easily be circumvented by thieves or police officers equipped with off-the-shelf forensics equipment. Worse, thanks to a recent California Supreme Court ruling, police officers may be able to search your smartphone for hours without a warrant if you're arrested for any reason. Ars Technica has an article exploring the legal issues surrounding cell phone searches and explaining how you can safeguard your smartphone from the prying eyes of law enforcement officers."
This discussion has been archived. No new comments can be posted.

Encrypt Your Smartphone — Or Else

Comments Filter:
  • by Wrath0fb0b (302444) on Tuesday January 18, 2011 @09:37PM (#34923088)

    TFS:

    Worse, thanks to a recent California Supreme Court ruling, police officers may be able to search your smartphone for hours without a warrant if you're arrested for any reason.

    First, not all Americans live in California. Other States can (and have) interpreted their 4A equivalents to provide more or less protection than the Federal one.

    More to the point, it's probably not true that they can search your cellphone if you are arrested for any reason. Rather, the US Supreme Court explained recently in Gant[1], the idea is that the police can search for things "reasonably believed to contain evidence of the offense of arrest". So searching the cell phone of the CA drug dealer might come out differently than searching the cell phone of (say) a parole violator or a drunk driver.

    To be fair, Gant was an automobile search and the court might distinguish a cellphone from a car in some important sense. Nevertheless, the blanket statement in the summary is not likely to hold up if the police do not have some nexus between the arresting crime and the cellphone.

    And of course, Gant might be wrong as a matter of policy, although Orin Kerr has a very good writeup[2] of the extensive history of search incident to arrest in Anglo-Saxon law that's worth reading for some historical context.

    [1] http://www.law.cornell.edu/supct/html/07-542.ZO.html [cornell.edu]
    [2] http://volokh.com/2010/12/14/the-origins-of-the-search-incident-to-arrest-exception/ [volokh.com]

  • Re:How? (Score:4, Informative)

    by Gaygirlie (1657131) <gaygirlie@NOsPAM.hotmail.com> on Tuesday January 18, 2011 @10:07PM (#34923256) Homepage

    I found myself wondering about the headline if for %99 of the phone sout there it's actually impossible.

    I guess in most cases it is indeed impossible to encrypt everything; apps simply don't have low enough access to the filesystem and there is no way to use an encrypted filesystem. Parts of your data would always remain unencrypted and be recoverable.

    Android is very malleable but I doubt even that would support such without some heavy modifications. My Nokia N900 on the other hand could sport encrypted filesystems and home directory, thus encrypting everything but it's such a unique little thing that that's of no help here.

  • Re:How? (Score:3, Informative)

    by Anonymous Coward on Tuesday January 18, 2011 @10:23PM (#34923336)

    And the N900 has TrueCrypt -- I know of at least`3 guys running whole-filesystem encryption.

  • Re:How? (Score:5, Informative)

    by teridon (139550) on Tuesday January 18, 2011 @10:27PM (#34923356) Homepage

    Blackberries can be securely encrypted, but it caused me a unforeseen problem.

    I use my blackberry to filter incoming emails and alert me based on the message contents (or subject, sender, time of day, etc.) You can't do that with the default email program -- you have to get a third-party app.

    Unfortunately, if you encrypt the phone, the third-party app can't read the incoming emails anymore. It seems to be a platform limitation. (If someone can prove me wrong, please do so!) I *want* to encrypt my blackberry, but it would then become basically useless to me.

    I have a password on it, of course, but that's not nearly as good as using device encryption.

  • by betterunixthanunix (980855) on Tuesday January 18, 2011 @10:54PM (#34923494)
    Well, for starters, we have the right to privacy; apparently, though, that right is not respected anymore, so we really need to be taking matters into our own hands and reminding the government that we do not want them spying on us.

    Second, and probably the more practical reason, how do you know whether or not you are doing something illegal? There are a lot of laws on the books, and people can be arrested for all sorts of things that do not seem illegal but which actually are. I very strongly doubt that you can accurately claim to follow every law; you may even have committed felony offenses without realizing it. All it would take is a police department under pressure to engage in a crack down, or a cop who just does not like you, and you could find yourself arrested and in court (but they would never do that, right?).
  • Re:How? (Score:3, Informative)

    by natehoy (1608657) on Tuesday January 18, 2011 @10:57PM (#34923508) Journal

    No. BES (Enterprise) users have their data stored on the corporate Blackberry Enterprise Server, which is company equipment, and data is generally backed up by that server. BIS users have their stuff stored on the phone and you have to back it up to Blackberry Desktop if you wish to do that.

    Plus, merely getting their paws on your phone wouldn't be enough even if Blackberry did have it. They'd have to contact RIM, which is a Canadian company.

    My Blackberry is set with an 8-character moderately complex password, but the key is to have a try limit. If you enter a bad password ten times, my Blackberry will nuke itself clean of all data. Only music and pictures are unencrypted, the rest is a very hard nut to crack. Probably not impossible, but very tough.

"Card readers? We don't need no stinking card readers." -- Peter da Silva (at the National Academy of Sciencies, 1965, in a particularly vivid fantasy)

Working...