ACLU Obtains Cell Phone Tracking Training Materials 33
guttentag writes "The New York Times has published a large collection of law enforcement training documents obtained by the ACLU. The documents describe in detail what kind of information can be obtained from cell phones and cell phone carriers, and how to obtain it. The 189-page PDF also contains dozens of invoices from the major carriers for their services to law enforcement that describe the fees for those services."
Re:Any suggestions further securing an Iphone? (Score:5, Informative)
No. The reason is they dump the contents of the phone. They don't actually utilise the phone itself. They just plug in a USB cable and can access the disk. Sort of like putting a device into mass storage mode where instead of the device being able to sync it can be used as an external hard drive.
They can actually do forensics of live devices (laptops, etc) under at least some circumstances through USB 3.0 (i believe) and firewire ports.By live I mean they access the ram of the device while it is running. So if for instance a device is connected to an Internet host somewhere they can insert commands and do other stuff to it. Or figure out what is being displayed on screen without having to break your password. They could for instance grab a security key if your device is encrypted.
Re:Any suggestions further securing an Iphone? (Score:5, Informative)
Can any of the programs available to jailbroken phones prevent scans?
You're using an iPhone and you have illusions about your privacy? Dude, have you read the EULA [apple.com]? Law enforcement has more restrictions on what it can and cannot do with your data than the manufacturer does, which is basically no restrictions. Worry less about what the ACLU found out and more about the people who made your phone.
"...you agree that Apple and its subsidiaries and agents may collect, maintain, process and use diagnostic, technical, usage and related information, including but not limited to information about your iOS Device, computer, system and application software, and peripherals, that is gathered periodically..."
"...To provide and improve these services, where available, Apple and its partners and licensees may transmit, collect, maintain, process and use your location data, including the real-time geographic location of your iOS Device, road travel speed information, and location search queries."
"These unique identifiers may include your email address(es), the Apple ID information you provide, a hardware identifier for your iOS Device, and your iPhoneâ(TM)s telephone number. By using the iOS Software, you agree that Apple may transmit, collect, maintain, process and use these identifiers..."
By the way, that's all on page 1. There are 96 pages after that.
Re:Any suggestions further securing an Iphone? (Score:5, Informative)
Here's what they can gather at a network level
1. Which antenna of what tower your phone last registered on (and possibly also RSSI).
2. Incoming and outgoing numbers dialed, call duration, and technical data during call (which towers, etc.).
3. Data ingoing/outgoing (including SMS) to the extent that they log it (ever notice the proxy under the APN settings?).
Once they have the device itself
1. Anything stored on the device (including SMS not stored on the SIM).
2. GPS history (and other debug information the device might have collected).
3. Contacts and other information in the SIM (provided you didn't lock the SIM, unless they get the PUK, which is mentioned in tfPDF).
The network-level stuff is controlled (in your phone) by the baseband chip and associated firmware
You're carrying an active transceiver that operates independent of your input (eg: there is no 'key' like in HF). Finding it will be easy. Tracking it will be easy.
Moxy Marlinspike (et.al.) have done some work on the upper layers with respect to anonymizing and/or encrypting the content of the communication, and there are several projects to help you secure the container (the phone itself), but realistically