Welcome to the APBWeb.
Results 1 to 9 of 9
  1. #1
    Piggybank Cop's Avatar
    Piggybank Cop is offline Nobody important.
    Join Date
    05-17-06
    Location
    Richmond VA
    Posts
    2,207
    Rep Power
    645057

    Don't Keep Secrets on Cell Phone

    AP: Don't Keep Secrets on Cell Phone
    By TED BRIDIS, Associated Press Writer

    WASHINGTON - Selling your old phone once you upgrade to a fancier model can be like handing over your diaries. All sorts of sensitive information pile up inside our cell phones, and deleting it may be more difficult than you think.

    A popular practice among sellers, resetting the phone, often means sensitive information appears to have been erased. But it can be resurrected using specialized yet inexpensive software found on the Internet.

    The married man's girlfriend sent a text message to his cell phone: His wife was getting suspicious. Perhaps they should cool it for a few days.

    "So," she wrote, "I'll talk to u next week."

    "You want a break from me? Then fine," he wrote back.

    Later, the married man bought a new phone. He sold his old one on eBay, at Internet auction, for $290.

    The guys who bought it now know his secret.

    The married man had followed the directions in his phone's manual to erase all his information, including lurid exchanges with his lover. But it wasn't enough.

    A company, Trust Digital of McLean, Va., bought 10 different phones on eBay this summer to test phone-security tools it sells for businesses. The phones all were fairly sophisticated models capable of working with corporate e-mail systems.

    Curious software experts at Trust Digital resurrected information on nearly all the used phones, including the racy exchanges between guarded lovers.

    The other phones contained:

    _One company's plans to win a multimillion-dollar federal transportation contract.

    _E-mails about another firm's $50,000 payment for a software license.

    _Bank accounts and passwords.

    _Details of prescriptions and receipts for one worker's utility payments.

    The recovered information was equal to 27,000 pages _ a stack of printouts 8 feet high.

    "We found just a mountain of personal and corporate data," said Nick Magliato, Trust Digital's chief executive.

    Many of the phones were owned personally by the sellers but crammed with sensitive corporate information, underscoring the blurring of work and home. "They don't come with a warning label that says, 'Be careful.' The data on these phones is very important," Magliato said.

    One phone surrendered the secrets of a chief executive at a small technology company in Silicon Valley. It included details of a pending deal with Adobe Systems Inc., and e-mail proposals from a potential Japanese partner:

    "If we want to be exclusive distributor in Japan, what kind of business terms you want?" asked the executive in Japan.

    Trust Digital surmised that the U.S. chief executive gave his old phone to a former roommate, who used it briefly then sold it for $400 on eBay. Researchers found e-mails covering different periods for both men, who used the same address until recently.

    Experts said giving away an old phone is commonplace. Consumers upgrade their cell phones on average about every 18 months.

    "Most people toss their phones after they're done; a lot of them give their old phones to family members or friends," said Miro Kazakoff, a researcher at Compete Inc. of Boston who follows mobile phone sales and trends. He said selling a used phone _ which sometimes can fetch hundreds of dollars _ is increasingly popular.

    The 10 phones Trust Digital studied represented popular models from leading manufacturers. All the phones stored information on "flash" memory chips, the same technology found in digital cameras and some music players.

    Flash memory is inexpensive and durable. But it is slow to erase information in ways that make it impossible to recover. So manufacturers compensate with methods that erase data less completely but don't make a phone seem sluggish.

    Phone manufacturers usually provide instructions for safely deleting a customer's information, but it's not always convenient or easy to find. Research in Motion Ltd. has built into newer Blackberry phones an easy-to-use wipe program.

    Palm Inc., which makes the popular Treo phones, puts directions deep within its Web site for what it calls a "zero out reset." It involves holding down three buttons simultaneously while pressing a fourth tiny button on the back of the phone.

    But it's so awkward to do that even Palm says it may take two people. A Palm executive, Joe Fabris, said the company made the process deliberately clumsy because it doesn't want customers accidentally erasing their information.

    Trust Digital resurrected erased e-mails and other information from a used Treo phone provided by The Associated Press for a demonstration after it was reset and appeared empty. Once the phone was reset using Palm's awkward "zero-out" technique, no information could be recovered. The AP already used that technique to protect data on its reporters' phones.

    "The tools are out there" for hackers and thieves to rummage through deleted data on used phones, Trust Digital's chief technology officer, Norm Laudermilch, said. "It definitely does not take a Ph.D."

    Fabris, Palm's director of wireless solutions, said the company may warn customers in an upcoming newsletter about the risks of selling their used phones after AP's inquiries. "It might behoove us to raise this issue," Fabris said.

    Dean Olmstead of Fresno, Calif., sold his Treo phone on eBay after using it six months. He didn't know about Palm's instructions to safely delete all his personal information. Now, he's worried.

    "I probably should have done that," Olmstead said. "Folks need to know this. I'm hoping my phone goes to a nice person."

    Guy Martin of Albuquerque, N.M., wasn't as concerned someone will snoop on his secrets. He also sold his Treo phone on eBay and didn't delete his information completely.

    "I'm not that kind of valuable person, so I'm not really worried," said Martin, who runs the http://www.imusteat.com Web site. "I guarantee that three-quarters of the people who buy these phones don't think about this."

    Trust Digital found no evidence thieves or corporate spies are routinely buying used phones to mine them for secrets, Magliato said. "I don't think the bad guys have figured this out yet."

    President Bush's former cybersecurity adviser, Howard Schmidt, carried up to four phones and e-mail devices _ and said he was always careful with them. To sanitize his older Blackberry devices, Schmidt would deliberately type his password incorrectly 11 times, which caused data on them to self-destruct.

    "People are just not aware how much they're exposing themselves," Schmidt said. "This is more than something you pick up and talk on. This is your identity. There are people really looking to exploit this."

    Executives at Trust Digital agreed to review with AP the information extracted from the used phones on the condition AP would not identify the sellers or their employers. They also showed AP receipts from the Internet auctions in which they bought the 10 phones over the summer for prices between $192 and $400 each.

    Trust Digital said it intends to return all the phones to their original owners, and said it kept the recovered personal information on a single computer under lock and disconnected from its corporate network at its headquarters in northern Virginia.

    Peiter "Mudge" Zatko, a respected computer security expert, said phone owners should decide whether to auction their used equipment for a few hundred dollars _ and risk revealing their secrets _ or effectively toss their old phones under a large truck to dispose of them.

    What about a case like the Lothario whose affair Trust Digital discovered?

    "I'd run over the phone," Zatko said. "Maybe give it an acid bath."


    Nice to know info.
    We are the thin blue line
    between you
    and all the money in the world.

    And no you can't have any.

  2. #2
    Virginian's Avatar
    Virginian is offline Major
    Supporting Member Lvl 2
    Join Date
    12-28-05
    Location
    Virginia
    Posts
    3,647
    Rep Power
    8590745
    Then there's my solution - don't buy a phone so expensive I'd want to sell it when I'm done with it Being cheap has its advantages. I always just donate mine to the domestic violence groups, who give them to DV victims to call 911 if needed.

  3. #3
    Piggybank Cop's Avatar
    Piggybank Cop is offline Nobody important.
    Join Date
    05-17-06
    Location
    Richmond VA
    Posts
    2,207
    Rep Power
    645057
    Quote Originally Posted by Virginian
    Then there's my solution - don't buy a phone so expensive I'd want to sell it when I'm done with it Being cheap has its advantages. I always just donate mine to the domestic violence groups, who give them to DV victims to call 911 if needed.
    Info is still on it.
    We are the thin blue line
    between you
    and all the money in the world.

    And no you can't have any.

  4. #4
    Virginian's Avatar
    Virginian is offline Major
    Supporting Member Lvl 2
    Join Date
    12-28-05
    Location
    Virginia
    Posts
    3,647
    Rep Power
    8590745
    Quote Originally Posted by 1sgkelly
    Info is still on it.
    If the victims of DV have the software to extract my contacts list, they're welcome to call my friends and family all they want

  5. #5
    CountyFourteen's Avatar
    CountyFourteen is offline Sergeant
    Verified LEO
    Join Date
    05-21-06
    Posts
    1,077
    Rep Power
    5395878
    I don't have anything "secret" on my cell phone.......if I give out my number here.......can a nice female give me a secret??? Oh wait, this isn't that kind of forum......oh well.....like I said, I don't have "secrets" on my cell phone.....
    Any Post I make is my opinion only!
    I do not have the authority or the permission to post for my Sheriff's Office.



  6. #6
    ghost98 is offline BEEN THERE BUT NOT EVERYWHERE
    Join Date
    06-27-06
    Location
    NYC
    Posts
    380
    Rep Power
    50847
    That was always in the back of my mind when sending sensitive e-mails/text messages. Now im throwing my old phones in the ocean....or my barbecue pit.............

  7. #7
    JLK's Avatar
    JLK
    JLK is offline Protecting Those That Can't Protect Themselves
    Verified LEO
    Join Date
    06-23-06
    Location
    memphis
    Posts
    1,606
    Rep Power
    1388293
    some people will do anything to get a date


    "A strong man stands up for himself. A stronger man stands up for others."
    Ben

    The old sheriff was attending an awards dinner when a lady commented
    on his wearing his sidearm. "Sheriff, I see you have your pistol. Are you
    expecting trouble?" "No Ma'am. If I were expecting trouble, I would have
    brought my rifle."
    (just stole this one hope you don't mind)


    The trouble with our liberal friends is not that they are ignorant,
    it is just that they know so much that isn't so.
    President Ronald Reagan



  8. #8
    Lo523's Avatar
    Lo523 is offline Master Officer
    Supporting Member Lvl 1
    Join Date
    04-16-06
    Location
    UK
    Posts
    1,353
    Rep Power
    2919842
    Well I'll be destroying my old phones from now on! Thanks for the info.
    Never approach a bull by the front, a horse from behind, or an idiot from any direction.

  9. #9
    Crimebytes2's Avatar
    Crimebytes2 is offline Banned
    Join Date
    04-14-06
    Location
    Council Bluffs, Iowa
    Posts
    2,005
    Rep Power
    0
    Quote Originally Posted by 1sgkelly
    "I don't think the bad guys have figured this out yet."
    Give 'em time.

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 3
    Last Post: 05-21-07, 05:20 PM
  2. Anyone else passionately hate cell phone companies?
    By Autumn2009 in forum General Topics
    Replies: 23
    Last Post: 03-23-07, 09:41 AM
  3. Things You Never Knew Your Cell Phone Could Do.
    By jrae in forum General Topics
    Replies: 17
    Last Post: 03-05-07, 09:27 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •