Mobile Security–A Locked Device to Most

Just how secure is your iPhone/Moto X/Galaxy S6,456,789?  As it turns out, pretty damn secure… provided you’re not concerned with law enforcement’s access to your data.  Law Enforcement does not need your permission, your passwords or even your name to see everything in every corner of your mobile life.  All they need is your phone.

Got your attention?  Good.  It should.

As I oftentimes do, I found myself in a rathole in the last week and half through a rather random moment; I’d found three decrepit Droid X’s that my wife and I had used until about 2011.  With a gaggle of kids and a penchant for doing a ton of mobile work, there were undoubtedly treasures to find across the phones, but the question was, “How?”

After a few minutes of tinkering, I was able to get the devices to power on, and even was able to access one of the three phones–without knowing the lockscreens, associated Google accounts or even having WiFi access (remember, all phones were deactivated, so none were operable on their carrier’s network)… but only because I’d rooted and re-imaged the device once upon a time and had a penchant for leaving USB debugging enabled.  (“What’s ‘rooted’ mean?”)

So, how hard can it be to unlock the other two time capsules?  I thought, “Okay, let’s be logical here–the technology is over three years old, and we live in an age of access.  Motorola and LEO’s (law enforcement officers) gain access to effectively all devices these days, how hard would it be to crack a marooned Gingerbread (2.2.1) phone?”

As it turns out, pretty damn hard for a civilian, depending on your scenario.

My scenario was thusly:

1) No PIN/pattern known

2) No WiFi—No WiFi means no Google synchronization.  No Google synchronization means the trick of downloading a “unlock” app, letting it sync to your device and waiting for it to work was not going to work for me.

2) No root access—The remaining phones had never been rooted.  An unlocked bootloader was irrelevant to this issue because Motorola only recently began to broadly support this concept (mid-2012) and did not roll it back to the Droid X.  Root access was always obtained through code exploits.

So what does that rule out? ClockWorkMod and TWRP, for one, along with any other custom bootloaders.

3) No USB Debugging enabled—so no ADB or SDK options.

So what’s a guy to do?

I dug… and dug… and dug.  It was becoming less about the actual data and more about the challenge.  Cracking was a pasttime I loved as a kid—growing up on WarGames and Hackers and workstations abound in the 80’s and 90’s, it becomes an honestly-found way to pass the late Friday nights and summer days.  Surely I wasn’t going to let some tiny little obsolete device beat me.

What I found was fairly black-and-white—a lot can be done to get at a phone, IF the conditions above are met in some singular or combinatory manner.  However, if all options are off the table, civilians are SOL.

Civilians.

There are no less than a half-dozen hardware solutions (either dongle/software or full-size appliance/software combinations) that are able to either brute-force or otherwise exploit nearly every phone… and law enforcement agencies have access to every single one.  Only law enforcement.

White-hat guys who aren’t willing to associate themselves directly to an agency are unable to purchase the devices—so professional recovery services for damaged devices are somewhat crippled.  Not the Law, though.

Local, state and federal agencies can purchase these devices (see UFED for the leader of the pack) at a discounted rate, and now, a significant number of states have precedent to allow for phone search in any arrest.

Buckle down, folks.  You don’t have the means to search your phone devices, but if you get arrested, hey, make sure you have that old device handy—they can always search it for you!

Disclaimer:  The opinions expressed herein are solely those of Jamie Watt, and not of any parties, groups or employers to which he is associated. 

Advertisements

5 Lines a-Leaping… from Verizon.

UPDATE:  Corrected the pricing to reflect the 10GB and 8GB plans, VZW graciously noted that I was off by $10.00, and they were very much correct!  Fixed.

__

I’m a five-line subscriber with Verizon.  Currently, we have two smartphones with unlimited data legacy plans, and three “feature” phones with unlimited text.  We all share a 1400 minute airtime plan which includes a feature called “Friends and Family”—effectively, we pick ten popular callers and add them to this list, and the calls to these numbers don’t count against our overall tally.  With that in mind, we average 350 minutes a month; the remainder of the minutes do not roll over.  Oh, also, guess what?  If you drop below 1400 min on your plan, Friends and Family doesn’t apply.  So, onto the minutiae…

The primary line, a smartphone, was up for renewal and an upgrade.  In speaking with multiple reps, I discovered that the $250.00 we pay today for all lines, insurance on all phones and all taxes/royalties/etc, would go up significantly.  I have these ordered in terms of Most Expensive to Least Expensive changes.

  1. Option A:  Share Everything Plan, 10GB… this has been marketed as the way forward for a number of Family Plan users with Unlimited Data.  My wife and I consume an average of 4GB each a month today, so we would need at least an 8GB plan.  Minutes and text across all lines are unlimited.  “Dumb” phones are $30.00 monthly, smartphones are $40.00 monthly, and the data plan pricing sits on top (in this case, 8GB is $100.00).  32% increase
  2. Option B:  Share Everything Plan, 8GB… All lines unlimited minutes & text.  6Gb shared for the two smartphones.  (This is important, watch.)  28% increase
  3. Option C:    “Amortized” Pricing… change nothing, purchase new smartphones at cadence of 1 device per year.  (Any upgrades for the feature phones are eliminated from this example as it would be the same across all examples.)  At an average of $600.00 for a device.
  4. Option D:  All lines share 1400 minutes, unlimited text.  5GB data per smartphone.  16% increase

Table:

  Current Plan:

  • 5 lines, 1400 min
  • *2 smartphones, unltd data
  • *3 feature phones, unltd txt
Share Everything (10GB) Share Everything (8GB) Amortized (Full-Price Phone / Same Plan) Individual Data (5GB x 2 lines)
Monthly Impact: +$80.00 +$70.00 +$50.00 +$40.00
Yearly Impact: +$960.00 +$840.00 +$600.00 +$480.00
% Impact: +32% +28% +20% +16%

You might ask, “Well, where’s your incentive?  WHY are they doing this?”

The argument from VZW (and other carriers) is simple:  People who use over 1GB of data are limited, and over 2GB, you’re in a scarce minority.

The truth?  Several blogs have re-evaluated these marketing figures since 4G’s prevalence has flooded the various markets and carriers.

Guess what?  On average, the HSPA+/LTE/WiMax user consumes at least 36% more data than a 3G user.  At least, and that number is going up all the time.  Why?  Let’s assume that the user doesn’t change their behavior at all—most streaming services, unless you consciously elect a specific setting, will upscale to match the bandwidth.  YouTube, Pandora, Netflix, Hulu… all yes.  So, are you doing anything different?  Nope.  Are you using more bandwidth?  Sure!

AT&T and VZW–in effect, a duopoly, given their coverage and capability when compared to all other US domestic carriers–have not come to terms with what this means, and appear to be in a transitional marketing/costing state that costs the user more.  Sprint, the coattail-hanger, is banking on this selling point, and offers unlimited data FOR LIFE.  However, they don’t have a great overall footprint outside of metro areas.  So what’s great about Sprint?  It’s for life, and Softbank acquired 76% of them in July of this year.  They’ve bought out the balance of Clearmax (WiMax’s daddy) and are committed to increasing their capability across the board.  T-Mobile is cheaper, but only deceptively so, given that they have a new (and awfully cool, if you’re okay with the pricing) BYOD structure that reduces the plan cost by about 40% from the norm, while allowing the user to either purchase or amortize the device cost at their leisure.

What does all this mean?  It means that we’ll likely see a re-evaluation of plans and pricing in another year or two, especially as you see VZW begin to invest in the advancedLTE footprint (AKA “5G”).  It means that, if you paid less before for unlimited, you’ll pay significantly more now for a smaller slice of the pie that you may or may not have used.  It means that the carriers are still learning.  Biggest meaning?  It means that we pay and pave the way for this learning curve.

Verizon and AT&T—you have the footprint, the infrastructure and the wallet for it.  Be the first ones to truly fix this mess, or you may see a larger “churn” (customer loss) % in the coming years to your smaller brethren.

…and me?  I’ll probably have to go to Option D.  I have 5 kids, and while I’d like to use the amortization notion, standing on principle doesn’t always work when you’re faced with principles or pizza night in the Watt household.

/seacrest out