Navid Sobbi of NSI (National Surveillance & Intelligence) shows how easily information can be retrieved from your phone. Picture: Szilvasi Attila
DELETED texts, hidden pictures and your GPS location can easily be retrieved from your smart phone and this use and abuse of phone forensics is growing.
She knew it was a risk fighting her son's deception with treachery of her own. But a mother's concern for her adult son's safety meant she had to act.
He was mixing in bad circles. His behaviour was erratic. She assumed he was taking drugs but there was no proof. And without proof, she had no way of helping him.
So Sydney mum Rachael stole her 25-year-old son's mobile phone and gave it to a private investigator.
"I did feel bad. But at the same time I knew I had to do something to protect him because I knew that something was not right and I was extremely worried about him," she said.
The PI's investigations confirmed her worst fears.
He extracted deleted text messages and phone numbers - information her son thought was erased.
Rachael had the detail she needed - the who, the where and the when. She now knew how to help him. In doing so, she had to 'fess up to the breach of privacy.
"He does know. And he doesn't hold that against me at all. He said 'Mum you did the wrong thing. I'm angry about it but I know it's ended up the right thing'."
Five months on and her son has broken ties with the "bad crowd" and is receiving professional help for his problems.
Phone forensics is a growing part of detective work for private investigators and law enforcers.
But you don't have to be a criminal to get caught by your smart phone. Anyone with a mobile phone is leaving an electronic trail that could potentially expose every detail of their personal routines and thoughts. Even "deleted" information is not safe from prying eyes. Your phone can potentially open you to scrutiny on a very personal level.
The information it holds can be taken out of context and used against you. Or worse, used to steal your identity. Just how comfortable are you, knowing that your iPhone can talk?
Australians love their smart phones. Thirty-seven per cent of the population uses one, the highest number behind Singapore. And we're complacent about them.
Many of us don't realise just how much information is stored there and we don't even bother to secure the data we do know about. Research by IT company Unisys has revealed six out of 10 Australians don't bother with a PIN.
"The majority of Australians are leaving themselves vulnerable to cyber-crime and identity theft by simply not bothering to lock their mobile devices with a password or PIN.
"Think of the vast amount of information that can be found on most mobile phones - phone numbers, addresses, birthdays and even bank account numbers - all of which can be used to re-create someone's identity," says John Kendall, National Security Program Director, Unisys Asia Pacific.
But this information is just a small part of the detailed profile on you that can be retrieved from your smart phone.
"Everyone has smart phones and iPhones and android phones nowadays hold too much information," says private investigator Navid Sobbi from security firm National Surveillance and Intelligence.
"From the data we analyse we can determine GPS location, how many times the phone has been connected to the computer, how many times it's been connected to your charger. We can access deleted text messages, picture messages, emails and depending on the phone, Facebook messages and data.
"Pretty much anything."
In one case Mr Sobbi was handed a phone with just six text messages on it. In a short time he was able to extract 136 deleted text messages. Nothing is gone forever, he points out; it's simply hidden beneath layers of electronic files. That's something that worries civil libertarians.
"I think the average Australian isn't aware of how much information is stored on their iPhone or other smart phone. Every message that you send, even if you delete it later, is still stored in the phone's memory and may only be actually gone after a significant period of time later," says the director of Civil Liberties Australia, Tim Vines.
For that reason, smart phones are like striking gold for private detectives, who have changed the way they do business. The long days in dark sunglasses with long-lens cameras are fewer now. Instead, phone forensics is a smarter way to expose double lives and infidelity.
Hackers don't even need the help of a PI to undermine your phone security. Leave your phone lying around and it can be turned into a spy phone. Software can be installed which enables someone else to give the phone commands, such as forwarding text messages and even operating the phone's camera.
"I actually had a case like that recently," says Mr Sobbi. "The person's phone was hacked, the Facebook content was being copied and pasted and sent by email to the person's contact list. So it appeared he was having an affair when he wasn't."
As you sit reading this article, your smart phone is pin-pointing your location. Turning the GPS off in your iPhone settings doesn't stop that. Your mobile keeps a record of where you are every 15 seconds and stores it. That kind of data is especially useful for law enforcers. In the old days we left a physical fingerprint. These days we leave an electronic one.
Data stored deep within the framework of our phones can help detectives crack cases where traditional work led to a dead end.
Take the case of Paul Wilkinson, convicted of the murder of his lover Kylie Labouchardiere.
Wilkinson was a former Aboriginal liaison officer with the NSW police force. He was having an affair with Labouchardiere and police believe he killed her when she was pregnant, luring her to an isolated location. Her body was never found and Wilkinson led police on a frustrating chase for years, with false stories and retracted admissions.
It was the phone records of the pair that gave weight to a largely circumstantial case. In the four months until she disappeared, there were more than 23,000 phone contacts between them - 168 text messages a day.
Police were able to determine that Kylie and Wilkinson were in frequent contact on the day she disappeared, during a train trip to Sydney.
Phone records showed that at the end of the trip, at 9.11pm, their mobile phone calls bounced off the same tower in Sutherland, indicating they were in the same small area. It was the last time there was recorded contact between the pair.
According to the latest report from the Telecommunications Intercept Act, phone records were even used by councils to chase up unpaid fines.
The war on drugs was the main target, accounting for 1222 cases of phone tapping in the past year. There were 491 phone taps for murder, 104 for terrorism, 11 for people smuggling or sexual servitude and three for child pornography.
Australian police accessed the data in 298 mobile phones. It's called "stored communications" with ISPs and phone companies providing access to SMS and emails. NSW accounted for 89 of those cases, but only secured two convictions. There were 33 convictions nationally.
It's not a great strike rate but NSW Police say phone forensics is a crucial part of modern detective work.
"Electronic evidence plays an increasing role in the work of NSW Police. However, for investigative reasons, it is not appropriate for police to discuss details of the methods used to extract evidence from electronic devices," NSW Police said in a statement.
Phone forensics has added a new layer to courtroom drama. Frequently cases are being played out not so much to the "whodunit" but the who-texted-it.
The public got to read the humiliating text messages from former DJs boss Mark McInnes imploring Kristy Fraser-Kirk to drop her harassment suit against him.
He wrote in a text: "Kristy if I go public and leave, the press will be terrible 4 me and you ... they will hound you ... please I beg you not to destroy my life, I will come to any arrangement u deem appropriate .. im so sorry .. mark."
In the case against Peter Slipper by former adviser James Ashby, the courts have seen dozens of texts. From Slipper; from Ashby; from journalists they've communicated with; from politicians on both sides.
Simple text messages meant for one person's eyes only have been viewed by hundreds of thousands of people after being presented before trials then re-published in the media.
In The Star casino scandal, owners Echo Entertainment Group admitted leaking to the media private emails and text messages between the premier's then-communications director, Peter Grimshaw, and his partner, then a human resources executive at Star.
More texts were presented as evidence before a public inquiry into Star, which the owners claimed to be proof of a vendetta against casino bosses.
In the Star and the Slipper cases, the texts represented tricky territory.
The take out? Nothing is sacred on a work phone. Even if you're texting someone else's work phone, according to Workplace law specialist Joydeep Hor from firm People + Culture Strategies.
"It's strongly advisable to employees that they remember, at all times, that it is company property and that it can be required to be surrendered to the employer ... Once surrendered, the employer can go through everything without any limitations. There's no privacy considerations that would be at all relevant in those circumstances," Mr Hor said.
It is legally acceptable for employers to forensically examine a phone to extract old messages, including those deleted, he said.
If someone is suspected of having divulged confidential information or having engaged in harassment or bullying towards a co-worker, the employer can, and quite commonly does, conduct a forensic examination of company provided phones and computers.
If your phone is a private one and you are suspected of being involved in a crime, police have every right to seek a warrant, take your phone and forensically examine it.
What if your phone ends up in a river? Your texts will still be present on someone else's phone. If their phone ends up in a river? Well, the times of your text messages, the name of the recipient and the location they were sent from, are recorded by telcos. Everything you post on social media, email to colleagues and even delete are able to be accessed later.
Of course if you're doing nothing wrong, you have nothing to hide. Tim Vines from Civil Liberties disagrees. He argues we should still have a right to privacy.
"I think that not just Australians but everyone in developed countries is being desensitised to their loss of privacy," he says. "That's not to say these services are bad for you, it's more that people aren't aware of exactly what information's being stored, who's storing it and what it's used for."
In a controversial proposal by federal Attorney-General Nicola Roxon, currently being reviewed by a parliamentary joint committee on intelligence security, the telephone and internet data of every Australian would be retained for two years.
That means intelligence agencies could access records of where, when and who you sent text messages and emails to, because your phone provider is required to store them for 24 months.
Similar proposed reforms to help intelligence agencies in the UK were met with fierce opposition.
"It's exactly the same as saying to Australia Post that it's required of them to photocopy the front and back of every piece of mail you receive. No one in Australia would consider that acceptable. Just because it's electronic communication, it doesn't make it any more acceptable," said Mr Vines.
No comments:
Post a Comment