[cryptography] Commercialized Attack Hardware on SmartPhones

Tom Ritter tom at ritter.vg
Sun Mar 2 12:10:44 EST 2014


On Mar 2, 2014 11:47 AM, "Kevin" <kevinsisco61784 at gmail.com> wrote:
> Tom:
> Pherhaps I am in the dark about this, but I'm sure attacking android is
quite simple as mobile security is farely new.  I have to wonder why you
are asking?

If it's simple, surely there are product descriptions, manuals,  commercial
offerings, leaked documents, tutorials, etc?  I mean we have all that for
testing mobile apps, web apps, disk forensics, those portable power
machines that let you move a server without powering out down etc...

I'm asking specifically because I want to understand the risk between a
powered on vs a powered off phone that was seized by police.  I understand
the password complexity issues, the tools for forensic acquisition of
unlocked phones, the tower and IMSI catching interception/tracking
concerns, how better it is to have no phone or a burner phone etc. It's
just the info on this particular corner is lacking.

(The info on iPhone data recovery via jailbreaks is also a mess but I'm
just going to have to try and test that stuff, it's documentation is not
very good.)

-tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140302/67a69dce/attachment.html>


More information about the cryptography mailing list