From Wired How-To Wiki
Attention Californians, do you know what's on your cellphone?
You'd better, because when police arrest anyone in California they can search that person's mobile phone. That means the police would have access to your email, call records, photos, text messages and GPS data. It could even mean the police would be able to access your bank records, files on your home computer, travel plans and countless other tidbits of data that are stored on your phone — all without the need for a warrant.
Warrantless searches like those California legislators were trying to block are becoming more common. The state of Michigan has even equipped its officers with smart phone forensic devices that they have been using to pull data from phones during routine traffic stops.
Want to stop big brother from sinking his teeth into your data? Well, it's not easy to do. In fact, you probably can't stop determined experts from getting into your phone. You can, however, put up some roadblocks that will slow them down and most likely stump the average person — law enforcement or otherwise — from accessing your data. Here's our guide to securing your mobile phone.
Lock it down
Password-protecting your smartphone should be a no-brainer. If you haven't already, turn on the password lock feature on your phone. It's a mild inconvenience to type your password every time your phone comes out of sleep mode, but it's your best first line of defense against would-be snoops.
If your phone allows it, set it up to automatically wipe your data after a few failed password attempts. That way, should anyone try to guess your password they'll automatically delete your data after a few tries. Be careful though, the data gets deleted whether it's a cop trying to hack your phone or just your toddler playing around with it.
The U.S. courts are, thus far, unclear on whether or not you can be compelled to hand over your password to law enforcement. If nothing else having one in place should help buy you some time to get in touch with a lawyer or wipe your data remotely (see below for details).
Button it up
While it isn't absolutely foolproof, full-disk encryption is the best, most practical method of safeguarding your phone's data from the prying eyes of law enforcement (or just that creepy guy who found your phone in a bar).
Sadly most phones don't support full-disk encryption. Apple's iOS 4 introduced a feature dubbed "data protection," which encrypts some types of data when the phone is locked or turned off. There are encryption APIs in iOS so other apps can protect your data, but how many actually do is unclear and support varies on an app-by-app basis. There is no way to completely encrypt your iPhone.
Android doesn't fair much better. So far Android doesn't offer a built-in encryption option though there are some third-party apps that can do it. If you have a Nexus S or Nexus One the new Whispercore app can do full disk encryption. If you've got a different Android model and you're looking for a full disk encryption solution, well, you're not alone. Even DARPA, the famed U.S. Defense Advanced Research Projects Agency, has put out a call for help when it comes to finding full-disk encryption for Android.
Wipe it Away
What to do if the cops seize your phone and take it off to the bat cave where powerful hackers will defeat all your best encryption tools? Remote wipe it of course.
If you've got an iPhone, set up Find My Phone, which includes an option to delete all your data from afar.
Blackberry users have several options, but for individuals the easiest thing to do is set up Blackberry Protect.
One problem with remote wipes is that it's easy to defeat -- just remove the SIM chip. If there's no way to connect to your phone there's no way to wipe it. Another problem is that in some cases wiping your phone might be considered destruction of evidence.
Smartphone security is just beginning to get off the ground. Right now our phones seem more like fun little toys to tote around than potentially incriminating data stores, but that's starting to change. At the moment Blackberry remains the most secure platform out there thanks to its strong background in enterprise and business environments. After that iOS and Android both offer similar features, though both can, with access to right tools, still be compromised.
Original article by Scott Gilbertson, Wired.com.
This page was last modified 22:07, 12 October 2011 by howto_admin.