Knowing what's on your phone--and on those of your employees

By Andy Oram
July 14, 2008 | Comments: 2

The pressing question for talkative people today is not "Who's on the phones?" but "What's on the phone?" The amount of information you're packaging up in an easy-to-transport box csn be discomforting.

Jonathan Zdziarski, while helping to develop an open toolkit for the iPhone, uncovered a fascinating trove of information that the iPhone offers to anyone who knows how to get at it. Just a sampling includes:

  • Deleted email, SMS messages, voice mail, and search strings that are still in the cache
  • Direction lookups using Google Maps and satellite imagery
  • Screenshots of private data taken automatically whenever the home
    button is pressed
  • Deleted photos and other personal information that the user expected
    to be thoroughly expunged
  • The typing cache, which saves phrases you've typed in order to adapt
    the iPhone to your behavior

All this is obviously of value to law enforcement, to corporations trying to legitimately investigate abuses such as sexual harrassment or stolen trade secrets, and others who get access to cell phones. A phone can tell the person who gets his hands on it who you are, whom you know, where you've been recently (if you use Google Maps) and what you're interested in (through search strings).

Beyond this, a cell phone ties you to every computer with which you've synched it. Both the phone and the computer have information identifying the other device reliably. But we shouldn't be too surprised. The past decade in computing has been a tug of war between centralization and personalization.

First we throw all our data on servers, in clouds, on Amazon's S3, on Google Docs, etc., for the convenience of being able to get at it wherever we go. Then we bring the data back to us again in various caches at very distances from us--proxy servers at the origin and destination sites, content delivery networks such as Akamai, caches on local systems--in order to improve response time.

Two interesting articles in this regard are Brian Hayes's "Cloud Computing" in the most recent Communications of the ACM (July 2008), and Kevin Kelly's "The Planetary Computer" in the most recent WIRED (July 2008; see also "One Huge Computer" in the previous issue).

Now for a commercial pitch. Jonathan, who wrote the surprising hit iPhone Open Application Development--nearly a cult classic--earlier this year and is working on a version that covers Apple's official toolkit, now provides never-before-published guidelines to getting information off of an iPhone and on the computers to which it has synched. His iPhone Forensics is currently offered in RoughCut online format, covering versions of the iPhone up to 1.4, and will be released as a print book later this year with 2.0 information.

You might also be interested in:


I knew I wasn't the only one who thought that the iPhone's vaunted security enhancements were a farce!

This is very interesting. I work in a computer forensics position and have had cases where the trail of computers that the phone connected to was if special interest.

Popular Topics


Or, visit our complete archives.

Recommended for You

Got a Question?