Wednesday, April 20, 2011

Smartphones: Is it worth it?

Many years ago, I can remember the delight attendees at DefCon II had at learning how they could easily eavesdrop on others (and make free phone calls) by abusing a poorly installed PBX phone system at Circus Circus in Las Vegas.

It was so simple to use a scanner (or even another cell phone, like my Motorola Microtac Ultra-Light) to listen to people on their cordless phones or analogue cell phones sitting nearby.

I was so excited, then, when I heard about all of the new digital telephony standards that would make such eavesdropping impossible.

Fast forward more than a decade and many of us are carrying smartphones that have a handy built-in GPS.  That GPS is great when you want to find a good taqueria nearby, or get turned around walking in an unfamiliar city - but not great when police start pulling the data off of your phone with no warrant!

Seems far fetched and paranoid, doesn't it?  Well, I found out today that Apple is storing all of your locations on your iPhone (and transferring it to your "host" computer that you sync with) in an unencrypted file, along with nearby wifi information.  I'm sure this is for some future app that will tell you where to go for free wifi, or something, but the privacy implications are staggering!

Combine that with the fact that some Michigan police officers are carrying around mobile phone "extraction" devices that they are using in some routine traffic stops to download GPS information along with photos and text messages from people ... without a warrant!

Surely we shouldn't have to give up this information just because we want the convenience of finding a great place for beer?  Well, we can't say that Susan Landau didn't warn us...many times.