If you lose possession of an Android phone, your PIN or pattern unlock might not be enough to protect the sensitive data stored on it. Not, at least, after it’s spent an hour in a hacker’s freezer.
A pair of researchers at Erlangen University in Germany have shown that a trick known as a “cold boot attack” can read data from a Samsung Galaxy Nexus running the latest version of Android, even when the phone is protected by a PIN and has its storage disk encrypted. They call their technique FROST, or Forensic Recovery of Scrambled Telephones. By simply cooling the phone to around five degrees Fahrenheit and quickly rebooting it, Tilo Mueller and Michael Spreitzenbarth found they could read data from its memory including images, emails and web browsing history, as well as the key that in some cases allows them to decrypt the phone’s encrypted storage disk.
The researchers found that in that cold state, they could quickly remove and replace the battery while holding the phone’s power and volume buttons, which causes the phone to quickly reboot in “fastboot mode.” The entire process takes less than half a second, they say, and allows them to offload the phone’s RAM via USB while it still contains the cold, digital leftovers from before it was switched off.
The researchers say they haven’t yet tested the attack on other phones, but believe that it would likely be much more difficult on iOS.
See more photos of their technique here.
As of today, you can’t unlock a carrier-subsidized smartphone on your own before the contract associated with it runs out without technically running afoul of the Digital Millennium Copyright Act. .
To its credit, the CTIA has painted a clearer picture of the potential legal penalties of unlocking a phone on its official blog. Sadly, those penalties aren’t inconsequential:
Civil penalties are based on the carrier’s actual damages and any additional profits of the violator, or a court can award statutory damages of not less than $200 or more than $2,500 per individual act. Criminal penalties are even more severe: any person convicted of violating section 1201 willfully and for purposes of commercial advantage or private financial gain (1) shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and (2) shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.
So yes, unlocking your phone without your carrier’s explicit approval is technically verboten. But let’s not forget what this particular change doesn’t mean — the police most likely aren’t going to knock down your door because you felt the compulsion to free your phone from your carrier’s shackles. It also doesn’t mean that the stash of old phones nestled in your drawer can’t be unlocked — so-called “legacy” devices are exempt from silly change, so feel free to take your old phones and show them a little bit of freedom. You can still buy unlocked phones from eBay and Amazon like you always could, and hey, some phones sold by carriers are unlocked right out of the box anyway.
CES isn’t really the place for phone and tablet fever, as most vendors are still hawking the phones they just released for the holiday shopping season. But look around enough, and you’ll still find some interesting mobile devices, usually from companies that are still trying to establish a presence. Here are some of our favorite phones and tablets from CES 2013.
It’s been an interesting CES this year, as the mobile space was surprisingly lacking with the handfuls of device that are usually announced. While we saw a few Windows Phone 8 handsets pop up from both Samsung and Huawei, an odd amount of tablet/phone hybrid devices, annoyingly aka phablets, were announced. While we wouldn’t go as far to say that 2013 will be the year of phablets, it’s definitely been interesting to see the amount of them coming out of CES this year.
As screen sizes on smartphone increase with seemingly every generation, would you consider buying a phablet as your next primary device?
Microsoft have sent out word that it will “retire” its Messenger online chat feature on March 15 and replace it with the Skype internet telephony service it bought last year. Microsoft sent an email message advising Messenger users to update to Skype using their same account information in advance of the deadline.
Microsoft bought Skype for $US8.5 billion in 2011.
New year comes with glows of hopes in our mind
It gives us new confidence and courage for a fresh start
Happy New Year and all the best for new ventures!
Apple and Intel are working together to create a Bluetooth-equipped smartwatch in 2013, according to one Chinese technology news source. Tech site TGbus says the watch would connect to the iPhone, allowing you to remotely operate the phone from your wrist.
That means you could send out text messages, answer calls, or even update your Facebook status on the device while your iPhone is in a pocket or charging nearby.
Merry Christmas to everyone on here and their families. Travel safe over the holidays and have a Happy New Year.
PokeTALK will always make your life easier connecting you with your loved ones!
vText lets you receive and send SMS, via an android mobile phone.
Install vText app on each iPad and android phone(OS 2.2 and later), login your Google account on iPad (needs to become the exact same account you use to login Android phone), enable push notification in iPad vText app, and you might be all set.
Once ever your Android phone gets an SMS, your iPad will receive a push alert, you may read the message and reply directly in the app. Since all SMS are transferred through your android phone, a 10-20 seconds delay per message is expected.
Further details: http://downloads.zdnet.com/product/2094-75826991/
The Samsung Galaxy Camera is part of a new class of device. The whole device is slightly heavier than your average smartphone, probably to accomodate the 16 megapixel camera with 21x optical zooming lens.
On top of the camera features, this is a camera that lets you check your email. Or surf the Web. Or read an e-book. The Galaxy Camera runs a modified version of Android 4.1 Jelly Bean, and even connects to the Google Play store.
Here’s where I think the Galaxy Camera could use a little work. Right now, the Galaxy Camera is an exclusive to AT&T (although a Verizon version is rumored to be in the works) and you have to be a customer of theirs to use it. It uses HSPA+, which is faster than standard 3G networks but slower than LTE 4G.
There’s no Wi-Fi only version, although AT&T does appear to offer a month-to-month pricing plan.