Local police confiscate a suspected drug dealer's phone—only to find that he has called his mother and no one else. Meanwhile a journalist's phone is examined by airport security. But when officials look to see what is on it, they find that she has spent all her time at the beach. The drug dealer and the journalist are free to go. Minutes later the names, numbers and GPS data that the police were looking for reappear.
A new programming technique could bring these scenarios to life. Computer scientist Karl-Johan Karlsson has reprogrammed a phone to lie. By modifying the operating system of an Android-based smartphone, he was able to put decoy data on it—innocent numbers, for example—so that the real data escape forensics. He presented the hack in January at the Hawaii International Conference on System Sciences.
Karlsson tested his hack on two forensics tools commonly used by police departments. Both can retrieve call logs, location data and even passwords. When he ran his modified system, the tools picked up the false information that he programmed into the phone and missed the real contents.
Even though his hack was successful, Karlsson says it is not going to stop a sophisticated analysis by the FBI or the NSA. Such a hack, however, could make it difficult to try some criminal cases. A phone that tells two stories complicates things.
Mikko Hypponen, a prominent computer-security expert, says Karlsson's modification is another stage in the arms race among spies, law enforcement and users. It also highlights the effort to find ways to protect legitimate needs for privacy. “This kind of tool,” he says, “can be used for good or bad.”