Some smartphones might soon be downright criminal. That is now possible due to some of the latest work by computer scientist Karl-Johan Karlsson. This past January at the Hawaii International Conference on System Sciences, he presented his research as Jesse Emspak explains (“Data Mask” Scientific American, June 2014, p. 24):
“By modifying the operating system of an Android-based smartphone, [Karlsson] put decoy data on it—innocent numbers, for example—so that the real data escape forensics. . . . Karlsson tested his hack on two forensics tools commonly used by police departments. Both can retrieve call logs, location data and even passwords. When he ran his modified system, the tools picked up the false information that he programmed into the phone and missed the real contents.”
Before you ask why we would create something like this, remember that we must constantly strive to be at least one step ahead of the criminals. Only by creating this kind of a system can we begin to understand how to circumvent it. Once again, we are reminded that cybersecurity is the war that never ends.