Used Cell Phones Contain Personal, Confidential Information

Aug 31, 2006

WASHINGTON (AP) -- Don't tell your cellphone any secrets. Passwords? Love talk? It might not keep them. It can all be retrieved. Security lapses arise after phones are resold

Second-hand phones purchased over the Internet surrendered credit card numbers, banking passwords, business secrets and even evidence of adultery.

One married man's girlfriend sent a text message to his cellphone: His wife was getting suspicious. Perhaps they should cool it for a few days.

"So," she wrote, "I'll talk to u next week."

"You want a break from me? Then fine," he wrote back.

Later, the married man bought a new phone. He sold his old one on eBay for $290 (U.S.).

The guys who bought it now know his secret. The married man had followed the directions in his phone's manual to erase all his information, including lurid exchanges with his lover. But it wasn't enough.

Selling your old phone once you upgrade to a fancier model can be like handing over your diaries. All sorts of sensitive information piles up inside our cellphones, and deleting it may be more difficult than you think.

Resetting the phone, a popular practice among sellers, often means sensitive information appears to have been erased. But it can be resurrected using specialized yet inexpensive software found on the Internet.

A company, Trust Digital of McLean, Va., bought 10 different phones on eBay this summer to test phone-security tools it sells for businesses. The phones were fairly sophisticated models capable of working with corporate email systems. Curious software experts at Trust Digital resurrected information on nearly all the used phones, including the racy exchanges between lovers.

The other phones contained:

• One company's plans to win a multi-million-dollar federal transportation contract.
• Emails about another firm's $50,000 payment for a software license.
• Bank accounts and passwords.
• Details of prescriptions and receipts for one worker's utility payments.

The recovered information was equal to 27,000 pages -- a stack of printouts 2.5 meters high.

"We found just a mountain of personal and corporate data," said Nick Magliato, Trust Digital's chief executive.

Many of the phones were owned personally by the sellers but crammed with sensitive corporate information, underscoring the blurring of work and home. "They don't come with a warning label that says, `Be careful.' The data on these phones is very important," Magliato said.

One phone surrendered the secrets of a chief executive at a small technology company in Silicon Valley. It included details of a pending deal with Adobe Systems Inc., and email proposals from a potential Japanese partner:

"If we want to be exclusive distributor in Japan, what kind of business terms you want?" asked the executive in Japan.

Trust Digital surmised the U.S. chief executive gave his old phone to a former roommate, who used it briefly then sold it for $400 on eBay.

Experts said giving away an old phone is commonplace. Consumers upgrade their cellphones on average about every 18 months.

"Most people toss their phones after they're done; a lot of them give their old phones to family members or friends," said Miro Kazakoff, a researcher at Compete Inc. of Boston who follows mobile phone sales and trends. He said selling a used phone - which sometimes can fetch hundreds of dollars - is increasingly popular.

The 10 phones Trust Digital studied represented popular models from leading manufacturers. All stored information on "flash" memory chips, the same technology found in digital cameras and some music players.

Flash memory is inexpensive and durable. But it is slow to erase information in ways that make it impossible to recover. So manufacturers compensate with methods that erase data less completely but don't make a phone seem sluggish.

Phone manufacturers usually provide instructions for safely deleting a customer's information, but it's not always convenient or easy to find. Research in Motion Ltd. has built into newer BlackBerry phones an easy-to-use wipe program.

Peiter "Mudge" Zatko, a respected computer security expert, said phone owners should decide whether to auction their used equipment for a few hundred dollars -- and risk revealing their secrets -- or effectively toss their old phones under a large truck to dispose of them.

What about a case like the Lothario whose affair Trust Digital discovered?

"I'd run over the phone," Zatko said. "Maybe give it an acid bath."

Tag This Page:  Digg  Del.icio.us  Reddit

Need More Information? Search the whole Web or just the Mobilook site here:

	Web Mobilook

Top Pages on Mobilook

• Ringtones and Images – Personalize your cell phone with ringtones, wallpapers and more
• Free Wallpapers of NFL Team Logos
• Free Picture Messages – Download picture messages for your cell phone
• U.S. Wireless Carriers (Mobile Operators) – List and description of leading providers
• Free Wallpapers of NBA Team Logos
• Mobile Games – List and description of leading providers
• How to Make Ringtones from Music Tracks for Free - News, Mar 22, 2006
• Teen Buzz "Mosquito" Ringtone Available - News, Jun 13, 2006

top  cellphone news  site map  home
 

Copyright © 2007 Pulsar Media Group. All rights reserved.