Weekly Edition
Return to the Security page
| |||||||||||||
Remotely wiping mobile phonesA mobile phone "feature" that is touted as a way to remove data from stolen phones is also being used in far less reasonable ways. It is, or could be seen as, an anti-feature added for the benefit of companies, but without taking users' needs into consideration. The "remote wipe" available for (at least) Android, iOS, and Palm's webOS allows Exchange administrators to remotely reset logged-in mobile phones—removing all personal data and resetting them to factory defaults. The amount of sensitive information that is stored on mobile phones today—especially smartphones—is quite substantial. It is no surprise that both companies and individuals are worried about those phones falling into the wrong hands. Under those circumstances, one can well imagine that being able to remotely wipe that data as quickly as possible would be seen as a nice feature. But there are a number of concerns with the current approach. As Nathan Hamblen reports on his blog, remote wipe is currently being misused by Exchange administrators to punish users who access their corporate email from unapproved devices. In many, perhaps most, cases, those unapproved devices are the personal property of a user who is just trying to get their work done. One can understand administrators wanting to impose draconian access rules, and even to enforce them, but punishing users by deleting their photos, applications, and other personal data seems just a tad beyond the pale. Evidently the remote wipe feature was originally added for Blackberry devices to protect against loss or theft. Exchange administrators have been clamoring for the same functionality for other mobile phones as those devices added Exchange compatibility. Over time, the phone makers have complied, with Android adding (and touting) remote wipe in its 2.2 ("Froyo") release. But it's not clear that users are being warned about the power they are placing in the hands of their corporate IT staff when they connect to the Exchange server. From the comments on Hamblen's blog, it would seem that iPhones do not warn users about the remote wipe, but that Android 2.2 does. It certainly is not particularly intuitive that logging in to check your work email suddenly puts your phone at risk. If administrators do not want to provide Exchange access to mobile devices, a smaller, more focused hammer—like access restrictions of some kind—is likely to work out better in the long run. For Android phones, Exchange access—and remote wipe—are implemented in the standard email application. There is evidently no mechanism to override the server security policies via the email application settings, but there is a way to disable the remote wipe functionality for those with root access or the ability to install non-Market applications. Essentially, a securitypolicy.java file in the application bundle (i.e. the .apk file) needs to be changed to turn off security policy enforcement. It seems to be something of a historical artifact that remote wipe is tied to Exchange. Some users and administrators would undoubtedly like to have this capability without it necessarily being dependent on an active connection to an Exchange server. So, some kind of remote wipe protocol getting added into phone operating systems may be on the horizon. That will, of course, open up another set of potential issues. There are obviously situations where a connection to the Exchange server might be interrupted when a phone gets lost or stolen. One would guess that those interested in obtaining phones for corporate espionage—as opposed to the more run-of-the-mill criminal looking for a quick buck at the pawn shop—would know enough to disable Exchange immediately. For those truly concerned about mobile data security, the current remote wipe is something of a half-measure. Beyond the question of administrators wiping phones as punishment for trying to keep on top of email, there are other concerns as well. How well protected is the remote wipe command from attackers? One hopes that Microsoft (and the phone implementers) have provided strong authentication and/or encryption for that command channel. But, as we have seen before, vulnerabilities may well be found that allow random attackers to wipe phones. It's bad enough to give that kind of power over your personal phone to administrators, but putting it into the hands of script kiddies is well over the top. There is clearly a balance to be struck. Companies are rightly concerned about their proprietary information and its dispersal to devices that might end up in the clutches of competitors. On the other hand, those same companies are interested in having productive employees but it is difficult and expensive to hand out smartphones to all employees so they can check their email. Not to mention the fact that many of those people will already have a phone they like and may not be willing to carry around a second one to check their email. The problem goes further than that, though. Laptops and other non-phone devices (e.g. tablets, netbooks, possibly even home desktops) probably hold a lot more sensitive corporate data. Some of those devices can have their disks encrypted and/or require more rigorous authentication for access, but the problem still remains. There will always be windows of vulnerability and sophisticated attackers will find ways to exploit them. The problem here is with data that leaves the confines of the company, regardless of where it is stored. It has been suggested that "cloud" backups of personal data from phones might partially solve the problem as users can just restore their data after being punished for accessing their email. That seems fraught with peril as well, however, not least because the sensitive corporate email probably gets backed up right along with the photos of the user's children and the funny sign they saw on the way to work. In the end, companies that apply punitive sanctions to their employees' personal property for transgressions of the security policy may just find that folks will come up with better ways to spend their time. Perhaps taking pictures or playing games with their phones instead of keeping up with their work email. (Log in to post comments)
Remotely wiping mobile phones Posted Sep 15, 2010 15:53 UTC (Wed) by ewan (subscriber, #5533) [Link]
I'd have thought that (under UK law, at least) using this sort of feature against a user's phone would be rather straightforwardly illegal. It's one thing for a company to wipe their own handset, since that clearly can't be unauthorised access', but wiping someone else's surely would be.
Remotely wiping mobile phones Posted Sep 15, 2010 15:57 UTC (Wed) by zlynx (subscriber, #2285) [Link]
Except that these companies have policies which the employees have presumably read and agreed to. In the policy it probably has something about proper use and that the approved devices are under administrator control.
So by connecting to the service the employee is knowingly placing their device under the control of the remote system...
It would totally depend on what is written down and such, but I doubt the companies are at much risk.
Remotely wiping mobile phones Posted Sep 15, 2010 19:10 UTC (Wed) by marcH (subscriber, #57642) [Link]
Whatever abusive policy was signed, I doubt that using an improper device gives right to wipe it under any reasonable Law. This sounds a bit too extreme to qualify as self-defence.
But for sure who would sue his boss? (until one is fired of course)
Remotely wiping mobile phones Posted Sep 15, 2010 19:21 UTC (Wed) by zlynx (subscriber, #2285) [Link]
I dislike it when people claim that a clearly laid out policy is "abusive." Agree to it or not, but if you agree to it, it clearly wasn't that abusive.
At my hypothetical business I could make it my policy to have all wall outlets in the building supply 280 V at 75 Hz. Plug your phone into *that* and Zort! black smoke and nothing else.
Abusive? No. Weird, yes. But why should I put up with my hypothetical employees charging their personal devices from my power supply, when it is clearly against policy?
Remotely wiping mobile phones Posted Sep 15, 2010 19:45 UTC (Wed) by njs (guest, #40338) [Link]
> Agree to it or not, but if you agree to it, it clearly wasn't that abusive.
I'm glad if you've always had the resources to let you walk away from abusive employers. But that's a fairly rare privilege. Plenty of people make the rational decision that agreeing to an abusive situation is better than starving. But usually it's possible for the company to make money, the employees not to starve, *and* for them not to be abused.
Remotely wiping mobile phones Posted Sep 15, 2010 20:45 UTC (Wed) by zlynx (subscriber, #2285) [Link]
Some people think it's abusive to make an employee be on call and carry a pager.
Some people think it's abusive to make work calls to an employee's personal phone.
Now, some people seem to be claiming it's abusive to require employees to *not* use their personal phone...
None of this is on the level of requiring women employees to wear revealing uniforms or to work an extra four hours every day unpaid ... neither of which is illegal by the way.
So see, *some* people have crazy ideas about what is "abusive."
Remotely wiping mobile phones Posted Sep 15, 2010 21:07 UTC (Wed) by dskoll (subscriber, #1630) [Link] None of this is on the level of requiring women employees to wear revealing uniforms or to work an extra four hours every day unpaid ... neither of which is illegal by the way. It depends on where you live. I'm pretty sure the latter (four hours unpaid/day) contravenes the law in Ontario where I run my business. It's also the case that a contract that violates the law is unenforceable. So while businesses can write contracts that greatly favor themselves, they cannot go over the line and make illegal things OK.
Remotely wiping mobile phones - by employee agreement Posted Sep 17, 2010 16:46 UTC (Fri) by giraffedata (subscriber, #1954) [Link] In the US, since 1938, workers in low-level jobs are not allowed to work extra hours for free. (Low-level basically means non-intellectual). I don't know about wearing revealing uniforms, but there many very similar things an employee isn't allowed to give. The great majority of legal rights are waivable -- they're property the holder is allowed to sell. But many are not, and the main reason is to eliminate competition with other people who don't want to sell those rights at the going price. In the case of working extra hours for free, the effect (by design) is to transfer wealth from people with more natural employable talent to people with less, as a group. There are moral arguments for and against that transfer, and that way of doing it, and the same would apply to the issue of an employer conditioning a job offer on the employee handing over delete power on his phone. (As for the legal arguments, I really have no idea).
Remotely wiping mobile phones - by employee agreement Posted Sep 21, 2010 20:49 UTC (Tue) by dvdeug (subscriber, #10998) [Link] But many are not, and the main reason is to eliminate competition with other people who don't want to sell those rights at the going price. The main reason is to prevent those whose main employable talents is being filthy rich from working people who weren't born with a silver spoon in their mouth to death, just because these working people need to feed their families.
Remotely wiping mobile phones - by employee agreement Posted Sep 21, 2010 22:33 UTC (Tue) by giraffedata (subscriber, #1954) [Link] But many are not, and the main reason is to eliminate competition with other people who don't want to sell those rights at the going price.The main reason is to prevent those whose main employable talents is being filthy rich from working people who weren't born with a silver spoon in their mouth to death, just because these working people need to feed their families. Of course, but you missed the point, which is about the mechanism for stopping filthy rich people from doing that. The reason the filthy rich person, with all rights being waivable, would be able to entice someone to work to death is that the worker is competing for the job with other workers who are willing to work to death. By removing everyone else's ability to waive his right to work to death, we eliminate that competition and force the filthy rich person to offer a better job to everyone. The ultimate effect is a redistribution of wealth from the filthy rich employer to the workers. But this is just one mechanism for doing that.
Remotely wiping mobile phones Posted Sep 15, 2010 22:40 UTC (Wed) by njs (guest, #40338) [Link]
Yes, I'm sure some people make great straw men... I just see people saying it's abusive to wipe people's phones as punishment for trying to read their email, which you seem to have left off your list. The person I actually see here with "crazy ideas about what is abusive" is you, when you claimed that there was no such thing as an abusive policy (so long as it's clearly stated).
BTW, as another commenter noted, requiring unpaid labor is often illegal, and in many contexts requiring female employees to wear revealing uniforms is too. (In the US, Hooters and strip clubs etc. can get away with it because it's part of the service provided, but try, say, imposing those same requirements on non-customer-facing employees and see what the courts say...)
Remotely wiping mobile phones Posted Sep 16, 2010 7:40 UTC (Thu) by Np237 (subscriber, #69585) [Link]
Requiring employees to not use their personal phone is not abusive.
Wiping their personal phone, regardless of what it was used for, *is* abusive. And illegal in many countries.
Remotely wiping mobile phones Posted Sep 15, 2010 22:07 UTC (Wed) by marcH (subscriber, #57642) [Link]
> I dislike it when people claim that a clearly laid out policy is "abusive." Agree to it or not, but if you agree to it, it clearly wasn't that abusive.
I actually meant an *illegal* policy, sorry for the confusion. Signing it does not make it legal.
Remotely wiping mobile phones Posted Sep 15, 2010 23:13 UTC (Wed) by SiB (subscriber, #4048) [Link]
I am pretty sure that it is illegal to have that kind of wall outlets in a place where you have emploees working. At least in Germany. Workplace safety law kind of illegal.
Remotely wiping mobile phones Posted Sep 16, 2010 9:04 UTC (Thu) by debacle (subscriber, #7114) [Link]
Supplies with 280 V @ 75 Hz are illegal in Germany in both home and work place, with the possible exception of laboratories decorated with large blinking warning signs and access restriction to people in long white lab coats.
In general, employers and employees do not have the same level of power or strength. Because of this inbalance, at least in Europe, there is no unlimited "freedom of contract". Even if an employee signs a policy, not everything would be valid. About this specific case, the whiping of a private telephone, I assume it would be illegal in Germany, even if the employee has signed the policy. But before there is a real case and a court takes a decision, we cannot know.
Potentially risky Posted Sep 15, 2010 21:00 UTC (Wed) by copsewood (subscriber, #199) [Link]
Knowingly placing a device under control of a remote system ? As a Blackberry user, and an email admin I'm not so sure the employee would be aware of this potential unless informed and having signed something to state the access and modification as authorised by them. The UK Computer Misuse Act is a criminal matter and requires the party accessing a system and data and modifying it to be authorised to do this by the owner of the system. This seems potentially risky for the company and its email admin employees if they get this wrong.
Remotely wiping mobile phones Posted Sep 15, 2010 22:05 UTC (Wed) by shmget (subscriber, #58347) [Link]
"Except that these companies have policies which the employees have presumably read and agreed to."
Private contract does not trump the Law of the Land(*).
In the US, The legality of each would hinge - I think - on who is the owner of the device is.
UK Computer Misuse Act Posted Sep 15, 2010 20:55 UTC (Wed) by copsewood (subscriber, #199) [Link]
A company that wipes an employee owned system without the employee being informed of and signed up to a policy authorising the company this access and modification over employee's private property would, in the UK be committing a Computer Misuse Act section 3 offence. That is a criminal, not a civil matter. If the company gets this wrong and the employee or ex employee complains to the police, the company decision maker causing this to occur could theoretically end up in jail.
As a UK company email administrator, if you were to implement such a policy without having it in writing from the pointy haired boss making this policy, it could be you that ends up in jail. Kind of situation where the administrator or PHB needs to be forewarned.
UK Computer Misuse Act Posted Sep 16, 2010 8:03 UTC (Thu) by philipstorry (subscriber, #45926) [Link]
Under the same law, if the company has a policy that only approved devices are allowed then connecting your phone to the mail system is also an offence.
Nobody wins in this scenario. Yes, you can have the administrator (or company) prosecuted for breaking the law. But they will end up showing the police that you also broke the law.
I suspect that the CPS is going to be very upset if many such sets of cases come along, as they'd probably rather be spending their already limited resources dealing with something like violent crime...
Remotely wiping mobile phones Posted Sep 15, 2010 15:55 UTC (Wed) by knobunc (subscriber, #4678) [Link]
Does anyone know how to disable this "feature"?
I have a rooted 2.2, so presumably it is possible to patch out support for this...
Disabling the feature Posted Sep 15, 2010 15:57 UTC (Wed) by corbet (editor, #1) [Link] There's a link in the article to some (moderately cryptic) instructions on how to disable remote wipe in a rooted phone.
Remotely wiping mobile phones Posted Sep 15, 2010 15:58 UTC (Wed) by kjp (subscriber, #39639) [Link]
The intro to this article really needs rewording:
"the ability to trigger a complete wipe of all user data from the central server" I assumed the data was being removed from the server.
No concept of their own liability Posted Sep 15, 2010 16:33 UTC (Wed) by BrucePerens (guest, #2510) [Link] This feature would be high on the list of "things not to put in your product unless you like getting your customers prosecuted for criminal activity and yourself sued".
Remotely wiping mobile phones Posted Sep 15, 2010 17:12 UTC (Wed) by mitchskin (subscriber, #32405) [Link]
I first heard about this in the context of the n900, which doesn't implement the remote-wipe functionality. And the n900 tells the server that it doesn't (it's not "provsionable", in exchange speak). And some exchange admins only allow provisionable phones to access the server.
Some users in the big talk.maemo.org thread about this asked for the ability to tell the server that the phone is provisionable even though it isn't. But apparently, doing that violates the license under which nokia got the exchange syncing code from microsoft.
If the people implementing the client software used a non-microsoft activesync implementation, then presumably they could give users some more control. I thought such implementations existed, but if they do then I don't see why people aren't using them.
Aside: what a horrid bit of functionality to hide under the anodyne word "provisionable". Doubleplus ungood use of language there.
Remotely wiping mobile phones Posted Sep 15, 2010 18:00 UTC (Wed) by smurf (subscriber, #17840) [Link]
To be fair, the word probably wasn't chosen to obscure the fact that it's a remote wipe. Provisioning, in the context of e.g. a SIP telephone set, means to force-feed some set of standard settings to the thing. Wiping anything the user does, or might have done, is secondary.
Doesn't change the fact that this is not at all a good idea. Among other reasons: why the hell should an email/contacts/calendar/whatever-else-Exchange-does client have root access?
Remotely wiping mobile phones Posted Sep 15, 2010 18:23 UTC (Wed) by foom (subscriber, #14868) [Link]
> Among other reasons: why the hell should an email/contacts/calendar/whatever-else-Exchange-does client have root access
Having the ability to wipe all the user's data doesn't require root access...
Remotely wiping mobile phones Posted Sep 15, 2010 19:19 UTC (Wed) by cesarb (subscriber, #6266) [Link]
What we need is a phone with two user accounts, a "business" account and a "personal" account. The email client would run on the "business" account and only be able to wipe the data on it. The data on the "personal" account (your photos, your family contacts, etc.) would then stay safe.
As an aside, remote wipe is an horrible way of protecting data on a phone. Encrypting it (which should not be very power-intensive with hardware assistance plus the kernel's normal caching) and requiring a key (perhaps even having to contact a server to obtain part of it, to allow for it to be revoked) would be much safer, since it would not need a constant network connection to protect the data.
Remotely wiping mobile phones Posted Sep 15, 2010 19:36 UTC (Wed) by drag (subscriber, #31333) [Link]
One thing that your completely missing, however, is that people leave their phones on most of the time. Encrypted drives only work effectively if your system is turned off at the time it was stolen.
That's why I don't bother with it on my laptop, except I store some of the more sensitive information encrypted via encfs and cryptkeeper. You see: I leave my laptop on all the time. Even when traveling it's suspended. Out of any modern device it's fairly trivial to pull encryption keys out of memory. There are ways it can be mitigated, but that is not the reality we live in right now in terms of hardware security.
But there is not much on a phone that I would tolerate using if I had to type in a password every time I needed to access it. Usability easily trumps security in this regards.
Remote wipe is really a pretty good way to keep your stuff safe. Cell phones are stolen very often, smart phones are even more attractive targets. People frequently leave their phones laying around and forget them in public places. People leave them on all the time.
If I was a business type guy buying phones for my employees then it would be a invaluable feature.
For my personal use it would be a invaluable feature.
The problem is not that there is a remote wipe. The problem has to do with who is the one in control of it.
That is true with most stronger security schemes. The problem is not that they exist or that they are effective or that they can get used... the problem is the people who have the ability to use them. That is: somebody other then the property owner.
Remotely wiping mobile phones by cancelling decryption keys Posted Sep 15, 2010 21:19 UTC (Wed) by neilbrown (subscriber, #359) [Link]
> One thing that your completely missing, however, is that people leave their phones on most of the time. Encrypted drives only work effectively if your system is turned off at the time it was stolen.
Alternate perspective is that encryption and never-turned-off make a good combination as then if your phone is stolen/lost all you need to do is remote-shut-down. If you still have the phone, this is just an inconvenience. If someone else has it, they lose any access to your data.
All the value of remote-wipe and almost none of the cost.
Remotely wiping mobile phones by cancelling decryption keys Posted Sep 15, 2010 22:43 UTC (Wed) by drag (subscriber, #31333) [Link]
That makes a lot of sense there.
Remotely wiping mobile phones Posted Sep 15, 2010 23:52 UTC (Wed) by literfizzer (guest, #31274) [Link]
I nearly got locked out of my own personal phone the day after setting it up to sync my calendar (not mail) from the Exchange server at work. The next day the phone prompted me for a password, but it didn't specify which one. It was obvious in retrospect, but at the time I thought it wanted the one of the SIM PIN codes or perhaps my Google account password.
It gives you 10 attempts; I finally figured out that it wanted the Exchange password on the last or second-to-last attempt. I'm not sure what would have happened if I hadn't gotten it right, but I'm guessing my phone would have been wiped.
The password prompt comes up every few hours now. It's a real impediment to usability, especially when the phone is first powered on. The phone is more or less nonresponsive for the first few minutes after the password prompt comes up.
It's a lot to put up with just to get my Exchange calendar into my phone, which contains no sensitive information.
Remotely wiping mobile phones Posted Sep 16, 2010 12:17 UTC (Thu) by sjlyall (subscriber, #4151) [Link]
Actually force a PIN on the phone (so you have to type a 4 digit password into the phone when you wake it up) is another option. The company I work with forces this on phones that uses it's exchange servers. This idea is that you can't just pick up somebody's phone and start reading confidential email.
Have a look at this page for some information;
http://www.apple.com/support/iphone/enterprise/
The "Security Overview" at the bottom of the page has a quick summary of some things you can do via policy on the exchange server.
http://images.apple.com/iphone/business/docs/iPhone_Secur...
Remotely wiping mobile phones Posted Sep 19, 2010 10:34 UTC (Sun) by Tet (subscriber, #5433) [Link] I leave my laptop on all the time. Even when traveling it's suspended. Out of any modern device it's fairly trivial to pull encryption keys out of memory.Trivial, you say? I'd be intrigued to know how you plan to do this. Any halfway sane Linux distribution requires the decryption password to be entered when resuming from a suspended state.
Remotely wiping mobile phones Posted Sep 20, 2010 16:13 UTC (Mon) by pkern (subscriber, #32883) [Link]
While this might be true for hibernation (aka suspend to disk), I don't know of a Linux distribution that does it on suspend to RAM.
In theory it could instruct the kernel to wipe the encryption keys from memory at suspend time. However, the whole LUKS cryptsetup infrastructure runs in userspace to verify the correctness of the keys, which would require some parts of userspace in RAM to be working for key input. Chicken, egg.
But then this only applies to full disk encryption / root partition encryption, userspace filesystems like ecryptfs could get triggered to forget the keys and re-prompt the user, I suppose.
Remotely wiping mobile phones Posted Sep 28, 2010 13:37 UTC (Tue) by robbe (guest, #16131) [Link]
The plan:
* instruct the kernel to forget device keys before suspending * run a daemon that is able to ask the user for her passphrase, and reinstate device keys on resume * run without swap, or mlockall() all participating daemons/applications
Remotely wiping mobile phones Posted Sep 28, 2010 13:30 UTC (Tue) by robbe (guest, #16131) [Link]
I'd classify the difficulty as moderate, not trivial. See http://en.wikipedia.org/wiki/Cold_boot_attack
for details.
Remotely wiping mobile phones Posted Sep 17, 2010 16:30 UTC (Fri) by PO8 (guest, #41661) [Link]
...and I'm not trying to figure out if I can afford an N900 to replace my G1; maybe also my boy's. Thanks much for the info!
I've been willing to put up with all the problems I've had with the Android because it's a convenient device in some ways and was given to me. I've always been uncomfortable that Google controls most of my data, though; this latest is just too scary to live with.
Remotely wiping mobile phones Posted Sep 16, 2010 0:58 UTC (Thu) by ikm (subscriber, #493) [Link]
Excuse me my illiteracy, but what is Exchange? The article refers to it all the time, yet with no explanation. I would presume this is some kind of Microsoft technology, but I'm not too sure about it.
Remotely wiping mobile phones Posted Sep 16, 2010 7:47 UTC (Thu) by seyman (subscriber, #1172) [Link]
Exchange is Microsoft's email/calendar/contacts/tasks server.
See http://en.wikipedia.org/wiki/Microsoft_Exchange_Server for the gory details.
Remotely wiping mobile phones Posted Sep 16, 2010 3:40 UTC (Thu) by Kissaki (subscriber, #61848) [Link]
I knew a very little about the remote wipe feature, but I never knew that remote wipe included things other than the data that was being synchronized. I also hadn't heard of people using this as a punishment tool. How confident are we that the remote wiping was intended to punish rather than mitigate an accidental exposure of information? (I'm not saying it wasn't an inappropriately painful result; I just want to be sure we are talking about malice)
Regarding the security issues, this is a problem that is impossible to solve with current systems (at least the ones I know about). You have two security domains that you need to keep completely separate except that you have full access to both and you probably want to integrate the data (e.g. you don't want to have two completely separate calendars that you can't look at at the same time).
Add to that the fact that access to one of those domains (e.g. corporate data) needs to be revocable, and the revoking party needs to be confident that you aren't going to disable the feature by logging into the device as an administrative user and toggling a flag, and then lose the device in a Starbucks.
Remotely wiping mobile phones Posted Sep 16, 2010 7:00 UTC (Thu) by zmi (subscriber, #4829) [Link]
First, Zarafa (http://zarafa.com/), which is an Exchange Clone, also supports that feature via Webmail.
Second, if it's a problem that a device gets deleted, a clearing talk between the user, IT and management will surely help to find a clear position whether it's to be done or not.
I really like remote wipe, and used it when I recently changed my phone to a new model. No more "what else do I have to delete", just wipe it and everything is gone. Very nice feature also in case it gets deleted.
Remote wipe maybe not so evil? Posted Sep 16, 2010 10:30 UTC (Thu) by gaizkav (subscriber, #45655) [Link]
Everybody is complaining about remote wipe being evil. Maybe it's evil when that's a decision by your (oh my lord) Exchange system administrator :)
But I am interested in such a measure for my personal android phone.
If I loose my phone, or it gets stolen, I'd love to be able to do something so my phone gets completely wiped.
I don't want anybody accessing my emails, personal data, who knows how many things I have stored in the phone.
I have an android phone, and there are some applications to do that. Just have to find time to check them.
Remote wipe maybe not so evil? Posted Sep 26, 2010 5:44 UTC (Sun) by Mandrake981 (guest, #70315) [Link]
I'm not certain how a personal user would really benefit from this, as it seems to require a server (Exchange, etc.) to issue the command to wipe it once it connects to their mail system. That's not really what you're looking for.
If you go onto the Droid Market, and look for an application called WaveSecure - this will do what you want.
If you pay for their service (~$20.00 per year), it gives you the ability to back up all of your data (pictures, videos, contacts, music, etc. - as long as they're not huge files)... If your phone ever gets wiped, you can restore it all from their service. Pretty nice.
If your phone gets stolen, you can wipe it remotely from the web, as well as kick in the GPS and track it remotely. It even goes so far as to allow you to send a message to the would-be thief via the phone, and then it'll lock and it'll require your 6 digit security code to get back into it. You can actually hit it two ways - first, throw up the message to return the phone (with an address, etc.), that locks the phone. Then, to be safe, wipe the phone and wait. Also, last but not least, the option of putting up a message on the phone comes with the option of setting off an alarm on the phone too. I haven't tried it, so I don't know how loud it is, but I'm sure it would be pretty annoying to say the least.
--
Remotely wiping mobile phones Posted Sep 16, 2010 10:30 UTC (Thu) by nhippi (subscriber, #34640) [Link]
Morale of the story?
Keep a different phone for personal use and different phone for work use.
There are many many advantages to the approach - most importantly ability to switch the work phone OFF when on vacation.
Remotely wiping mobile phones Posted Sep 16, 2010 20:19 UTC (Thu) by leoc (subscriber, #39773) [Link]
I am not well versed in Exchange, so perhaps this is a dumb question but here it is anyway: why not just provide a web based email interface for employees to use with their smart phones? Then you can control who gets access to what from where without having to give email administrators such (frankly ridiculous) powers.
Remotely wiping mobile phones Posted Sep 16, 2010 23:52 UTC (Thu) by klbrun (subscriber, #45083) [Link]
Web based email interfaces typically expire after, say, 15 minutes. But if you like to have your phone on all the time and be notified as soon as an email hits the exchange server, you will be out of luck with a web email interface (unless you log in every 15 minutes).
Remotely wiping mobile phones Posted Sep 17, 2010 0:29 UTC (Fri) by giraffedata (subscriber, #1954) [Link] I've never seen an Exchange client or server, but I'll bet there is a web interface. It's just too valuable a thing for Microsoft not to sell.But the web protocols are far too weak to give the best possible user experience, so that would explain why one would want to use a special Exchange client instead of a web browser for mail. Slowness, expiration, lack of interactivity, and everything.
Remotely wiping mobile phones Posted Sep 17, 2010 4:25 UTC (Fri) by bronson (subscriber, #4806) [Link]
It's called Outlook Web Access and, I gotta admit, it's pretty nice!
But you're right -- it's far too heavy to be used over Edge or 3G data connections, and it would take a ton of work to get it to work in current mobile browsers.
Remotely wiping mobile phones Posted Sep 17, 2010 19:43 UTC (Fri) by speedster1 (subscriber, #8143) [Link]
When you admitted to liking Outlook Web Access, does this include sending mail or only checking mail?
If you do use it to send mail, please give me a hint on how to send a genuine plain text message using Outlook Web Access.
Remotely wiping mobile phones Posted Sep 17, 2010 22:26 UTC (Fri) by bronson (subscriber, #4806) [Link]
Heh, maybe the secret to liking OWA is to have low expectations. It's a surprisingly decent web app.
As far as its capability as a mailer.... well, this was in a Microsoft-laden corporate environment. I sent and received nothing but HTML-encoded top-posted disasters, each with a 75 MB PowerPoint attachment.
Remotely wiping mobile phones Posted Sep 17, 2010 23:21 UTC (Fri) by foom (subscriber, #14868) [Link]
> well, this was in a Microsoft-laden corporate environment. I sent and received nothing but HTML-encoded top-posted disasters, each with a 75 MB PowerPoint attachment.
Well, at least your microsoft-laden environment was better than most! Many installations of Exchange have some ridiculously low per-user storage size limit, like 25MB.
Remotely wiping mobile phones Posted Sep 20, 2010 13:03 UTC (Mon) by james (subscriber, #1325) [Link]
This is something that the administrator gets to set on a global and per-domain basis.
Remotely wiping mobile phones Posted Sep 17, 2010 4:09 UTC (Fri) by bradh (subscriber, #2274) [Link]
The Microsoft Activesync protocol is documented. The relevant specification for this issue is MS-ASPROV (google will find it for you as either a PDF or HTML document).
There is an example of how to command remote wipe in Section 4.2 of that document (http://msdn.microsoft.com/en-us/library/ee218975%28v=EXCH... - note that you need to work through the subsections to see the actual operations).
Remotely wiping mobile phones Posted Sep 28, 2010 19:49 UTC (Tue) by xorbe (subscriber, #3165) [Link]
Run a proxy app on the phone and filter out the wipe command ...
Remotely wiping mobile phones Posted Mar 7, 2012 23:57 UTC (Wed) by dallastexas01 (guest, #83380) [Link]
Just this week, a US Court ruled that cell phones can be searched without a warrant. The reasoning behind the ruling was that someone could erase information from a cell phone remotely, therefore erasing valuable evidence. I just wonder how prevalent the phone erasing programs are? Is this even a valid concern.
Remotely wiping mobile phones Posted Mar 8, 2012 0:45 UTC (Thu) by mathstuf (subscriber, #69389) [Link]
Have they not heard of Faraday cages? Just cut all the wireless off from the phone so that remote erasure commands can't be issued.
|
|||||||||||||