[LINK] US Gov: making a panic button app
Roger Clarke
Roger.Clarke at xamax.com.au
Fri Apr 1 09:23:42 AEDT 2011
>On 2011/Apr/01, at 8:24 AM, Roger Clarke wrote:
>> Scenario B:
>> If the threat is the government, they already have access to all of
>> the communications-related data that's flowed through the device -
>> and hence can reconstruct most and maybe all of the address-book -
>> either through taps, or retention, or Google's archives. (And that's
>> probably why they came to arrest you in the first place).
At 9:02 +1100 1/4/11, Kim Holburn wrote:
>In some US states and probably other places like Australia? UK?
>police can search your phone without a warrant, but to access all
>those other things and reconstruct what your phone might have had
>would take warrants and resources and time.
Agreed, but if they have the power to arrest you, then they probably
have the power to access those things (whether the power exists at
law, is achieved through a self-issued warrant, or is gained by means
of a judicial warrant).
>> Scenario C:
>> The app creates a new vulnerability. It won't take long for the
>> first piece of malware to be delivered that enables remote invocation
>> of the app.
>
>Not to mention a slip of the finger. "Dad, what does this button do?"
Damn, missed that one.
I guess it would help if I actually owned a device of this kind (:-)}
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list