Archive for March, 2012

FBI vs Android Locks

Hello everybody! My name is Andrew Matsusaka, one of the Winter 2012 UCOSP Team members. Instead of posting about project updates found here I’d like to talk about security today, starting off with the power of Android locking mechanism.

Android devices have a locking mechanism that can be very difficult to break. After a certain number of failed attempts, the user’s Google e-mail address and password is required to access the information. Since so much personal data is stored on these devices, it’s nice to know that even the FBI can’t break in.

According to this article from Wired, the FBI was unable to access a suspects personal data during an investigation. You would think the FBI with all of their expertise in security would be able to access the data through various means. After consulting with several forensic experts, it appears the Android locking system cannot be bypassed through software. The next step would be reaching the data via hardware, however that carries risk of damaging the phone and losing the data itself.

The only way to gain access to that data was by issuing a warrant for data retrieval from Google. Apparently it is fairly common for personal data to be provided to law enforcement for some investigations. Google released a statement saying: “Like all law-abiding companies, we comply with valid legal process. Whenever we receive a request we make sure it meets both the letter and spirit of the law before complying. If we believe a request is overly broad, we will seek to narrow it.”

When mentioning this topic to the rest of the team, Yemi mentioned a program called TrueCrypt that is designed to allow hiding encrypted data while at the same time having legal plausible deniability. For those of you interested in maintaining their data with utmost secrecy may want to give this program a try.

The subject of online security is becoming a bigger concern as technology becomes a larger part of our lives. Just to give you a jump start, an article by LifeHacker called How to Stay Secure Online covers basic steps many of us should be taking when using the Internet.

On another note, just to put some faces to our developers for this Winter 2012 UCOSP team, I found a picture taken of us during the Vancouver code sprint.

UCOSP Winter 2012 Team

From left to right: Brittney Franzoi, Rob McDiarmid, Andrew Matsusaka, Yemi Ilupeju, Elias Adum, Eric Enns

No Comments

POSIT: Project Launch Summary

Over the past few weeks the POSIT team has been developing our project ideas for the term. The small nature of our team allows for a lot of detailed feedback and guidance from our mentors during our weekly meetings. Their input has helped our project proposals reach their current level and put us on the road to achieving our goals for this semester. Here’s what we’re working on:

POSITinsert

1. Ensure a consistent user interface between the phone and tablet. Below is the updated tablet design:

2.  Develop a generic synching library for all synching procedures so that new synchronization methods can be easily implemented in the future.

3. Enhance the map display to allow for the grouping of Finds by location. This will give users the ability to easily discover patterns of interest in their Finds.

4. Improve the Bluetooth communication of Finds to simplify information sharing between users.

5. Allow for the “scanning” of bar codes to read in Find information using the phone’s camera.

6. Toggle Plugins on/off, such as the SMS, Twitter, or Tracker Activity Plugins, so that testing is less intrusive to the rest of the application.

We’re enthusiastic and can’t wait to see the improvements take effect!

No Comments