lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 16 May 2007 20:56:41 -0700
From: "Randy Wyatt" <rwwyatt01@...il.com>
To: "Davide Del Vecchio" <dante@...ghieri.org>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk,
	3APA3A <3APA3A@...urity.nnov.ru>
Subject: Re: Retrieving "deleted" sms/mms from Nokia phone
	(Symbian S60)

On 5/16/07, Davide Del Vecchio <dante@...ghieri.org> wrote:
>
> 3APA3A ha scritto:
> > Dear Davide Del Vecchio,
> >
> >  It's also possible to recover deleted photos from almost any flash card
> >  in almost any device (camera, mobile, etc) - it's a way general purpose
> >  file  systems  work.  Requirement  to  delete  information  securely is
> >  enforced  in devices certified to e.g. process US military secretes. In
> >  this case, device must follow DoD 5220-22-M recommendations and you can
> >  expect  secure erase. In general purpose operation systems and devices,
> >  to    delete   information   securely   (wipe   it)   some   additional
> >  actions/utilities are usually required.
> >
> > --Tuesday, May 15, 2007, 9:09:19 PM, you wrote to
> full-disclosure@...ts.grok.org.uk:
> >
> > DDV> Hello list,
> >
> > DDV> During some research, I found an intersting "feature"
> > DDV> on my Nokia mobile phone; I was able to retrieve any
> > DDV> apparently deleted sms/mms.
>
> I completely agree with you.
> Infact the news is how EASY is it to recover sms/mms deleted without
> using any recovery tool (just using the PC Nokia Suite) and the aim of
> my post was to increase the perception of the privacy risk on the mobile
> devices.
>
> I hope that after this post, Nokia people will think about introducing
> more security features. Those actually are infact often reduced to just
> a 4 digit number (the PIN).
>
> I think the question is crucial and, I hope, finally clear.
>
> d.
>
> --
> http://www.alighieri.org



The PIN supported is a function of the  SIM/UICC

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ