Sharing Devices and Accounts
Unless you live alone, you probably share a device or an account with someone else in your home. Perhaps it’s a family tablet that you and your spouse both use, or an email account your kids need for school (that you can access). But could that shared device or account become harmful to you?
When you buy an Apple Mac or iPhone, you link it to an Apple ID. When you buy an Android phone or tablet, you link it to a Google account. These linkages, along with access to other accounts, remain and can ultimately cause serious problems down the road. Let’s examine a few scenarios and see what the problem is.
A husband and wife are living together, purchase a tablet, and the wife adds her email account to the tablet’s email application. Six months later, the relationship sours, there is a violent encounter and the wife is arrested for a domestic violence charge. She moves out to comply with the no contact order, leaving the tablet at the house. In an effort to damage her credibility in the ensuing divorce, the husband opens the mail app on the tablet and uses the soon-to-be ex-wife’s email account to send himself a threatening email. When he presents this email to his counsel, it appears to be a flagrant violation of the no-contact order. Now, as a forensics professional, my first question would be “what IP address was used to send the email?”, but as we all know, there isn’t always a clear resolution to this issue. Sometimes it’s easy and the IP address is discovered to be the one associated with the husband’s home, so [possession of the tablet] + [possession of the internet connection] = likely fraudulent email sent by husband to set up the wife. Sometimes, though, the IP address resolves back to a Starbucks that is geographically right between the husband’s house and the wife’s new apartment. Muddy waters, for sure.
A mother and father decide it’s time to give their child a laptop to use. The father gives the child his old Apple laptop that he originally set up using the father’s Apple ID. Months (or years) later, the mother and father are separating. The child is living with the mother and the mother is trying to obtain sole custody. The mother is looking for any evidence that the father is not a suitable caregiver. She realizes that the Apple laptop is associated with father’s Apple ID, and therefore mother can see on the laptop all of father’s iMessage conversations in near real-time. She finds his messages to a new love interest about parties and reckless behavior and suddenly the father’s private communications are revealed.
It is clear that even though the shared device or account described above was initially established for beneficial purposes, significant changes occurred that drastically altered the landscape. These scenarios are not limited to family disputes, either. People log into their personal email accounts on work computers and often tell the computer to “remember this password”. This means that anyone using that computer could have access to that email account long after the employee is terminated or resigns.
The truly relevant item in all of the above scenarios is the “landscape change” in the scenario. It is important to recognize when the landscape, and consequently the risk assessment, has changed and address any possible risk factors. In our above scenarios, the dramatic change in the relationship (and living/custody issues) should have been the alarm bell. The response to the alarm bell is simple. Change your passwords. Even if the device is no longer in your possession or control, changing your password will prevent it from accessing the account and, at the least, retrieving or sending new content. If old messages or content are stored locally on the device, they will likely remain, but no new messages can be sent or read and no one can use the account to purport to be you.
ABOUT Peak Forensics: Peak Forensics is a full service Computer Forensics, Electronic Discovery and Consulting firm in Phoenix, Arizona. Peak Forensics provides experienced, professional computer forensics services, client centric electronic discovery and seasoned testimonial and trial consulting services. Peak’s CEO and founder, Jefford Englander, has been actively participating in computer forensics and ESI investigations for 15 years and has a background in local and federal law enforcement and the civil litigation realm. From ESI collection to forensic analysis, hosted review, reporting and expert testimony, Peak can lead you to focused information.