SIM Forensics: Part 3
Analyzing a SIM card can provide the geographical location(s) where the SIM card, the phone, and the owner of the phone (suspect) may have been.
Privacy, Technology, and the Law
As mobile devices penetrate our daily lives, it is appropriate to evaluate the effect that these new devices have on our safety and privacy. We must also ensure that the law provides sufficient resources to investigators and prosecutors who investigate and prevent crimes against Americans who increasingly conduct their lives using this new medium.
SIM Forensics: Part 2
The previous article included a partial listing of the data or information that may reside on a SIM card, all of which could have potential probative value in an investigation. Although a thorough discussion of all the potential evidence that could be on a SIM card is beyond the scope of this article, some of that information will be discussed in this and a future article.
Enhancing Investigations with GPS Evidence
The value of collecting evidence from GPS devices has been well established over the last several years. Most investigators think in terms of being able to obtain GPS evidence in the form of the “breadcrumb trail” known as trackpoints, but much more data is available from these devices.
Mobile Phone Investigations: Best Practices
In the world of digital forensics, mobile phone investigations are growing exponentially. The number of cell phones investigated each year has increased nearly tenfold over the past decade. This article can be used as a first step to gain understanding on how to best tackle cell phone analysis.
SIM Forensics: Part 1
SIMs are found in GSM, iDEN, and Blackberry handsets. Under the GSM framework, a cell phone is termed a Mobile Station, consisting of a SIM card and a handset. From an investigative perspective, one useful feature of a SIM card is that it can be moved from one GSM compatible phone to another.
Understanding the World of Cellular Telephones: Part 3
Most computer users are aware that a computer’s hard drive contains more information and data than just the files that they create or download. That same awareness cannot be attributed to most cell phone users. This can serve to an investigator’s advantage. The following represents some of the data that can typically be extracted from a cell phone.
Understanding the World of Cellular Telephones: Part 2
Familiarity with the five main cell phone operating systems can aid your investigation.
Understanding the World of Cellular Telephones: Part 1
Telephone technology has evolved by leaps and bounds. It is important to understand some of the key terminology used when discussing cellular phones and other mobile devices.
Data Extraction from a Physical Dump
There is no one “press-the-button” solution (yet) to get all your search terms from a physical cell phone dump. There is, however, a certain approach that can help you solve some of these challenges.
USB Port Monitoring and Flasher Boxes
A flasher box adds flexibility to the forensic analysis of mobile devices and gives you the opportunity to take that extra step in your investigation.
Pieces of Eight: iPods, iPads, iPhones, and SQLite
Consumers have gone mad over the iPhone and iPad, so now more than ever, forensic examiners need to understand and be able to acquire, exploit, and report on these devices. This article is about understanding one of the structures used to store data on the iPhone and its siblings: the SQLite database.
Flasher Boxes: Back to Basics in Mobile Phone Forensics
There is a growing demand to return to the flasher box/hex dumping solution in order to retrieve information from suspect devices not supported by the various mobile phone forensic manufacturers. Here are some considerations to effectively incorporate flasher boxes in your mobile phone investigation.
Seek and You Shall Find: Using Regular Expressions for Fast, Accurate Mobile Device Data Searches
In the world of digital forensics, the power to seek and find is key. The faster and more accurate the search, the faster you can zero in on your target and find the evidence you need to convict, prevent, or locate. Regular expressions are the key to this power.
An Introduction to Android Forensics
Applications for Android are developed in Java and run in a separate Dalvik virtual machine with a unique user id and process which is a key mechanism used to enforce data security. As a result, forensic examiners do not have a built-in mechanism we can use on the phone to extract core user data. Instead, new techniques must be developed which require some interaction with the device.
Examining Cellular Phones and Handheld Devices
Ninety percent of all Americans own a cellular phone. Having this kind of societal importance and wide distribution, it is not surprising that cellular phones and handheld devices are being widely used in even the most minor criminal activity. These devices can provide significant evidence in major cases.
Cellular Forensics, Spyware, and Corporate IT Security
Corporations spend thousands of dollars each year looking for the best software, personnel, and hardware to protect their intellectual property. Unfortunately, while corporate IT has been concentrating on computers, company secrets have been flying out of the corporate walls via cell phone text messages, IM’s, pictures, and e-mails.