What is your e-mail address?
My e-mail address is:

Do you have a password?
Forgot your password? Click here
close


    Forensics on cell phones

    • By Patrick Marshall
    • Jul 03, 2008
    Inside and outside government,
    professionals increasingly carry
    data on their cell phones, including
    e-mail messages, documents,
    videos and instant messages.
    And there are those '
    such as law enforcement officers,
    some employers and, yes,
    hackers ' who want to get at
    that data without the owner's
    permission.

    Until recently, however, the
    tools to do that
    weren't available.
    A handful
    of PC-based
    programs have
    been able to extract
    data from selected cell
    phone models, but special
    challenges face those who deliver
    powerful forensic tools.

    The biggest one is that there
    are hundreds of models of cell
    phones, with manufacturers
    adding dozens of new ones
    each year. And all those models
    employ a wide array of
    BIOS versions, operating systems
    and software.

    The other nut to crack is
    portability. Cell phones are, of
    course, extremely portable.
    But if you need to plug one
    into a computer equipped
    with forensic software, extracting
    data in the field or
    without the owner's knowledge
    can be problematic.

    Cellebrite Mobile Synchronization
    has introduced a solution
    in the form of its Universal
    Forensic Extraction
    Device (UFED).

    Cellebrite has been in the
    business of cell phone data
    transfer for the past 10 years.
    When you buy a new phone
    and the store transfers your
    data from your old phone, it's
    almost certain they're using
    Cellebrite's equipment.

    Now the company has packed
    its tools into a handheld
    device for data extraction in the
    field. The $4,000 kit includes
    the UFED, cables for connecting
    the device to more than
    1,200 supported phone models
    and software for generating reports
    of the extracted data.

    The UFED can extract a variety
    of information from most
    cell phones, including contact
    lists, photos, videos, text messages,
    call logs, electronic serial
    numbers and International
    Mobile Equipment Identity
    data. What makes the UFED
    unique ' apart from its
    portability ' is its support for
    such a broad array of cell
    phones, said Jason Rogers,
    vice president of sales at
    Cellebrite USA.

    'We are getting the handsets
    usually three to four months
    prior to retail launch,' Rogers
    said. 'When a new phone
    comes out, we have to develop
    the software and/or the cable
    to have it supported.'

    The data extraction takes
    about 10 seconds, and the
    UFED can export the data to
    a Secure Digital (SD) card, an
    attached flash drive or a PC.
    The UFED, like its counterparts,
    has some limitations.

    For starters, although it can
    extract some deleted text data
    from SD cards, it cannot extract
    deleted information from
    cell phone data storage. Rogers
    said that capability should be
    available in two to three years.
    And there is nothing except
    the price tag to prevent amateur
    detectives and hackers
    from using the UFED for their
    own purposes. Rogers said it
    is company policy to sell the
    device only to government
    customers and corporations,
    but they have to take the customer's
    word for that.

    'You have to hope they're
    going to be honest with you,'
    Rogers said.

    Reader Comments

    Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

    Your Name:(optional)
    Your Email:(optional)
    Your Location:(optional)
    Comment:
    Please type the letters/numbers you see above

    GCN eNewsletters

    eSeminar