0

                                Cell Phone Forensics



I was asked to check out cell phone forensics. The problem today is that cell phones are no longer just phones. There are many extra features that make it very useful as evidence. In addition to call logs, there are text messages, emails, pictures, videos, and so on. The problem is that unlike computers, each manufacturer uses proprietary operating systems and cables. This becomes a problem when you are trying to build a lab that will handle different mobile devices. Unfortunately, there is no single tool that can handle all of these devices. Different forensic solutions specialize in different phones. Usually, you buy the software once and then pay an annual maintenance fee, which includes receiving new cables for new phones. Obviously, this can get very expensive.

When I asked an experienced investigator for advice, the answer was that not every solution can handle all types of mobile devices. Those that cannot be handled "forensically" are done using a video camera and recording your actions. As long as you can document everything you've done and show that your methods did not tamper the evidence. After all, you are using the best possible method available.

As far as what I will do for the lab, I am still researching. We are currently using Paraben's Device Seizure Toolbox but I have not tested it well enough to comment on its effectiveness. While attending Guidance Software's EnCase 6 Briefing, they kept mentioning Neutrino, which is going to be their solution for mobile devices. Although I look forward to see what they can offer, I'm a little skeptical. It is an unproven solution in an ever-changing environment.

Post a Comment

 
Top