Essential Guidelines On Mobile Device Forensics

Mobile device forensics refers to the science of trying to recover digital evidence from smartphone or any mobile device. It is normally carried out under special conditions that do not interfere with investigations by using approved methods. In this guideline, you will acquire a deeper understanding about this fast growing specialty, technologies and procedures used as well as their relationship. Basic procedures discussed include acquisition, validation, preservation, examination, reporting as well as analysis of digital information from mobile devices.

To begin with, you need to have thorough knowledge about software characteristics of various mobile devices. Know the kind of operating system they use, the messaging system and numerous other applications that can have important information to help in the investigation.

You need to know the memory characteristics of mobile devices. Retrieving information from RAM is quite challenging because information is stored temporarily. But with appropriate technology, this is possible.

You should also be aware of various forensic tools available today e.g commercial and open source. They help to collect information from the internal memory of handsets or SIM cards without altering data.

There are various methods which are used to extract data from mobile devices during forensic investigation. These are discussed here.

Firstly, we have what we call manual extraction. This is where information is obtained from a mobile device by manually viewing the contents displayed on LCD or any other display unit. Forensic examiners will manipulate the keyboard, touch screen and button to get precisely the information they want. It is the most commonly used method in most investigations.

Secondly, we have logical extraction. In this method, forensic investigators connect the mobile device to their work station through wired or wireless network such as Bluetooth and WiFi. This enables them to access information from the phone and transfer it to their work station.

The third method is chip extraction. It involves acquiring data directly from the flash memory of mobile devices. In fact, the flash memory is physically removed from the phone to get the required information.

The fourth method is called micro-read. It is one of the most advanced methods used in serious cases especially when there is a national crisis. Physical observation is recorded on NOR or NAND chip by using an electron microscope.

It is advisable to disconnect network so as to prevent any incoming form of communication e.g text, calls e.t.c that may change or alter the state of the information in the mobile device.

Forensic experts also need to ensure that evidence is identified clearly and accounted for appropriately. This can be achieved by taking photographs of peripheral cables, mobile phones, power connectors, removable media and the entire scene.

The way data or evidence is packed matters a lot. Forensic examiners should seal the mobile device in a good container. This should be followed by proper labeling. It should then be taken directly to the laboratory for processing because some mobile devices are very volatile.

After analysis and interpretation, forensic experts prepare a report and then hand it over to the relevant officers.

In conclusion, the above guidelines will help you to undestand what mobile device forensic entails and procedures used.

The Lost Malaysian Plane

The recent report that a military air craft saw a shadow in the region alleged to have been the crash site of the lost Malaysian plane has given hope to many of the family and friends of those on board the plane. The search for the said plane has now arrived at a crystal phase. The next five months will determine whether the plane will be lost or found on the ocean floor.
Continue reading

What is physical data discovery?

Physical drive damage might be the outcome of electrical hitches, physical destruction, mechanical erosion or electronic component damage. The damage of business statistics e.g. data, spreadsheets and documents causes an interference of business and causes confusion, conflict and profit failure. If the recovery is the data is not fast, the end might not just be profit failure, but a probability of business termination.
Continue reading

New Protests in the USA

As if the streets aren’t busy enough during the holidays, here come the protestors. This seems to be trending all over the internet ever since the death of Trayvon Martin.

Thursday night protestors were laying in the middle of Conroy Road near the Mall at Millenia chanting “Hands up! Don’t shoot!” and “Whose streets? Our streets!”

Continue reading

The Ebola Outbreak and Its Effects on Different States

The World Health Organization has declared an Ebola outbreak in the Democratic Republic of Congo. This was immediately after 66 reported cases and 49 deaths. It went on for three months.

However, the epidemic in Sierra Leone, Liberia and Guinea has been in effect for nine months with higher than 15,000 cases and 5,000 deaths. There seems to be no end to this.
Continue reading

Baby-smothering mom will serve most of 10 year sentence

Brenna Winter, a 19-year-old St. Cloud mother accused of smothering her daughter twice at Nemours Children’s Hospital, pleaded no contest in November to attempted-first-degree murder and aggravated child abuse.

Winter was in court Tuesday for her sentencing on charges but left the court house not knowing her sentence because the Judge relying on an obscure statute, ordered a prison term of minimum of six months in prison up to a maximum of 10 years. The exact time will be determined by the DOC and the agency said she won’t be getting out for about eight years, at least.
Continue reading