My Department is wanting to do cell phone and computer forensics in house. I work in Law Enforcement - Preston County Sheriff's Dept. in West Virginia. I have done training with the National White Collar Center using the Cellebrite UFED system and also the Susteen Secure View system. I'm just not sure which system would be good to start with. I need the ability to do dumps,physical and logical data extractions - deleted info, texts, call logs…. Any help with this would be greatly appreciated.
I'm partial to Cellebrite, but you need to understand that NO tool works on every model of phone. An UFED with Physical is a bit of a punch to the wallet, plus the yearly fees, but if you have access to the money I would start there. Take a look at XRY, Secure View, Oxygen and Lantern as well. if you do just a little bit of searching within the forum you should see this topic has received a fair amount of responses.
Just out of curiosity, have you contacted other LE agencies near you?
My Department is wanting to do cell phone and computer forensics in house. I work in Law Enforcement - Preston County Sheriff's Dept. in West Virginia. I have done training with the National White Collar Center using the Cellebrite UFED system and also the Susteen Secure View system. I'm just not sure which system would be good to start with. I need the ability to do dumps,physical and logical data extractions - deleted info, texts, call logs…. Any help with this would be greatly appreciated.
As the two comments above have suggested there is no one tool and check to see what other law enforcement departments are doing. Then also check to see what is happening in the independent examination community.
It doesn't automatically follow that the technique/examination undertaken is forensically sound but maybe the only approach left open to you. Document/record what you do.
Here is one site you can research tools used by the hobby/hacking community (which is where flashing dumping began) so you can learn more - http//
JTAG Tutorial
http//
Mobile Phone Chip Off
To get a feel for chip removal have a look at these videos for the techniques adopted. http//
Device Seizure offers physical and logical support. PM me and I'll set you up with a 30 day key. I'm also running a web demo tomorrow.
Thanks,
Rob
Check with other local law enforcement and see what they're using. Then buy something else. roll
Seriously, on a small department budget what you should probably do is work out an arrangement with other local departments where you can share the technology until you can afford to have all the major tools. Cellebrite, XRY, MPE+, Oxygen, BlackLight, etc. all have their strengths and weaknesses. To do effective examinations, you should have at least three of them with one being XRY or Cellebrite.
Maybe even ask some private labs in your area if they will share.
If you have to choose only one tool, I'm partial to Cellebrite.