I'm not sure that helps, android apps get access to the sms dB an iPhone app can't do.
Also neurondigital? 100% the same app and app developer?
One thing that a lot of people struggle with, and I'm not suggesting that you are, is the concept of a spoof. In my department many officers believe that if you receive a communication from a VoIP number that somehow is a spoof. Not quite.
By fake, I am assuming that a handset received an sms message that was meant to appear as though it came from an individual that may be known to the individual that owns the handset?
The ability to do this could prove to be beneficial to a domestic violence victim who obtained an Order of Protection against an abuser. Victim sends themselves a "fake" sms and shows police that they have been threatened. Police go arrest the individual with the OP. Now OP may say "I didn't send it. Look at my phone." Police know it could have been deleted so they make the arrest. With technology these days that may be a bad choice by the police.
Last year I attended a HTCIA conference just outside Vegas. There was a guy who gave a presentation where he showed that with ADVANCED computer forensic skills you could spoof sms messages on an iPhone. His name escapes me now, but he is based out of Canada.
If it were my case I would focus on the victims provider to see what records they could provide.
I would start off with someone working the Court Order side or El Sur in the hopes that I would be able to speak with someone that had a very good knowledge of their network rather than a contract employee that might just fill requests and have no idea what goes on beyond filling the requests.
Essentially you are looking for the uplink provider for that data transmission, or the Session Initiation Protocol headers for that transmission. That information could possibly link you back to an IP address, or maybe a 10 digit phone number that may be the key to additional information.
This is the link to the app
I think you have missed my point. An android app that 'fakes' texts can do things an Apple app could not. Is the one on your evidencial phone by the same developer?
Any results for the android no matter how interesting will not explain how fake texts got on your apple device unless an android app sent it to the apple phone.
Hope I've not misunderstood
Yeah, I think we have gotten way off the original question.
Without going into detail of the case on a open forum, The defense has brought up the idea a fake text was sent using an app that is ready available.
I used a controlled android phone and used (app I sent the link) the fake text message app to create the fake text. When I did an extraction it was in the timeline and the Hex view, indicating its just like any other text.
My question, is there a forensic explanation to know this text is a fake and didn't come from the network? My concern, potentially every text could be generated by a fake text app and unless we get tolls on every phone to confirm every text or call the defense could bring this issue up.
I'm asking is there a way to confirm in the extraction itself that text are real and which ones were generated by an app?
My question, is there a forensic explanation to know this text is a fake and didn't come from the network?
If this text is in an Apple iPhone database no. They would have to Jailbreak it. It she had ever jailbroken the phone there would be other tell tale signs in the phone file system (lots of other forum threads on this_
If it did come over the network and a message to her number isn't in his billing, consider looking up other texts sent at that exact data time and see if they match her incoming…
Consider, did she have another SIM in at the time, could she have been texting him off this strange number to illicit the responce '"I'm going to kill you if you ever call me again", that incoming message is to her phone not 'her' number as you know it. In this case you could get a message in her phone db, not to her, wouldn't look like a message to 'her number' as you know it in his billing if you weren't looking for it.
If you DO see an incoming message on her cell data records (that looks to be from him in her phone) but not his out going, check the service centre. When you google that it will be the service centre for 'INSERT FAKE TEXT APP CO NAME HERE'.
Sadly, I'd scrap your android findings (in this case) as they have no bearing on how an iPhone functions.
Hope this helps
I was using the android for future cases that may come up.
I am working on the Apple IOS with a itunes fake text app and see the results. What I understand I wont see the generated fake text in the SMS.dB file on the Apple as I did with the android, correct?
Indeed, as far as I am aware you cannot write to the SMS db with anything but the Apple Message app. Apple do this to stop users getting their messages skimmed as is often the problem with faked apps that look like a nice little game for your toddler that is secretly watching your SMS and sending them to your stalker who installed it as a fun game for your child.
You can subvert this protection with a jailbreak which allows elevated access to the file system.
Any apple message faker I have ever seen is used for making screenshots or instructs a server to send you the message 'from' any number you chose. This message though from the same 'number' will have been delivered by a fake service centre which will fake a sender for you at a premium. Just the same as you can get messages from 'DOMINOS' even if they aren't in your phone book, the number you want it to look like it came from comes in in a very similar way (sometimes). If the numbers are in and with the right service centre, they will be on your suspects billing, if they are not in his billing they are faked.
Thanks for your time. It has been very helpful. I would agree that even if the "fake" text message was sent by a service centre with another number listed on the "fake" text the acual number that sent the text would be different.
Thanks again for your insight!!!