Just wondering if anyone is getting around an Android swipe code? If so please post for all or send me a private message. It seems we have recovered a rash of Android cell phones with the swipe code active.
There is no generic solution for all Android models from different vendors.
Currently, Cellebrite UFED supports physical extraction (of the entire flash memory) bypassing pattern lock from selected models (about 30) and also decode the pattern itself and the image.
As a lab solution there are about 80 additional models including many Samsung Android devices (like the Galaxy S, S2 and many more) and Motorola Android devices (many high runners).
This would be added to UFED support in about 2-3 months.
I am not aware of any other solutions beside more invasive methods, like JTAG or chip-offm that in many cases can also be decoded by the Cellebrite UFED PA.
Ron
Thanks Rons, Even though it goes around the swipe code, are you still able to extract the data off the phone (ie txt, mms, photos, contacts…..ect)
Sure, this is all the point to get access to the data. Cellebrite UFED PA also decodes most of the physical extractions (implementing file system reconstruction) and this is also why we added file system extraction so that ALL extractions will be decoded.
Getting the pattern itself is byproduct
Assuming you can gain access to the users Google password you can bypass it using the forgot password method - that's the only way I know that you can bypass it on *all* devices.
If the device has USB debugging enabled or you can flash a custom ROM then you can also get around it that way - USB debugging being enabled is pretty unlikely as it's off by default.
Don't forget that flashing a custom ROM to a device that has never had one flashed before will result in Android wiping all of the user data as a security precaution.
I'm sure you already know, but also keep in mind that even though the device is locked background services will be running and changing data. If you had my device I would issue a remote wipe command immediately, and keep sending it hoping that at some point it connects to a network again.
- Tom
N1XY, that's why I process them in a Ramsey box……. Thanks RonS, I have the UFED Logical, but I do have access to a UFED Physical at another agency. I'll give it a try.
mrpumba,
Which vendor/model is your device?
RonS - Cellebrite UFED Logical (Forensic) with the recent updates.
I was asking about the phone )
oh…lol Can't remember they're at the office but if my memory is correct in the HTC family