I'm looking at purchasing some software for mobile phone forensics and am trying to decide between Paraben's Device Seizure and Guidance Software's Neutrino. Which one of these two would you recommend?
Personally id go for Micro Systemations .XRY. i have been using this for about a year now and it has been great. It supports over 500 mobile phones it also comes available in a few formats you can view them here http//
Guidance have produced a nice mobile unit and although I haven’t tested it i know that the number of handsets it supports is limited as it is a new product. Along with purchasing Neutrino far as I know you will need Encase 6 to view your acquisitions. This is a costly purchase if you don’t have EnCase already. As for Paraben I haven’t really looked into that much and can offer little advice.
In my experience it is also handy to have more than one tool to examine mobile phones.
I don't think there's one mobile phone forensic solution that covers everything. The last shop I worked for had Neutrino, Paraben's DS, and Susteen's Secure View (http//
Look at the supported phones for each product, and compare that to what shows up in the evidence locker or is corporately supported (depending on what kind of shop you're in). Go for the solution that (1) supports the vast majority of your anticipated tasking, (2) gets the data you need for reporting, and (3) has the best support (what, the driver's not working *again*?). Certainly, keep the pricing information handy for the other solutions, since you never know when you'll get something not covered by what you buy. )
Be sure to find a vendor for more cables as well, preferably one who will ship overnight. While you may get new cables from Guidance as new phones are supported in Neutrino, other solutions will keep you coming back for an occasional additional cable to support one device or another.
Enjoy!
I don't think there's one mobile phone forensic solution that covers everything…
I agree with that statement. At the Forensics Lab here in Ashland, we've had to get quite a few tools to do the job. From my experience, I'd recommend looking at Paraben's Device Seizure, Datapilot Secure View for Forensics, BitPim, .XRY, and probably Tulp2g. I don't have any experience with Guidance software's new cell phone application, although I know by its supported cell phone model list that it won't cover everything. Hope this helps.
Celldeck was looking really good at the last HTCIA conference.
Whilst having various devices (hardware and software) on the market to extract and harvest data (in effect using PnP methods) from mobile phones, the devices are not forensic… it is worth remembering it's the examiner's methodology that brings forensic into the equation. Which is completely different from saying the devices are forensic.
Thanks for your replies - I'll check out your suggestions.
Whilst having various devices (hardware and software) on the market to extract and harvest data (in effect using PnP methods) from mobile phones, the devices are not forensic… it is worth remembering it's the examiner's methodology that brings forensic into the equation. Which is completely different from saying the devices are forensic.
I'm aware that it's the examiner's methodology that brings forensic into the equation and not the devices themselves. I guess my original question was badly worded so you misunderstood what I actually meant. Thanks for your input though.
AbundantBee,
I mentioned my observations to bring additional discussion to the topic.
Your question was in fact well worded and I do not think for one moment your comments were badly worded.
In fact, you and I appear to be agreeing on the theme of forensics.
Check out the Cellbite system, we just had one on test, seems very quick and portable, uses bluetooth and cable to extract the data to a USB drive, there is also a PC interface to look at the data in a bit more depth. The support package seems pretty good too.
Griff