Forums
Main Category
General (Technical,...
Mobile phone invest...
 
Notifications
Clear all

Mobile phone investigations - Whats good?

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by rmislan 16 years ago
10 Posts
5 Users
0 Reactions
821 Views
RSS
 research1
(@research1)
Estimable Member
Joined: 17 years ago
Posts: 165
Topic starter 27/01/2009 8:57 pm  

Does anyone know of any good harware/software for mobile phone forenics, apart from what guidance provide? Prices and limitations would also be very useful

Thanks


   
Quote
ahoog
 ahoog
(@ahoog)
Eminent Member
Joined: 17 years ago
Posts: 47
27/01/2009 10:55 pm  

There are nearly (or perhaps more than) 2,000 varieties of phones "in the wild". There are packages they say they support many of them. My experience has been that no tool can support all phones and that all are a bit over zealous in describing what they support.

I'd start by narrowing things down a bit (GSM, CDMA, smart phones or just phone/SMS/etc.) and then target an established tool and get a demo. See if it works for yours needs.

An important step in this process is that *you* have faith in the tool, have tested it and can explain what it does, how it performs the acquisition/analysis, what it might miss, etc.

Unlike computer (hard drive) forensics, the mobile forensics field is much less mature. This is due, in part, to the sheer number of devices and that you can't just remove the memory, image it read-only and then analyze it based on a rather finite set of documented, known file systems.

Good luck.


   
ReplyQuote
 nitiwate
(@nitiwate)
Active Member
Joined: 20 years ago
Posts: 5
26/03/2009 7:46 am  

EnCase Neutrino
http//www.encase.com/products/neutrino.aspx


   
ReplyQuote
 rmislan
(@rmislan)
Active Member
Joined: 20 years ago
Posts: 9
26/03/2009 8:00 am  

here's an idea…
Go to Mobile Forensics World and get a test drive of all the various tools…
I'm just saying…it's a great opportunity to meet each and everyone specifically in the field…

Check it out
www.MobileForensicsWorld.com


   
ReplyQuote
Jamie
 Jamie
(@jamie)
Moderator
Joined: 5 years ago
Posts: 1288
26/03/2009 2:14 pm  

here's an idea…
Go to Mobile Forensics World

Probably best to disclose an interest when making this kind of recommendation, Rick. Thanks.

Jamie


   
ReplyQuote
 rmislan
(@rmislan)
Active Member
Joined: 20 years ago
Posts: 9
26/03/2009 7:01 pm  

Sure Jamie

<disclosure>
As the Conference Director of Mobile Forensics World, I'd like to disclose my interest in having all members of this forensics community know about the only concentrated conference for Mobile Forensics…

Mobile Forensics World is solely dedicated to Mobile Forensics…

This post is in no way endorsing any one product, vendor, forum, presenter, or paper. It is however endorsing a conference that is being presented through Purdue University's College of Technology, the Computer & Information Technology Department, and the Cyber Forensics Lab, solely for the educational benefits to the Mobile Forensics community.

Questions, comments, or concerns can be sent via PM.

</disclosure>
HTH,
Rick


   
ReplyQuote
Jamie
 Jamie
(@jamie)
Moderator
Joined: 5 years ago
Posts: 1288
26/03/2009 7:08 pm  

Interesting definition of disclosure…


   
ReplyQuote
 rmislan
(@rmislan)
Active Member
Joined: 20 years ago
Posts: 9
26/03/2009 7:31 pm  

I try…

"the act of making something evident"


   
ReplyQuote
Jamie
 Jamie
(@jamie)
Moderator
Joined: 5 years ago
Posts: 1288
26/03/2009 7:48 pm  

I think you've certainly succeeded in that respect.


   
ReplyQuote
 rmislan
(@rmislan)
Active Member
Joined: 20 years ago
Posts: 9
26/03/2009 8:24 pm  

Thanks. Like I said, "I try…"


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: