iPhone Chipoff RAW data dumps R&D
Update information on iPhone data recovery
Recently I have been doing a ton of R&D on chipoff and data recovery on iPhones and have had great success with the 2G and 3G models, all RAW data recovered. The last test was a 3G iPhone with 4.1 OS and I am able to get the RAW data from the read of the NAND chip. This test phone was password protected and I recovered everything that I planted on the phone, including data I deleted before removing the chip. The test I am in the process of doing is an iPhone 3Gs and will update you how it goes. Cross your fingers. RAW data reads like this are destructive to phones as you can imagine but in some cases, it may be worth it.
This work was done with the assistance of my friends Bill, Shafik, Mike and my comrades at VICPD.
A white paper is forthcoming on this process but will take some time. There will also be some training being done through Teel Tech Training to be announced at the DOD Conference next week. See Bill Teel at this booth.
Special mention to Sam Brothers for pointing me in the right direction on this, Sam, I took the football and ran with it, hope that is ok, once again as always, you put out a great white paper (-
Det. Bob Elder - VICPD
This sounds great and I can't wait to read your paper when it comes out. I will definitely stop by Bills booth next week.
UFED Physical will soon add support for iPhone/iPad physical extraction and data decoding.
Once this is released, this would be the easiest and most complete solution for iPhone/iPad physical.
Hi Ron S
I appreciate your need to advertise your product but the chipoff process has value in areas that the Cellebrite kit can't help, even when it can read physical.
If the guy destroys his phone before or during the arrest, now you have a iPhone or cell phone that won't connect to the cellebrite kit, where do you stand with that?
If the cell phone is not functioning for whatever reason, mechanically that is, how can Cellebrite help us?
If there is water damage or physical damage to the port needed to communicate with the iPhone, where does Cellebrite do with this.
My research was done to allow us to get the RAW data from iPhones and cell phones that have been presented to us in these conditions. If the required chip is still in tack, then we are able to get the data.
I did not do all this work to infringe on the Cellebrite tool, I do this to further the abiltiy of Police Officers and forensic examiners to get the user data from cell phones so we can put bad guys in jail.
I might add that this process is very simple and very "cost effective". (-
See my answer in the parallel thread