Oxygen Forensics now offers the most innovative and powerful ability to allow investigators to categorize human faces using built-in facial recognition technology available at no additional charge. The unique features of the built-in Facial recognition component include:
• Industry leading accuracy (as measured by the NIST)
• Detailed face analytics (gender, race, emotion, etc)
• Immediate categorization and matching (5 faces/second)
• Working with huge volumes of dataUsing the built-in Facial recognition, investigators will undoubtedly spend less time looking through thousands of photos or videos found in mobile, cloud or drone extractions. Possible use cases include: identification of known individuals from captured images, assistance in locating endangered children, human trafficking, or other crimes involving images/videos, analysis of videos and images captured by drones used to identify possible known terrorists, etc. The use cases are endless with this technology.
MTK ANDROID ENCRYPTION BYPASS
Device encryption is one of the greatest challenges for investigators today. Understanding this, we continue working on decryption algorithms to allow investigators to decrypt Android physical dumps. The new Oxygen Forensic® Detective 11.5 introduces a universal method that helps bypass screen locks and extract a decrypted physical dump of Android devices based on Mediatek chipset.
MTK Android devices may have software or even hardware encryption. The latest MTK device models are generally encrypted using hardware bound keys. If these keys are not obtained, device physical images cannot be decrypted. However, Oxygen Forensic® Detective 11.5 now allows investigators to bypass both screen lock and disk encryption (no matter if it is software or hardware) to extract a complete decrypted physical dump.
Using this method is easy. Investigators simply choose “MTK Android dump”/ “Bootloader modification” in the Oxygen Forensic® Extractor and then follow the instructions to upload a boot image patch onto the device. Once the extraction is finished the data will be processed, decoded and analyzed.
ICLOUD BACKUPS EXTRACTION
Starting at iOS 11.2 Apple changed the authorization algorithms making it nearly impossible to extract iCloud backups via a username/password or token if 2FA was enabled. The new Oxygen Forensic® Detective 11.5 offers investigators the powerful ability to acquire iCloud backups made from the newest Apple iOS devices. Extraction is available via login and password and complete instructions on the process are given in Oxygen Forensic® Cloud Extractor.
ENHANCED APPLE IOS SUPPORT
We’ve made several great improvements to Apple iOS device support. Now investigators can connect several Apple iOS devices simultaneously, saving valuable time. Staying ahead of releases we have added preliminary support for Apple iOS 13. We also added improvements to our automatic Apple iOS device connections. And finally, we’ve included the ability to parse Screen Time Information from jailbroken Apple iOS devices and GrayKey images in Oxygen Forensic® JetEngine.
LINE MESSENGER EXTRACTION
We have offered Line direct data extraction from Apple iOS and Android devices for some time. However, Oxygen Forensic® Detective 11.5 now enables investigators to additionally access Line data from the cloud. We now offer two options –extract Line account information and contacts from the Line cloud via password, token or QR code and also to acquire calls and messages from Line Google backup via Google master token.
EXPORT TO RELATIVITY PLUGIN
Oxygen Forensic® Detective 11.5 now allows investigators to export contacts, calls, messages and files to the Relativity format. The export to Relativity button is located within the main window of Oxygen Forensic® JetEngine under the Device picture. Relativity Software is cloud-based eDiscovery software that offers case assessment, fact management, review, production, analytics within a suite. Looking to add this to your Oxygen Forensic Detective license please call or email [email protected]