Академический Документы
Профессиональный Документы
Культура Документы
Session Objectives:
At the end of this Session, you will be able to understand Mobile Forensics. Mobile Identification. Mobile Tracking. Lost Mobile Phone Tracking with IMEI. Data Recovery from Sim Card & Memory Card. How to take Lost Mobile Complaint? Dos & Donts for the Mobile Users.
Introduction_________________________________________
Before we start understanding the Mobile Forensics or Mobile related frauds or crime, let us first understand the two major Mobile Technologies. The mobile industry in India is divided between the two technologies GSM and CDMA. While the earlier service providers had adopted the GSM technology, the new players have been using CDMA technology and have notched up a significant share of the Indian market. Hence any discussion on Mobile Forensics needs to take into account the presence of the two technologies. It is necessary for us to understand the basic differentiation of the two technologies as they may have an impact on the Forensics. An attempt is made here to present the fundamental technical aspects about the two systems. GSM stands for Global System for Mobile Communications and CDMA stands for Code Division Multiple Access. They represent different systems of sharing of the radio spectrum for communication. Normally the radio spectrum can be shared by different users accessing the same frequency band without causing interference. The techniques used for this are TDMA (Time division multiple access), FDMA (Frequency division multiple access) and CDMA (Code division multiple access). GSM (Global System for Mobile Communications) is a form of multiplexing, which divides the available bandwidth among the different channels. GSM is a combination of Time and Frequency-Division Multiple Access (TDMA/FDMA). The FDMA part involves the division by frequency of the (maximum) 25 MHz bandwidth into 124 carrier frequencies spaced 200 kHz apart. Each of these carrier frequencies is then divided in time, using a TDMA scheme. The fundamental unit of time in this TDMA scheme is called a burst period and it lasts 15/26 ms (or approx. 0.577 ms). Eight burst periods are grouped into a TDMA frame (120/26 ms, or approx. 4.615 ms), which forms the basic unit for the definition of logical channels. One physical channel is one burst period per TDMA frame. Thus GSM allows eight simultaneous calls on the same radio frequency. CDMA (Code Division Multiple Access) is a form of multiplexing (access to the same resource will be given to more than one user), which allows the use of a particular frequency for a number of signals, optimizing the use of available bandwidth. It is a cellular technology that uses spread-spectrum techniques. In CDMA technology every channel uses the full available spectrum. Individual conversations are encoded with a pseudo-random digital sequence. CDMA employs analog-to-digital conversion (ADC) in combination with spread spectrum technology. Audio input is first digitized (ADC) into binary elements. The frequency of the transmitted signal is then made to vary according to a defined pattern (code), so it can be intercepted only by a receiver whose frequency response is programmed with the same code, so it follows exactly along with the transmitter frequency. There are trillions of possible frequency-sequencing codes; this enhances privacy and makes cloning difficult. The technology is used in ultra-high-frequency (UHF) cellular telephone systems in the 800-MHz and 1.9-GHz bands.
GSM was first introduced in 1991 and until recently before the establishment of CDMA networks, GSM was the only mobile communication system present in the market. CDMA was first used during World War II by the English allies to foil German attempts at jamming transmissions. The allies decided to transmit over several frequencies, instead of one, making it difficult for the Germans to pick up the complete signal. Since bandwidth is the major problem in the modern times the CDMA has a very clear advantage over the GSM in these terms. The number of channels (users) that can be allocated in a given bandwidth is comparatively higher for CDMA than for GSM. The cost of setting up a CDMA network is also comparatively less than the GSM network. Due to these advantages there is high probability that CDMA technology will dominate the future of mobile communications. The technologies are normally evaluated on the following three parameters namely the data transmission capacity, security and radiation levels. Following table indicates the data transmission of different technologies: Cellular technology Generation Data transmission capacity GSM CDMA (IS-95B) CDMA 2000 2G 2.5G 3G 56 Kps 64 Kps - 140 Kps 2 MBps
The idea of technology with superior security is not a new one. In 1935, a Russian researcher Dmitrii Vasilevich AGEEV, published his book "The basics of linery selection theory", where he explained the concept of coding the signals. After the WWII, Soviet and American military communication systems started to use the concept very widely because of many valuable advantages of the system. The origin concept of CDMA scheme was recommended by QUALCOMM (the famous communication provider in the US and worldwide), however Korean research institute, ETRI and companies like Hyundai, LG, and Samsung performed its realization for the first time in the world in 1995. As of today many countries have accepted it as a national standard of mobile communication and worldwide number of CDMA subscribers has climbed to over 100 million. As already explained, CDMA uses a radically different approach to what GSM does. It assigns a unique "code" to put multiple users on the same wideband channel at the same time. The codes so-called "pseudo-random code sequence" is used by both the mobile station (handset) and the base station to distinguish between conversations. This gives a greater level of privacy and security to the communication. As far as radiation level concerned, CDMA is the most harmless one among all existing technologies. Of course, it transmits microwaves while on standby mode, like other technologies do. However, CDMA technology checks 800 times per second its transmission level. Therefore, radiation level is 10 times less than GSM. Another important thing to point out is that CDMA system transmits signals only when the user starts conversation. Simply saying, when you're listening the other ends conversation, you are not affected by microwave as the speaking person does.
All Rights Reserved. www.sedulitygroups.com
On the other hand the data at the service provider's level cannot be manipulated except with the connivance of the service provider or hacking into their system. Again here the data as found visible on the computers of the service provider can be taken as primafacie evidence but if it has to be relied upon, then there has to be a relevant certification that the data is apparently not altered. Since mobile conversations are not presently recorded by the service provider and they are not normally available for any evidence. If the conversation is hacked and recorded, then it will be a case of illegal tapping and the quality of the evidence needs to be evaluated by other parameters including voice recognition also. The phone book detail only provides information about the persons whom the mobile owner has been in contact and nothing more. A few of the incoming SMS messages are normally stored on the mobile and along with time data corroborated with the service provider's information, may be evidence of an incoming message. Templates may indicate the likely outgoing information and if it contains any spam or obscene message, may indicate the intention of the mobile user and nothing more. Ring tones and Games may be relevant from the point of view of copyright violations. Details of pictures and video clippings on an accompanying memory card indicates the intentions of the mobile user and if they can be matched with any outgoing data packets, may be used as evidence for the likely outgoing message. These can be of use in case of any obscene pictures being transmitted from the mobile. However linking the stored data to a sent message requires certain Forensic testing and it is doubtful if such capabilities exist with the Indian Police as of date.
4.2.1 Spoofing:
It must be remembered that spoofing of SMS messages as well as voice messages is not impossible on a mobile. Firstly it is possible to send SMS messages from a computing device with a false "Sender's Mobile Number". Secondly, it is possible to pick a hand set and alter the SIM card data to make it look like a different SIM card and use it for sending offending messages or making calls which can be attributed to the original owner of the SIM Card. For example a card belonging to Mr. Fraud can be altered to match the SIM card of Mr. Innocent and used for making calls to Targets 1 and 2. Then if this SIM card is presented as evidence with or without the hand set of Mr. Innocent, it is possible to create an evidence which appears as if Mr. Innocent has made calls to Mr. Targets 1 and 2. Acceptance of SIM card data as evidence is therefore required to be accompanied by several collaborative Forensic certifications that eliminate the possibilities of such manipulation.
Even though the IMEI number is considered a good identification of the hardware, it is said that in India the existence of sets with duplicate IMEI numbers is wide spread and hence the service providers have been reluctant to use IMEI blocking as a solution to immobilize stolen mobiles. Note: In CDMA phones the identification is through what is called ESN-(Electronic Security Number) numbers. Further both IMEI numbers and ESN numbers can be modified with the use of right equipments and such practices are being regularly practiced by those who deal in stolen mobiles. It must therefore be considered possible to clone a mobile if the person so charged is shown to have sufficient resources and access to technology.
4.3.1 Technology
The technology of locating is based on measuring power levels and antenna patterns and uses the concept that a mobile phone always communicates wirelessly with one of the closest base stations, so if you know which base station the phone communicates with, you know that the phone is close to the respective base station.
Advanced systems determine the sector in which the mobile phone resides and roughly estimate also the distance to the base station. Further approximation can be done by interpolating signals between adjacent antenna towers. Qualified services may achieve a precision of down to 50 meters in urban areas where mobile traffic and density of antenna towers (base stations) is sufficiently high. Rural and desolate areas may see miles between base stations and therefore determine locations less precisely.
4.3.5 Privacy
Locating or positioning touches upon delicate privacy issues, since it enable someone to check where a person is without the person's consent. Strict ethics and security measures are strongly recommended for services that employ positioning, and the user must give an informed, explicit consent to a service provider before the service provider can compute positioning data from the user's mobile phone. In Europe, where most countries have a constitutional guarantee on the secrecy of correspondence, location data obtained from mobile phone networks is usually given the same protection as the communication itself. The United States however has no explicit constitutional guarantee on the privacy of telecommunications, so use of location data is limited by law. With tolling systems, as in Germany, the locating of vehicles is equally sensitive to the constitutional guarantee on the secrecy of correspondence and thus any further use of tolling information beyond deducting the road fee is prohibited. That leads to the strange situation that even obviously criminal intent may not be interfered by such yet available technical means.
Officially, the authorities (like the police) can obtain permission to position phones in emergency cases where people (including criminals) are missing. The FBI appears to have begun using a novel form of electronic surveillance in criminal investigations: remotely activating a mobile phone's microphone and using it to eavesdrop on nearby conversations. This works with or without locating. The technique is called a "roving bug," and was approved by top U.S. Department of Justice. A judge ruled that police use of such tracking in the USA will require a warrant showing probable cause. The Electronic Frontier Foundation is tracking some cases, including USA v. Pen Register, regarding government tracking of individuals such as pedophiles and political activists.
4.3.6 References
"Tracking a suspect by mobile phone: Tracking SIM and handset". "Location Based Services for Mobiles: Technologies and Standards, Shu Wang, Jungwon Min and Byung K. Yi, IEEE International Conference on Communication (ICC) 2008, Beijing, China "Roving Bug in Cell Phones Used By FBI to Eavesdrop on Syndicate". The Chicago Syndicate. "FBI taps cell phone mic as eavesdropping tool". ZDNet. http://www.washingtonpost.com/wpdyn/content/article/2008/09/11/AR2008091103292.html http://www.eff.org/issues/cell-tracking GSM localization is the use of multilateration to determine the location of GSM mobile phones, usually with the intent to locate the user [1] .
4.4.3 Hybrid
Hybrid-based techniques use a combination of network-based and handset-based technologies for location determination. One example would be Assisted-GPS, which uses both GPS and network information to compute the location. Hybrid-based techniques give the best accuracy of the three but inherit the limitations and challenges of network-based and handset-based technologies. Examples of LBS technologies Cell Identification - The accuracy of this method can be as good as a few hundred meters in urban areas, but as poor as 32 km in suburban areas and rural zones. The accuracy depends on the known range of the particular network base station serving the handset at the time of positioning. Enhanced Cell Identification - With this method, one can get a precision similar to Cell Identification, but for rural areas, with circular sectors of 550 meters. TDOA - Time difference of arrival - The network determines the time difference and therefore the distance from each base station to the mobile phone. TOA - Time of arrival - Same as TDOA, but this technology uses the absolute time of arrival at a certain base station rather than the difference between two stations. AOA - Angle of arrival - AOA mechanism locates the mobile phone at the point where the lines along the angles from each base station intersect. E-OTD - This is similar to TDOA, but the position is estimated by the mobile phone, not by the base station. The precision of this method depends on the number of available LMUs in the networks, varying from 50 to 200 m. Assisted-GPS - A largely GPS-based technology, which uses an operator-maintained ground station to correct for GPS errors caused by the atmosphere/topography. Assisted-GPS positioning technology typically falls back to cell-based positioning methods when indoors or in an urban canyon environment.
4.4.4 References
"Location Based Services for Mobiles: Technologies and Standards, Shu Wang, Jungwon Min and Byung K. Yi, IEEE International Conference on Communication (ICC) 2008, Beijing, China
10
Phone sends signal to nearby base stations Positioning software performs a triangulation calculation on the information from the base stations The data is converted into a geographical location The mobile telephone network is divided into cells with a base station at the centre of each cell. The base station which processes the call provides the first clue to location, giving police an idea of the general area in which to look. But other base stations can also make contact with the phone and once information from several base stations has been gathered, the location of the phone can be narrowed down using triangulation. In built up areas where the base stations are close together this can be to within a few hundred metres; in rural areas, the system is less accurate.
11
They did have a confidential source who reported the suspects met at restaurants including Brunello Trattoria in New Rochelle, N.Y., which the FBI then bugged. But in July 2003, Ardito and his crew discovered bugs in three restaurants, and the FBI quietly removed the rest. Conversations recounted in FBI affidavits show the men were also highly suspicious of being tailed by police and avoided conversations on cell phones whenever possible. That led the FBI to resort to "roving bugs," first of Ardito's Nextel handset and then of Peluso's. U.S. District Judge Barbara Jones approved them in a series of orders in 2003 and 2004, and said she expected to "be advised of the locations" of the suspects when their conversations were recorded. Details of how the Nextel bugs worked are sketchy. Court documents, including an affidavit (p1) and (p2) prepared by Assistant U.S. Attorney Jonathan Kolodner in September 2003, refer to them as a "listening device placed in the cellular telephone." That phrase could refer to software or hardware. One private investigator interviewed by CNET News.com, Skipp Porteous of Sherlock Investigations in New York, said he believed the FBI planted a physical bug somewhere in the Nextel handset and did not remotely activate the microphone. "They had to have physical possession of the phone to do it," Porteous said. "There are several ways that they could have gotten physical possession. Then they monitored the bug from fairly near by." But other experts thought microphone activation is the more likely scenario, mostly because the battery in a tiny bug would not have lasted a year and because court documents say the bug works anywhere "within the United States"--in other words, outside the range of a nearby FBI agent armed with a radio receiver. In addition, a paranoid Mafioso likely would be suspicious of any ploy to get him to hand over a cell phone so a bug could be planted. And Kolodner's affidavit seeking a court order lists Ardito's phone number, his 15-digit International Mobile Subscriber Identifier, and lists Nextel Communications as the service provider, all of which would be unnecessary if a physical bug were being planted. A BBC article from 2004 reported that intelligence agencies routinely employ the remote-activiation method. "A mobile sitting on the desk of a politician or businessman can act as a powerful, undetectable bug," the article said, "enabling them to be activated at a later date to pick up sounds even when the receiver is down." For its part, Nextel said through spokesman Travis Sowders: "We're not aware of this investigation, and we weren't asked to participate." Other mobile providers were reluctant to talk about this kind of surveillance. Verizon Wireless said only that it "works closely with law enforcement and public safety officials. When presented with legally authorized orders, we assist law enforcement in every way possible." A Motorola representative said that "your best source in this case would be the FBI itself." Cingular, T-Mobile, and the CTIA trade association did not immediately respond to requests for comment. This isn't the first time the federal government has pushed at the limits of electronic surveillance when investigating reputed mobsters. In one case involving Nicodemo S. Scarfo, the alleged mastermind of a loan shark operation in New Jersey, the FBI found itself thwarted when Scarfo used Pretty Good Privacy software (PGP) to encode confidential business data. So with a judge's approval, FBI agents repeatedly snuck into Scarfo's business to plant a keystroke logger and monitor its output. Like Ardito's lawyers, Scarfo's defense attorneys argued that the then-novel technique was not legal and that the information gleaned through it could not be used.
All Rights Reserved. www.sedulitygroups.com
13
Also like Ardito, Scarfo's lawyers lost when a judge ruled in January 2002 that the evidence was admissible. The FBI's "applications made a sufficient case for electronic surveillance," Kaplan wrote. "They indicated that alternative methods of investigation either had failed or were unlikely to produce results, in part because the subjects deliberately avoided government surveillance." Bill Stollhans, president of the Private Investigators Association of Virginia, said such a technique would be legally reserved for police armed with court orders, not private investigators. There is "no law that would allow me as a private investigator to use that type of technique," he said. "That is exclusively for law enforcement. It is not allowable or not legal in the private sector. No client of mine can ask me to overhear telephone or strictly oral conversations." Surreptitious activation of built-in microphones by the FBI has been done before. A 2003 lawsuit revealed that the FBI was able to surreptitiously turn on the built-in microphones in automotive systems like General Motors' OnStar to snoop on passengers' conversations. When FBI agents remotely activated the system and were listening in, passengers in the vehicle could not tell that their conversations were being monitored. Malicious hackers have followed suit. A report last year said Spanish authorities had detained a man who writes a Trojan horse that secretly activated a computer's video camera and forwarded him the recordings.
"For instance, records of past credit card transactions will often serve to place a person at a given location at a specific time, yet under established Fourth Amendment law they enjoy no Fourth Amendment protection," U.S. Attorney Mary Beth Buchanan said in a brief asking the district court to review Lenihan's ruling. She argued that historical cellsite records reveal location only to within a few hundred yards, not feet, and are "much too imprecise" to tell whether calls have been made from a "constitutionally protected space, let alone to reveal facts about the interiors of private homes or other protected areas." To obtain such orders, the government said, the correct standard is a showing of "specific and articulable facts" that the information is "relevant" to a criminal investigation. A "majority of federal districts" grant orders based on that standard, Boyd said. But Catherine Crump, a lawyer with the American Civil Liberties Union, said the government's position on historical data was flawed. "People place a certain privacy value on their movements," she said. "Whether it's their movements yesterday or their movements today, it's the same." Said Granick: "Most people don't think that somebody could go back in time and find out where I was or who I was talking to or who was nearby at that same time. This is sensitive information, and there should be good reason before the government gets it." For more precise Cell Phone location, such as by Global Positioning System technology in phones, Justice Department attorneys say access requires a warrant.
15
If you keep the cellphone on the belt, we recommend you to use a cellphone case. It is more difficult to remove this case from your belt unnoticeably. Never give your cellphone to people you don't know. Even if they don't steal it, you don't know where they would call. Don't be surprised if you will have to talk to a policeman about that call two days later. On the other hand if you think that the person is really in trouble, help him. The above mentioned techniques of stealing are rather primitive. More interesting are ones based on a specific of mobile communication and human psychology. For example, a nice girl asks you, a young man, to borrow your cellphone to make a call to her friend who is late for a meeting. You think a little and give her your phone. The girl dials a number (it may not be a local number as you thought) and shortly explains to her friend how tired she is to wait for her. The girl finishes the call and you stop worry because you don't expect dirty tricks anymore. What will happen next depends on the place, time of the day and amount of people around. The most popular scheme is when someone bumps into you and almost knocks you down. The girl disappears with your cellphone while that someone makes excuses. The second scheme is when the girl returns your cellphone to you but a teenager snatches it and runs away. Of course you try to catch him and forget about the girl. Though she also participates in this theft, you can't prove it. Criminals often try to divert the attention of the victim by using a cellphone. Usually they do it in crowded places, near the Railway Stations or Airports, Markets, Petrol Pumps, Public Transport etc. A good looking stranger with a cellphone comes to you and asks you something like: Could you please help me dial the number, I can't do it? or I just arrived, I need to call home but the roaming doesn't work. When you try to help and install new settings someone steals something (suitcase, wallet, etc.) from you. A common sense can protect you in such situations. Don't be too enthusiastic while setting up stranger's cellphone. We are not going to discuss situations when the owner of the cellphone is careless, for example when the phone is stolen from under the towel on the beach. We would like to tell you that what to do if the phone was stolen or lost. First, relax and forget about your phone. There is 97% probability that you will never see it again. Second, you have to call your cellular service to block your phone number. So, the thief won't be able to use your cellphone. If cellular service supports a black-list, your phone will be listed there. In that case your phone can't be activated in cellular network again. However, not many cellular services support this feature. Don't rely on security codes that you setup in your phone. Entering PIN code is necessary only while switching on the phone. Criminals know that and won't switch off the phone. A password which you should enter to unlock a keypad is more efficient, but can be overwritten too. These codes can protect your phone from your friends, colleagues or your child but not from a thief. That means that all the phone numbers from your phonebook could be viewed. Some thieves find a fun dialing the numbers from your phonebook, talking with your friends. They waste your money and throw a SIM-card as an operator trace calls.
16
Someone may call you and offer returning your cellphone for a reward. It's a rare case when the phone is really returned, because the thieves are afraid to get caught. If you find a cellphone and decide to return it to the owner, the most convenient way is to look at the SIM-card and take the phone to the nearest cellphone office. You can ask for a receipt that you deliver a phone or you can do it anonymously. In any case you did a good thing and nobody will think that you are a thief. You can insure the phone against the theft. In this case you can get some compensation. In general, follow a common sense and trust your life experience. The cellphone theft is a big problem of many developed countries. Some of them pass laws against it. The cellphone theft in UK was increasing greatly in the past few years. According to John Denham (British Minister of the Internal Affairs), half of the all thefts in London are cellphone thefts (totally about 700 000 of cellphones per year get stolen in UK).. Now, changing of IMEI code, distribution of the information how to change it, possession and distribution of the equipment that can be used for making this change in UK will be considered as a criminal offence. The same problem is very serious in Australia. There, sponsored by Australian Association of Mobil Telecommunication (AMTA) was created a data base of stolen cellphones and their IMEI-codes. This project is supported by all cellular cervices and will begin to work simultaneously at the end of the year 2003. The next step would be prohibiting changing of IMEI codes. The amount of cellphone thefts in Australia is lesser then in UK only by 100 000 a year. In the conclusion Nobody is protected against cellphone theft. Don't yell at your relatives if their cellphone was stolen. It will be a lesson for them. The most important is to prevent it from happening again.
17
18
The Cellebrite UFED Forensics system is the ultimate standalone device which can be used in the field as well as the forensic lab. The Cellebrite UFED can extract vital data such as phonebook, pictures, videos, text messages, call logs, ESN and IMEI information from 1600+ models of handsets sold worldwide. The UFED supports CDMA, GSM, IDEN, and TDMA technologies, and it is compatible with any wireless carrier. The Cellebrite UFED system supports 95% of all cellular phones in the market today, including Smartphones and PDA devices. (Palm OS, Microsoft, Blackberry, Symbian) It requires no PC for field use, and can easily store hundreds of phonebooks and content items onto an SD card or USB flash drive. The Cellebrite UFED supports all known cellular device interfaces, including serial, USB, infrared, and bluetooth. It can then be brought back to the forensic lab for review and verification using the reporting/analysis tool. Field extraction of data insures that a suspects phone can be examined before the individual has a chance to destroy or erase data. By working exclusively with most major carriers worldwide including Verizon Wireless, AT&T, Sprint/ Nextel, T-Mobile UK, Orange France, Telstra Australia as well as 50 others in the US alone, Cellebrite ensures that future devices are supported prior to retail launch.
19
P3 Command Kit+ - Combine Paraben's handheld forensic products and our hard drive forensic products and save over $1,000.00.
21
Memory card file recovery software support all major memory card devices including compact flash, multimedia card, secure digital card, PDA, Pocket PC drive, external Mobile phone storage card and other similar flash drives. Software is compatible with all major memory card brands like Kodak, Konica, Minolta, Nikon, Ricoh, Samsungs, Sony, Toshiba etc. Software support of all types of USB port memory card reader. Support memory card in major storage capacity drives including 128MB, 256MB, 512MB, 1GB, 2 GB, 4GB and other higher capacity drives. Does not require any technical skills to operate the software. Software System Requirements: Operating System: Windows 98/2000/Server 2003/NT/XP/Vista Memory Space: 20 MB free hard disk space and 64 MB RAM (128 MB recommended) Processor: Pentium class or equivalent processor
22
FTK Mobile Phone Examiner (MPE) integrates with the industry-standard, courtvalidated Forensic Toolkit solution to deliver the broadest support for mobile phone analysis. Now you can correlate computer evidence with phone evidence in the same intuitive interface, as well as analyze multiple phones simultaneously. With support for more than 800 phone models, FTK MPE is the ultimate in mobile phone investigations.
All Rights Reserved. www.sedulitygroups.com
23
Product Features: Correlate mobile phone data with computer evidence and data from other phones. Analyze multiple phones within the same interface, simultaneously. Acquire phone data in a forensically sound container without altering mobile phone data. Analyze phonebook, last dialed numbers, missed calls, received calls, SMS messages, multimedia messages, photos, files, phone details, calendar, notes, tasks and more. An unsurpassed quantity of mobile phones is supported. Frequent updates and upgrades with new features and more phones. Direct SIM analyzer through SIM reader. Reads deleted messages from the SIM card. Generate reports. Hex viewer. Includes SIM reader and USB communication cables and drivers. Hardware & Software No recommendations are made or implied!
CellDek [Commercial]
Hardware & Software; Can acquire data from over 160 of the most popular cell phones and PDA's
ChipIt [Free]
Explores GSM Sim Cards; Save, Load, Edit or Copy the Phone Book.
24
DataPilot [Commercial]
Data transfer software
ForensicSIM [Commercial]
Allows operators to easily clone a SIM card and examine it without any chance of damaging the evidence. It even allows you to examine the phone memory without any possibility of accidental connection to the phone network.
Neutrino [Commercial]
Guidance software's answer to collecting mobile device data for forensic examination; the page includes links to a webinar, and a cable guide.
25
PDAZap [Free]
Saves an image of the flash memory of a Sony Ericsson P800 mobile phone on a memory stick.
PhoneBase2 [Commercial]
Mobile phone analysis system which gives law enforcement agencies a full report on the contents of SIM cards and phone memories.
Project-a-Phone [Commercial]
Live demo of your phone screen or take screen shots and record audio/video clips.
26
SIMCon [Commercial]
Allows the user to securely image all files on a GSM SIM card to a computer file with a standard smart card reader.
SIMIS [Commercial]
SIMIS & XRY SIMIS 3G is a most comprehensive tool for the recovery and clear precise presentation of the data.
SIMQuery [Free]
SIMQuery is a tool that retrieves the ICCID and IMSI from a GSM SIM card.
Smelter [Free]
Multiple purpose tool for Siemens mobile telephones.
SnapMedia [Commercial]
Lets you extract pictures from your camera phone to store on your PC.
UndeleteSMS [Free]
UndeleteSMS can recover deleted SMS messages from a GSM SIM card.
WOLF [Commercial]
Extracts the information from the internal memory of the iPhone without altering the device.
27
.XRY [Commercial]
Hardware and Software
4.13 How to take a Complaint from the Victim?____________________ 4.13.1 Law & Order
These are the steps mentioned below which are involved in taking the complaint from a victim in any Police station in case of Lost or Stolen Mobile Phone ; Should take the Name of the Mobile Phone Owner. Should take the Residential Address of the Victim. Should take the address or the location from where the Mobile was lost or Stolen. Should take the IMEI Number of the Mobile phone. Should take the Name & Phone Number of the Lost or Stolen Mobile phone service Provider like, Airtel, Vodafone, Idea, Aircel, etc. Should note the Handset Model along with the last specifications like color, any mark or anything of the Mobile that helps in investigation. Should send the request to take support from Service Provider in order track or Block the Mobile or its services. Should send the request to take support from Mobile Phone Manufactures of that country by dialing their Customer Service Numbers in order to block and track the Handset.
28
29