Cell Phone Forensics - a Brief Introduction

by : Disklabs

Cell Phone Forensics - A Brief Introduction

Cell Phone Forensics or Mobile Phone Forensics are improving daily. These services are now commercially available through certain specialist companies, (Disklabs, ( http://www.mobilephoneforensics.com), Disklabs, (http://www.disklabs.com), and ICG Inc, (http://www.icginc.com)), and is no longer reserved for the most high profile murder enquiries, but by individuals checking to see if their partner or lover has been cheating on them, by Human Resources, who need to prove if "that" phone call was actually taken, or by Private Investigators who are checking to see if the client was where they say they were at a given specific time. Above are of course, just a few of the hundreds of examples of why cell phone forensics are becoming more and more important in the lives of the military, investigative agencies, (police forces, security agencies, private investigators), human resources and indeed private individuals.

These days, along with the computer, cell phone forensics is the police officers first point of call. Where are you likely to record everything? Where are the records of wrong doings going to be stored? Even if you are not the sort of person to record wrong doings, human nature states that you will tell at least someone. On a computer, they could be stored within your PST file,(Microsoft Outlook personal storage file), your EDB file, (Microsoft Exchange storage file), your NSS, (Lotus Notes), your MSG, (Microsoft Outlook Express), and your EML, (generic email files), amongst others. All these records are kept digitally on various storage devices, be they mobile phone SIM cards, perhaps mobile phone 3G USIM cards, the generic mobile phone memory or internal memory cards; mainly MMC memory cards, but not exclusively. Nowadays, the forensic investigator does not have to solely rely on his mobile phone investigative resources, but has to have a sound knowledge of evidence handling, write-blocking and general computer forensics, to ensure that a full examination of all available data has been achieved for the client in a sound and forensically correct manner.

A more recent development in this technology is the cellular transmitter location, which is used to assist agencies in pinpointing the approximate whereabouts of the investigated. This sort of investigation technique was first used in a very high profile case in the United Kingdom, namely the murder of two young girls in a town called Soham called Jessica Chapman and Holly Wells, (http://news.bbc.co.uk/1/hi/england/2201146.stm). This technology is relatively new and although proved in a British court of law, does not necessarily mean that it is accepted throughout the world. There are of course downsides to this technology. Simply by passing the mobile phone in question to a colleague or accomplice with a disregard for the law would mean that the phone in question would be in another place at the time of a phone call, and therefore not be at the scene of the crime in question. There is also the problem with 'Pay-As-You-Go' type of phones, which have no legal tie to the owner. This is something which is still to be addressed.

Simon Steggles
Disklabs Data Recovery
Disklabs Computer Forensics
Mobile Phone Forensics
Satnav Forensics


t (UK) 0800 DATA SOS
t (INTL) +44 (0) 1827 55999
f (INTL) +44 (0) 1827 66666