Mobile phone forensic experts can recover almost everything from these gadgets.
So you think that deleting incriminating text messages from your phone will prevent them from ever coming back to haunt you. Think again.
Mobile phone forensic experts can recover almost everything from these gadgets. And what’s more?
The police are very willing to work hand in hand with the technologists in order to find the truth and possibly convict you.
Mind you, even a factory reset, wiping or formatting of a device’s memory doesn't mean its data can't be recovered.
In April, Kenyan police hinted that they had used mobile data handlers to solve a crime that eventually led to the killing of wanted criminals. They said they had done so by retrieving messages from a suspect’s mobile phone.
An employee of a mobile data recovery firm told Nation that the firm he works with helped the security officials. But due to a non-disclosure agreement between the company and the Criminal Investigation Department, he did not want his employer’s name mentioned.
Now you know: the only way to stay on the right side of the law is not to send libellous or criminal text and multimedia messages.
Police can analyse phones for evidence of such things, besides internet browser history, contacts, photos, calendars, notes and videos, given that a user had saved them on their phone and regardless of whether or not they made a deletion.
This is because mobile phone forensic experts have numerous tools that help them access many layers of data on a device; deep within a smartphone's memory.
The basis is that when an item is saved on a phone, for example, the device’s operating system will usually store variations of that element in several different locations.
This makes anything recoverable through retrieving and analysing memory chips.
With tools such as Universal Forensic Extraction Device and FINALDATA FINALMobile Forensics, authorities can just plug a phone in them and download its memory to a hard disk.
Increasing criminal usage of phones manufactured with Chinese chipsets has caused specific tools – MediaTek, Spreadtrum and MStar are examples – to be developed to address this aspect.
What authorities do is first seize the mobile phone under legal considerations, that is if it is evidence. Various measures, such as putting it in airplane mode, may be taken in order to prevent a shutdown or new information from overwriting potential evidence.
Then material is retrieved. Most tools used for this purpose consist of a hardware and software component that is often automated. Mobile device acquisition is performed live because it is often not possible to acquire data with the source gadgets switched off.
Using specialised and automated forensic software products and generic file viewers, data handlers extract information from the memory image. Most will use more than one tool because none can extract all evidence from memories.
Then
once evidence is found, it is given to the police who use it against
the criminal, therefore rendering the ‘delete’ button a ‘hide’ one since
data is still recoverable.
No comments :
Post a Comment