Mobile Device Forensics

Our society has moved away from being confined to an office or a home for communications.  The computers that were designed in the 1950’s filled entire buildings, but they lacked the power of those computers that were designed in the 1960’s and 1970’s that filled only rooms.  Those computers that filled entire rooms were groundbreaking but lacked the abilities of the digital watches that we wear today.  What once filled entire buildings now fit into the palm of your hand.

 

Along with these ground breaking designs, the technology in which we extract information have changed drastically in even the last decade.  It is no longer just the training and holding one specialized tool that can extract that vital text message or break the password of that iPad.   In order to be successful, a multi-platform approach must be made.  The infrastructure of the Lone Star Digital Forensic Group is on par with law enforcement’s most powerful laboratories.  A single device can be processed with several different techniques and several different tools in order to maximize the results.

Cellebrite UFED Touch Ultimate

Our firm’s mobile forensic platform is anchored by the use of the Cellebrite’s Universal Forensic Extraction Device (UFED) Touch Ultimate.  These device are the very latest in mobile forensic extraction tools and are also the anchors of most Federal, State, and Law Enforcement Forensic Labs (those that can afford the investment).  The UFED Touch Ultimate has the ability to extract data from more than 6,000 mobile devices include Apple, Android, Blackberry, Palm, and many proprietary devices.  This device when combined with the proper training can aid an examiner in defeating many of the encryption methods that users are implementing (passcode and pattern lock). Our Cellebrite’s are fully licensed and updated to the latest software.  The examiner’s who deploy these devices for Lone Star Forensic Group are trained and certified, and each have examined thousands of devices in their careers.

 

Magnet Forensic’s IEF and Axiom

These are revolutionary tool has become of the most popular forensic platforms in the world in just a few short years.  This platform is designed to process all manner of device and concentrate on internet based evidence.  With this tool, our examiner’s are able to reconstruct internet artifacts in order to capture what a device user is doing in web based applications.  A user’s web based email (gmail, live mail, yahoo) can be reconstructed and recovered.  Applications such as Whats App, Kikk, and many others are now viewable.  At the Lone Star Forensic Group, our examiner have access to fully licensed copies of the platform with all available options and have used this incredible piece of software to great success on a national scale.

Blackbag Technology's Mobilyze

One of the newest major players in the mobile forensic world is Mobilyze from Blacklight Forensic.  This tool is built to service Apple devices and Android devices which currently hold over 96% of the market.  This software platform's focus on Apple operating system can at time pull data and applications that other devices never see.  The format of the reports are some of the most popular among our attorney clients.  This package is able to examiner both Standard and Jailbroken iPhones as well as Rooted and Non-Rooted Androids.  With continual updates servicing new models, applications, and operating system updates, it is one of the most exciting tools available. 

Paraben Device Seizure and Stronghold Isolation Gear

Paraben's Device Seizure has long been a favorite of the corporate forensic world, and was actually the Lone Star Forensic Group's first major mobile device platform.  Device Seizure has long been a favorite for some of the more unique handsents that our firm encounters and continues to be an important asset to our toolbox.  The Stronghold Isolation Gear is also used by the Lone Star Forensic Group to block signals that could possible contaminate evidence during seizure, intake, transportation, or initial processing.  Our firms' commitment to evidence integrity is shown by our use of top quality isolation gear in each stage of the process. 

JTAG & Chip Off

JTAG stands for Join Testing Action Group and is an advanced mobile device forensic technique. This techinque involves accesses the physical connectors on the control board installed by the device manufacturer and using those connections to access the storage device.  This techinque is an advanced forensic technique that requires hundreds of hours of training and practice to implement as well as a signifanct infrastructure investment to handle such tasks. Chip Off forensics is an advanced digital extraction and analysis technique which involves physically removing flash memory chip or chips from a device and then acquiring the raw data using specialized equipment. Chip-off forensics is a powerful capability that allows an examiner to collect a complete physical image of nearly any device – even those which have suffered significant damage.  The Lone Star Forensic Group is proud to offer these advanced services to customers.