Difference between pages "Residual Data on Used Equipment" and "Radio Frequency (RF) Jammers"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
m
 
(How It's Done)
 
Line 1: Line 1:
Used hard drives are frequently a good source of images for testing forensic tools. That's because many individuals, companies and organizations neglect to properly sanitize their hard drives before they are sold on the secondary market.
+
== The Basics of Cell Phone Jamming ==
 +
Cell phones work by communicating with a service network through the utilization of cellular towers or base stations. Individual towers partition cities into small sections called cells. As a cell phone user traverses the cells in an area, the signal is passed from tower to tower.
  
You can find used hard drives on eBay, at swap meets, yard sales, and even on the street.  
+
Jamming devices take advantage of this fact by transmitting on the spectrum of radio frequencies used by cellular devices. Through its concurrent transmission, the jamming device is able to disrupt the two-way communication between the phone and the base station. This form of a denial-of-service attack inhibits all cellular communication within range of the device.
  
 +
== How It's Done ==
 +
Through the transmission of a high power signal on the same frequency of a cell phone, the jamming device creates a competing signal that collides with, and, in effect, cancels out the cellular signal. Cell phones, which are designed to increase power in the case of low levels of interference, react to this interference. Consequently, jamming devices must be aware of any increases in power by the cellular device and match that power level accordingly.
  
=Media Accounts=
+
As cellular telephones are full-duplex devices utilizing two separate frequencies (one for talking, one for listening where all parties to a call can talk at the same time as opposed to half-duplex walkie-talkies and CBs), any removal of one of these frequencies tricks the phone into thinking there is no cellular service. Consequently, the jammer need only block one of the frequencies.
==Used Hard Drives==
+
  
There have been several incidents in which individual have purchased a large number of hard drives and written about what they have found. This web page is an attempt to catalog all of those stories in chronological order.
+
The less complex jammers can only block a specific frequency group while the more complex jammers can block several different networks thus preventing dual- or tri-mode phones from switching to a different network with an open signal. Jammers are able to broadcast on any frequency and can interrupt AMPS, CDMA, TDMA, GSM, PCS, DCS, iDEN and Nextel systems. The effective range of a jammer is dependent upon the strength of its power source and the immediate pysical environment (hills or walls which may block the jamming signal). Lower powered jammers have a call-block range of about 30 feet while higher power units can create a cellular signal-free zone about the size of a football field. In addition, certain units applied by law enforcement have been known to shut down cellular service approximately 1 mile from the jamming device.
  
* '''2003-01''': [[Simson Garfinkel]] and Abhi Shelat at MIT publish a study in ''IEEE Security and Privacy Magazine''  which documents large amount of personal and business-sensitive information found on 150 drives purchased on the secondary market.
 
  
* '''2006-06''': A man buys a family's hard drive at a fleamarket in Chicago after the family's hard drive is upgraded by Best Buy. Apparently somebody at Best Buy violated company policy and instead of destroying the hard drive, they sold it. [http://www.youtube.com/watch?v=pcyemfJ5H3o&NR Target 5 Investigation]
 
  
* '''2006-08-10''': The University of Glamorgan in Wales purchased 317 used hard drives from the UK, Australia, Germany, and the US. 25% of the 200 drives purchased from the UK market had been completely wiped. 40% of the purchased drives didn't work.  40% came from businesses, of which 23% contained enough information to identify the company. 5% had business sensitive information. 25% came from individuals, of which many had pornography, and 2 had to be referred to the police for suspected child pornography.
 
  
* '''2006-08-14''': [http://news.bbc.co.uk/2/hi/business/4790293.stm BBC News] reports on bank account information recovered from used PC hard drives and being sold in Nigeria for £20 each. The PCs had apparently come from recycling points run by UK town councils that are then "recycled" by being sent to Africa.
+
WORK IN PROGRESS -- PLEASE CHECK BACK WEEKLY
  
* '''2006-08-15''': Simson Garfinkel presents results of a study of 1000 hard drives (750 working) at the 2006 Workshop on Digital Forensics. Results of the study show that information can be correlated across hard drives using Garfinkel's [[Cross Drive Analysis]] approach.
+
== What's Inside a Cell Phone Jammer ==
 
+
* '''2007-02-06''': [http://www.fulcruminquiry.com Fulcrum Inquiry], a Los Angeles litigation support firm, purchased 70 used hard drives from 14 firms and discovered confidential information on 2/3rds of the drives.
+
 
+
* '''2007-08-30''': Bill Ries-Kinght, an IT consultant, purchases a 120GB Seagate hard drive on eBay for $69. Although the drive was advertised as being new, it apparently was previously used by the campaign of Mike Beebe, who won the Arkansas state governorship in November 2006. "Among the files were documents listing the private cell phone numbers of political allies, including US Senators Blanch Lincoln and Mark Pryor and US Representatives Marion Berry, Mike Ross and Vic Snyder. It also included talking points to guide the candidate as he called influential people whose support he sought," states an article published in [http://www.theregister.co.uk/2007/08/30/governors_data_sold_on_ebay/ The Register].
+
 
+
* '''2008-01-28''': Gregory Evans, a security consultant in Marina Del Ray, Calif., bought a $500 computer at a swap meet from a former mortgage company. It contained credit reports on 300 people in a deleted file, according to an article published in [http://www.nydailynews.com/money/2008/01/28/2008-01-28_sensitive_info_lives_on_in_old_computers.html The New York Daily NEws]. The security consultant was also able to recover the usernames and passwords of the mortgage company's former employees.
+
==Cell Phones==
+
* [http://www.wired.com/techbiz/media/news/2003/08/60052 BlackBerry Reveals Bank's Secrets], Wired, August 8, 2005.
+
* [http://www.taipeitimes.com/News/feat/archives/2008/09/28/2003424400 Who has your old phone's data], Pete Warren, The Guardian, London, Sept. 28, 2008, page 13.
+
==Cameras==
+
* [http://www.telegraph.co.uk/news/uknews/3107003/Camera-sold-on-eBay-contained-MI6-files.html Camera sold on eBay contained MI6 files], Jessica Salter, Telegraph, September 30, 2008.
+
 
+
==Network Equipment==
+
* [http://www.pcpro.co.uk/news/227190/council-sells-security-hole-on-ebay.html Council sells security hole on Ebay], Matthew Sparkes, PC Pro, September 29, 2008 - Kirkless Council (UK) sells a Cisco [[VPN]] 3002 Concentrator on Ebay for 99 pence. The device is purchased by Andrew Mason, a security consultant, who discovers that the Cisco [[VPN]] device still has the full configuration for the Kirkless Council and the device hasn't been deactivated.
+
 
+
=See Also=
+
[[Residual Data]]
+

Revision as of 19:50, 21 September 2006

The Basics of Cell Phone Jamming

Cell phones work by communicating with a service network through the utilization of cellular towers or base stations. Individual towers partition cities into small sections called cells. As a cell phone user traverses the cells in an area, the signal is passed from tower to tower.

Jamming devices take advantage of this fact by transmitting on the spectrum of radio frequencies used by cellular devices. Through its concurrent transmission, the jamming device is able to disrupt the two-way communication between the phone and the base station. This form of a denial-of-service attack inhibits all cellular communication within range of the device.

How It's Done

Through the transmission of a high power signal on the same frequency of a cell phone, the jamming device creates a competing signal that collides with, and, in effect, cancels out the cellular signal. Cell phones, which are designed to increase power in the case of low levels of interference, react to this interference. Consequently, jamming devices must be aware of any increases in power by the cellular device and match that power level accordingly.

As cellular telephones are full-duplex devices utilizing two separate frequencies (one for talking, one for listening where all parties to a call can talk at the same time as opposed to half-duplex walkie-talkies and CBs), any removal of one of these frequencies tricks the phone into thinking there is no cellular service. Consequently, the jammer need only block one of the frequencies.

The less complex jammers can only block a specific frequency group while the more complex jammers can block several different networks thus preventing dual- or tri-mode phones from switching to a different network with an open signal. Jammers are able to broadcast on any frequency and can interrupt AMPS, CDMA, TDMA, GSM, PCS, DCS, iDEN and Nextel systems. The effective range of a jammer is dependent upon the strength of its power source and the immediate pysical environment (hills or walls which may block the jamming signal). Lower powered jammers have a call-block range of about 30 feet while higher power units can create a cellular signal-free zone about the size of a football field. In addition, certain units applied by law enforcement have been known to shut down cellular service approximately 1 mile from the jamming device.



WORK IN PROGRESS -- PLEASE CHECK BACK WEEKLY

What's Inside a Cell Phone Jammer