Difference between revisions of "BlackBerry"

From Forensics Wiki
Jump to: navigation, search
(Forensics: tyler added the stronghold bag information)
(Models)
 
(24 intermediate revisions by 10 users not shown)
Line 1: Line 1:
=Overview=
+
[[Image:BlackBerry.jpg|thumb|right]]
The Blackberry is a wireless handheld device that supports e-mail, mobile phone capabilities, text messaging, web browsing, and other wireless information services.
+
  
 +
The [[RIM]] '''BlackBerry''' is a personal wireless handheld device that supports e-mail, [[mobile phone]] capabilities, text messaging, web browsing, and other wireless information services. It is most commonly utilized for business purposes.
  
 +
== History ==
  
==History==
+
The BlackBerry was first introduced in 1999 by a company called [[Research In Motion]] ([[RIM]]).
The Blackberry was first introduced in 1999 by a company called Research in Motion (RIM).
+
  
 +
== Operating System ==
  
 +
The [[BlackBerry OS]] provides easy access to applications such as e-mail, to do list, memos, address book, and many other features. With the newer operating systems 4.1 and later, composing messages are much more convenient by providing auto text.
  
=Operating System=
+
== Models ==
 
+
 
+
 
+
=Models=
+
  
 +
* 6200 Series
 +
* 6500 Series
 +
* 6700 Series
 
* 7100 Series
 
* 7100 Series
 
+
* 7130 Series
 +
* 7200 Series
 
* 7700 Series
 
* 7700 Series
 
+
* 7500 Series
* 7520
+
+
 
* 7700 Series
 
* 7700 Series
 
+
* 8100 Series
 +
* 8300 Series
 
* 8700 Series
 
* 8700 Series
 +
* 8800 Series
 +
* BlackBerry Storm
 +
* BlackBerry Bold
 +
* BlackBerry Pearl
 +
* BlackBerry Curve
  
=Forensics=
+
== Forensics ==
 
+
RIM's push technology adds a new and different look at the forensics investigation of a PDA. Unlike traditional PDA's that need to be synchronized with a host computer with the use of a cradle or docking station, Blackberry's are synchronized wirelessly by the pushing of data onto the device. This means that the data on the device could potentially be changing at any moment. Also, a blackberry is never really off. What seems like “off” to the user is really only the display, keyboard, and radio being disabled. So when the device is powered back on to the user, items that have been waiting to be pushed to the device from the server begin immediately. This does not give the forensics examiner the time needed to shut down the device. For this reason, the first step in the acquisition of a Blackberry is to leave it off. The device should only be turned back on when it is in a place that cannot receive a signal and thus nothing can be pushed to it.
+
 
+
=Stronghold Bag=
+
A good way to be sure that the Blackberry is not sending and recieving when you don't want it to would be to place it inside a "Wireless Stronghold Bag".  Parabin Corporation, one of the leading companys in the development of cell phone forensics, sells such bags.  First responders can use this bag to ensure proper wireless lockdown procedures are followed and that the evidence is protected from potential case killers such as after seizure wireless communications.
+
 
+
The special tri-weave material used in the "Wireless StrongHold Bag" is made of a Nickel, Copper, Silver Plated Nylon plain woven fabric.  This fabric is key in preventing unwanted signals from tampering with your evidence.
+
 
+
Parabin sells these bags on their website at [http://www.paraben-forensics.com Paraben Corporation].
+
 
+
 
+
  
 +
[[Blackberry Forensics|Forensics on the RIM platform]]  is complicated by the fact that this is a "push" device --- the RIM server will push device to the [[PDA]] whenever the PDA's radio is on and there is data available.
  
'''References:'''
+
RIM devices also feature a remote self-destruct feature. This feature cannot be activated if the radio is turned off, of course.
----
+
[http://www.oreillynet.com/pub/a/wireless/2005/09/15/what-is-blackberry.html "What is a Blackberry?"]
+
  
[http://www.discoverblackberry.com/ Discover Blackberry]
+
Both of these features mean that you need to be sure that the radio is off when doing a forensic investigation.
  
[http://www.rh-law.com/ediscovery/Blackberry.pdf Forensic Examination of a RIM (BlackBerry) Wireless Device]
+
Depending on the setting, entering a wrong password a certain number of times will wipe the device.
  
[http://www.paraben-forensics.com/catalog/product_info.php?cPath=26&products_id=173&osCsid=cf1086f4531222932094533fe4420d74 Wireless Stronghold Bag ]
+
== References ==
 +
* [http://www.blackberry.com/ BlackBerry.com], the BlackBerry main site.
 +
* [http://www.rim.com/ Research In Motion], the manufacturer of the BlackBerry.
 +
* [http://www.blackberryfreeware.org/ BlackBerry Freeware Directory], community-driven free software collection
 +
* [http://www.blackberryfaq.com BlackBerry Frequently Asked Questions], Largest collaboration of Answers to Questions for BlackBerry
 +
* [http://www.oreillynet.com/pub/a/wireless/2005/09/15/what-is-blackberry.html What is a BlackBerry?]
 +
* [http://www.rh-law.com/ediscovery/Blackberry.pdf Forensic Examination of a RIM (BlackBerry) Wireless Device]
 +
* [http://www.paraben-forensics.com/catalog/product_info.php?cPath=26&products_id=173&osCsid=cf1086f4531222932094533fe4420d74 Wireless Stronghold Bag]

Latest revision as of 11:24, 1 December 2008

BlackBerry.jpg

The RIM BlackBerry is a personal wireless handheld device that supports e-mail, mobile phone capabilities, text messaging, web browsing, and other wireless information services. It is most commonly utilized for business purposes.

Contents

History

The BlackBerry was first introduced in 1999 by a company called Research In Motion (RIM).

Operating System

The BlackBerry OS provides easy access to applications such as e-mail, to do list, memos, address book, and many other features. With the newer operating systems 4.1 and later, composing messages are much more convenient by providing auto text.

Models

  • 6200 Series
  • 6500 Series
  • 6700 Series
  • 7100 Series
  • 7130 Series
  • 7200 Series
  • 7700 Series
  • 7500 Series
  • 7700 Series
  • 8100 Series
  • 8300 Series
  • 8700 Series
  • 8800 Series
  • BlackBerry Storm
  • BlackBerry Bold
  • BlackBerry Pearl
  • BlackBerry Curve

Forensics

Forensics on the RIM platform is complicated by the fact that this is a "push" device --- the RIM server will push device to the PDA whenever the PDA's radio is on and there is data available.

RIM devices also feature a remote self-destruct feature. This feature cannot be activated if the radio is turned off, of course.

Both of these features mean that you need to be sure that the radio is off when doing a forensic investigation.

Depending on the setting, entering a wrong password a certain number of times will wipe the device.

References