Difference between pages "Caselaw" and "Cell phones"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Court Decisions)
 
(Forensics)
 
Line 1: Line 1:
The legal information below is not legal advice. You should consult a lawyer if you want professional assurance that this information, and your interpretation of it, is appropriate to your situation.
+
'''Cell phones''' or '''mobile phones''' are an important target for [[forensic investigator]]s.
  
The following are highlights of important cases to digital forensics and electronic discovery.
+
== Technologies ==
 +
 +
* [[CDMA]]
 +
* [[TDMA]]
 +
* [[GSM]]
 +
* [[iDEN]]
 +
* [[EDGE]]
 +
* [[GPRS]]
 +
* [[UMTS]]
  
==Court Decisions==
+
== Hardware ==
  
'''United States v. Warshak, 631 F.3d 266 (6th Cir. Dec. 14, 2010)'''<br />
+
* [[RIM BlackBerry]]
The Sixth Circuit Court of Appeals ruled that the government must have a search warrant before it can seize and search emails held by email service providers. "Given the fundamental similarities between email and traditional forms of communication [like postal mail and telephone calls], it would defy common sense to afford emails lesser Fourth Amendment protection..." [https://www.eff.org/files/warshak_opinion_121410.pdf]
+
* [[T-Mobile Sidekick  ]]
 +
* [[SIM Cards]]
  
'''Binary Semantics Ltd. v. Minitab, Inc., Case No. 07‐1750 (M.D. Pa. May 5, 2008)'''<br />
+
== Operating Systems ==
In 2008, a district court agreed that a forensic image of an entire FTP server was "overly‐broad and intrusive,” allowing the defendants only authorization for “a forensic copy of the relevant folders on [the] FTP server."
+
  
'''Harkabi v. Sandisk Corp., 2010 U.S. Dist. LEXIS 87843 (S.D.N.Y. Aug. 23, 2010)'''<br />
+
* [[Microsoft PocketPC]]
Electronic discovery requires litigants to scour disparate data storage mediums and formats for potentially relevant documents. That undertaking involves dueling considerations: thoroughness and cost.
+
* [[Microsoft Windows Mobile]]
 +
* [[Palm]]
 +
* [[RIM BlackBerry]]
 +
* [[Symbian]]
 +
* [[Linux]]
  
'''United States v. Scott‐Emuakpor, 2000 U.S. Dist. LEXIS 3118 (W.D. Mich. 2000)'''<br />
+
== Forensics ==
The court was satisfied with a third‐party collecting the forensic data as long as it was accompanied by "the testimony of a witness who was present and observed the procedure by which the documents were obtained from Defendant's computers."
+
  
'''Griffin v. State, 2010 Md. App. LEXIS 87 (Md. Ct. Spec. App. May 27, 2010)'''<br />
+
'''Procedures'''
Social media profiles on MySpace or Facebook could be authenticated circumstantially by their content and context in the same manner as other forms of electronic communications.
+
  
'''State v. Rivas, 2007 Ohio App. LEXIS 3299 (Ohio Ct. App. Jul. 13, 2007)'''<br />
+
* [[Cell Phone Forensics]]
The court overturned the conviction of the defendant due to the fact that an ''[http://en.wikipedia.org/wiki/In_camera in camera]'' review of the police department's computer was not performed, which would have verified that accuracy of the transcripts that were recorded from a chat room and subsequently used against the defendant.
+
* [[SIM Card Forensics]]
 +
* [[External Memory Card Forensics]]
 +
* [[Blackberry Forensics]]
 +
* [[JTAG Forensics]]
  
'''Fenje v. Feld, 2003 U.S. Dist. LEXIS 24387 (N.D. Ill., Dec. 8, 2003)'''<br />
+
== Tools ==
The authentication of email messages presented in support of a summary judgement motion was at the core of this wrongful termination case. The court found that email messages may be authenticated as being from the suspected author based on the following factors:
+
* The email address from which it was sent
+
* An affidavit of the recipient
+
* Comparison of the content of the email with other evidence
+
* Other communication from the suspected author acknowledging the email message in question
+
  
'''U.S. v. Cameron, 2010 WL 3238326 (U.S. District Court for the District of Maine 2010)''' (on-going)<br />
+
'''Flashers'''
Yahoo! detected child pornography and reported it to the NCMEC, and Cameron expected the Government to produce as witnesses the Yahoo! technician who collected the evidence. The judge noted that at trial the "Government need not call each of the technicians who did the search so long as it" presented a witness who can "explain and be cross-examined concerning the manner in which the records are made and kept." Further, the Judge ordered that the Government is not obligated to turn over evidence that it does not possess (e.g. "the original or a copy of the Yahoo! photo server and server files" or "the physical location of the original server files")
+
* [[UFS Tornado]]
  
'''Krumwiede v. Brighton Associates, LLC, 2006 WL 1308629 (N.D. Ill. May 8, 2006)'''
+
'''Hardware'''
Default judgment granted for deleting, altering and accessing electronic data despite litigation hold. Plaintiff deleted file with a combination of "deliberate movement of file data, admitted deletion activities, multiple use of defrag, use of ZIP file to conceal or transport [the defendants'] data, [and use of] multiple USB devices [to] intend to destroy evidence." Summary judgment against plaintiff for interfering with the discovery process.
+
* [[Azimuth RadioProof™ Enclosures]]
 +
* [[Cellebrite UFED]]
 +
* [[LogiCube CellDEK]]
 +
* [[LogiCube CellDEK TEK]]
 +
* [http://www.msab.com/xry/field-version | Micro Systemation Field Version]
 +
* [[Network Security Solutions Secure Tents]]
 +
* [[Network Security Solutions Seizure Bags for Cell Phones/PDAs/Laptops]]
 +
* [[Paraben CSI Stick]]
 +
* [[Paraben Device Seizure Toolbox]]
 +
* [[Paraben Handheld First Responder Kit]]
 +
* [[Paraben StrongHold Bag]]
 +
* [[Radio Frequency (RF) Jammers]]
 +
* [[Radio Tactics Acesso]]
 +
* [[Radio Tactics Apollo]]
 +
* [[Radio Tactics Athena]]
 +
* [[SIM Card Readers]]
  
== Further Information ==
+
'''Software'''
* [http://www.setecinvestigations.com/resources/casesummaries.php http://www.setecinvestigations.com/resources/casesummaries.php]
+
* [[BitPIM]]
* [http://www.iediscovery.com/resources/lawlibrary http://www.iediscovery.com/resources/lawlibrary]
+
* [[BK Forensics Cell Phone Analyzer]]
* [https://extranet1.klgates.com/ediscovery/Search.aspx https://extranet1.klgates.com/ediscovery/Search.aspx]
+
* [[FloAt's Mobile Agent]]
 +
* [[ForensicMobile]]
 +
* [[ForensicSIM]]
 +
* [[Guidance Software Neutrino]]
 +
* [[iDEN Companion Pro]]
 +
* [[iDEN Media Downloader]]
 +
* [[iDEN Phonebook Manager]]
 +
* [[.XRY |MicroSystemation .XRY]]
 +
* [[MOBILedit!]]
 +
* [[Oxygen Forensic Suite 2010]]
 +
* [[Paraben Device Seizure]]
 +
* [[Paraben SIM Seizure]]
 +
* [[Pandora's Box]]
 +
* [[Quantaq USIMdetective]]
 +
* [[Quantaq USIMcommander]]
 +
* [[Quantaq USIMdetective]]
 +
* [[Quantaq USIMexplorer]]
 +
* [[Quantaq USIMprofiler]]
 +
* [[Quantaq USIMregistrar]]
 +
* [[SIMiFOR]]
 +
* [[Susteen Secure View]]
 +
* [[TULP2G]]
 +
* [[WOLF]]
  
[[Category:Law]]
+
==See Also==
 +
[[Cell phone forensics bibliography]]

Revision as of 11:09, 6 August 2013

Cell phones or mobile phones are an important target for forensic investigators.

Technologies

Hardware

Operating Systems

Forensics

Procedures

Tools

Flashers

Hardware

Software

See Also

Cell phone forensics bibliography