Archive for October 28, 2013

Computer Crime – How Your Data Is Stolen

Stealing credit card dataJust as technology has advanced, so do the techniques and skills of cyber criminals. These theives have achieved significant results in extracting personal and private data from people’s computers and put it to good use to further their personal gain. Some of these approaches are listed below.

Skimmers
Very common and very effective, the victim won’t ever recognize what happened before the charge card is illegally used later on. This could be disconcerting and is at the top of the approaches employed by cyber-criminals.

What’s done with the charge card information that’s been gathered? Any side company can direct all of their clients right into a boat-load of problems and frequently become victim to such websites.

Bot-net Attacks
The concept with this particular would be to have a string of virtual bots that may distribute malware onto a method.

Malware is intended to perform a variety of stuff and this may frequently be based on which the cyber-criminal requires. It’s a good idea to possess the appropriate antivirus software installed on 1’s computer to be able to handle these problems directly.

Social Engineering
It has just started becoming quite a popular approach used by criminals within the virtual world. The point would be to get the person to personally provide all of the advice to the offender by means of manipulative, neatly put tricks.

Phishing sites are frequently used for such approaches as they’re effective for people who aren’t in the know. All it requires is a couple of sufferers for this particular technique to be an easy one to get up their sleeves.

Always be cautious when using all these sites and make certain they’re safe and dependable. Advice should just be distributed to reputable sites with a history for protecting data.

Fast Flux
This is actually the notion of getting right through to a person’s computer with rapid (virtual) motion. It’s important to maintain a watchful eye out for just about any such action.

Conclusions
It’s significant to keep a watch on all action that’s being done on one’s computer. Law enforcement continues to handle this problem head on, but the greatest preventative measure is constantly on an individual level in the home.

The uses of DLT, DDS and LTO Data backup Storage Tapes

data tape conversion, recovery and duplicationIf you are looking for storage solutions to back up your files there are various systems used some of these backup tapes include DDS, DLT and LTO. In order for you to decide which system will work for you best you will need to take the amount of storage that you need into account. In this article we will discuss their advantages, disadvantages and make recommendations on what to do if your tape develops a fault that requires expert assistance. We’ve been involved with data backup storage tapes and their recovery for over 15 years and like to think our advice is good.

DLT (digital linear tape) is a system that has been around since 1985 recently this system has undergone an upgrade in capacity and speed making it a sought after storage system. If you require storage for either a small or medium type system it would be advisable to use a DLT storage tape. DLT tapes are a reliable way to store your systems as it uses a straight down and up recording type mode.

Using a DLT system now means you can store up to 110 gigabytes on a single tape and the speed it offers is 10 megabytes in a second. This latest advancement has enabled the DLT tapes to take on networks and systems that it could not previously handle.

The DDS system unfortunately cannot be compared to the DLT and LTO as it will only offer you with 2.4 megabytes per a second and you will only be able to store up to 20 gigabytes of storage making this system low on capacity and performance levels.

LTO is a storage system that is produced by Hewlett- Packard and IBM. The LTO stands for (linear tape open). With this storage tape you are able to store up to 100 gigabytes at a speed of 15 megabytes in a second.

Both DLT and LTO systems can offer you with a fast and effective way to store your backup files. However the popularity in the two systems definitely leans towards using the DLT system. Over thirty million cartridges have been sold to date meaning this product is definitely a favourite among people looking for an effective method to back up their systems.

DLT has the ability to read tapes that you may have that are old but it will not be able to write them. You would be advised to maintain your present archives in a format that will allow the DLT system to use them. This system can save you on money and time when it comes to re-recording your older tapes onto new ones.

If you have used a DDS system in the past for storage purposes you can now make use of a more advanced system such as DLT to re record and place your storage onto a more effective way of storing.

Today the demands on storage have grown to new heights and more and more people are looking at options available on back up, retrieving, protecting and storing of important data.
LTO offers new technology along with a high powered way of backing up of your data, while DTO offers you a refinement in their new Super DLT range that has come leaps and bounds from the first system used back in 1985.

Make use of either a LTO or DTO system to back up your precious data, there is now an innovative way to ensure you are able to save your older tapes and place them onto new ones without sacrificing on the end quality of the tape.

Storage is a wonderful way to protect your assets that require storage solutions, this will protect you from damage and permanent loss on older tapes you may be keeping. Remember to always place data onto a back up system to avoid unwanted losses that can be experienced from theft or damage.

Links:

Tape Data Duplication & Conversion Services page

Data Tape Recovery Service page

Angela Merkel’s Phone Hacked by US…

Germany has summoned the US ambassador in Berlin around promises the US monitored German Chancellor Angela Merkel’s mobile phone.

Foreign Minister Guido Westerwelle will meet US envoy John Emerson after in what is viewed as an unusual measure between close friends.

However, it left open the question of whether calls were listened to formerly.

French President Francois Hollande had already called for the issue to be place within the strategy of the summit, where EU leaders are anticipated to discuss Europe’s digital economy, economic recovery and immigration.

‘Completely unacceptable’
The German government has not said how it received the hint about the alleged US spying. But news magazine Der Spiegel, which has printed reports predicated on content from former CIA contractor Edward Snowden, said the guidance had come from its investigations.
Continue reading the story
Press review

Germany’s Berliner Zeitung regrets that “just now does the government appear to really understand what it is happening”

Press aghast at latest US spying claims
State-observation of phone calls has a particular resonance in Germany – Mrs Merkel herself grew up in East Germany, where mobile-tap was pervasive.

Her spokesman said the German leader “views such practices… as completely unacceptable” and had needed a “complete and comprehensive explanation”.

White House spokesman Jay Carney said the US “is not tracking and cannot monitor the communications of the chancellor”.

German ministers’ phones have purportedly been protected using technology from security company Secusmart since 2009. Secusmart said in March that German government officials could be issued with new, highlysecured technology made for Blackberry mobile phones.

A German ADVICE technology expert told the BBC that security services for lots of countries may have intercepted the chancellor’s calls before she had complete encryption.

Numerous US friends have expressed fury on the Snowden-based spying allegations.

‘No business as usual’
Germany’s press echoed a sense of indignation, with a frontpage comments Sueddeutscher Zeitung – 1 of the country’s most respected newspapers – referring to the “biggest possible affront”.

German Defence Minister Thomas de Maiziere said it will not be possible to come back to business as usual. That is much more than a tiff that’ll blow over easily, the BBC’s Stephen Evans reports from Berlin.

President Obama had guaranteed Chancellor Merkel in June that German citizens were not being generally spied upon.

Edward Snowden – A Timeline

This timeline deals with events from June-August 2013.

Useful Link: http://en.wikipedia.org/wiki/Edward_snowden

Edward Snowden, a former Central Intelligence Agency technical worker, is the wellspring of one of the worst info leaks in US history. Materials supplied by Mr Snowden for the media allege the US has conducted widespread and illegal surveillance of its own citizens and other states. The BBC looks at the way the relationship has developed since it broke in June.
Scandal starts

6 June 2013: Guardian journalist Glenn Greenwald reports the US National Security Agency (NSA) is accumulating the phone records of millions of Verizon customers beneath a top secret court order giving the government unlimited ability to get communications data for a span.

7 June: The Washington Post report and Guardian the NSA is gathering data under a previously undisclosed surveillance programme called Prism, and obtaining the systems of US internet giants including Facebook and Google. The programme enables officials to accumulate material including live chats, emails and search histories.

8 June: US President Barack Obama says the government surveillance programmes reach “the right balance” between security and privacy and are closely supervised by Congress and also the courts.
Snowden named and in Hong Kong

9 June: Edward Snowden, 29, is named as the origin of the intelligence leaks. Speaking from Hong Kong, he describes why he went public.

10 June: Mr Snowden checks out of his Hong Kong hotel and his whereabouts remain unknown since it’s rumoured the US is pursuing a criminal investigation against him.

11 June: The EU demands US assurances that Europeans’ rights aren’t being infringed by the just-revealed surveillance programmes. Mr Snowden’s company, defence contractor Booz Allen Hamilton, says it has fired the infrastructure analyst for breaking its ethics code.

12 June: Mr Snowden tells the South China Morning Post from a secret place in Hong Kong that he’ll fight any effort to extradite him. The Speaker of the US House of Representatives John Boehner describes him as a traitor. British citizens their intelligence agencies and the UK guarantees US are functioning within the law.

13 June: Mr Snowden says the US government is hacking computers in mainland China and Hong Kong for years. NSA Director Keith Alexander tells the US Senate that surveillance programmes have interrupted dozens of terror plots.

14 June: FBI Director Robert Mueller says Mr Snowden has caused the US “considerable damage” and tells Congress the US will hunt him down and prosecute him.

15 June: Hundreds of protesters march to the US consulate in Hong Kong, demanding local authorities protect Mr Snowden.

17 June: Mr Snowden denies he is a Chinese agent and says US officials, in labelling him a traitor, have ruined any chance of the fair trial.

18 June: Mr Snowden’s dad, Lon, issues a public plea urging his son not to commit “treason”.

19 June: NSA Director Alexander tells the surveillance programmes to the US House intelligence committee leaked by Mr Snowden helped thwart 50 strikes since 2001.
From Hong Kong to Moscow

20 June: Wikileaks creator Julian Assange tries to broker a deal to allow asylum to Mr Snowden in Iceland.

22 June: US prosecutors file a criminal charge, charging Mr Snowden with larceny and espionage. His extradition is requested by the White House from Hong Kong.

23 June: as extradition pressure builds Mr Snowden flies from Hong Kong to Moscow. Ecuador’s foreign minister confirms on Twitter that Mr Snowden has requested asylum there. Ecuador sheltered Mr Assange in its London embassy for the previous year, and has has an extradition treaty with all the US but allows for political asylum exemptions.

24 June: White House spokesman Jay Carney urges Russia to return Mr Snowden, and says the fashion of his own departure from Hong Kong would “unquestionably affect” on US relations with China.
June Vladimir Putin, right, and Barack Obama in Northern Ireland, June 2013 Relationships between the USA and Russia were already anxious on 17

25 June: China describes US accusations that it facilitated the departure of Mr Snowden from Hong Kong as “groundless and unacceptable”. Russian President Vladimir Putin confirms Mr Snowden is really in the transit region of Moscow’s Sheremetyevo airport and stays a free guy. US Secretary of State John Kerry requests Russia transfer the “fugitive of justice” to the Usa.

27 June: Ecuador warns it could take weeks to rule on Mr Snowden’s asylum bid.

28 June: Mr Snowden’s dad, Lon, ask US Attorney General Eric Holder for “ironclad assurances” his son’s rights will probably be protected should he return for the US.

29-30 June: Germany’s Der Spiegel magazine says it has seen a secret file supplied by Mr Snowden showing the US bugged EU offices in Washington and at UN headquarters in Big Apple. European officials demand “complete clarification” from the US.
Snowden’s bids for asylum
Edward Snowden at Sheremetyevo Airport in Moscow (12 July 2013) July Edward Snowden is seen for the very first time in three weeks on 12

1 July: Mr Snowden applies to Russia for political asylum; President Putin says he should stop leaking US secrets if he wants to remain. President Obama recognizes “high level” discussions with Moscow on extradition.

2 July: Mr Snowden withdraws his asylum request to Russia and sends requests to 20 other states, according to Wikileaks.

3-5 July: Bolivian President Evo Morales’ plane is redirected to Austria amid suspicion that Mr Snowden is on board. President Morales threatens to shut the US embassy in Bolivia in response.

6 July: Nicaragua and Venezuela offer Mr Snowden asylum.

12 July: Mr Snowden emerges at Sheremetyevo airport for the very first time in three weeks, saying as he was not able to travel to Latin America he sought asylum in Russia.
Glenn Greenwald and David Miranda embrace inside an airport Glenn Greenwald greets Mr Miranda August as he arrives in Brazil on 19

1 August: Mr Snowden leaves the airport and enters Russian land after trying to get temporary asylum. The US says Russia’s conclusion is “incredibly unsatisfactory”.

7-9 August: President Obama cancels a meeting with Russian President Putin following Russia’s asylum determination. He promises “proper reforms” to ensure greater supervision of US surveillance programmes.

16 August: Citing documents leaked by Mr Snowden, the Washington Post reports the NSA broke privacy rules and overstepped its legal authority a large number of times in the previous couple of years.

19-20 August: Mr Greenwald’s associate, David Miranda, is detained under terror laws at London’s Heathrow airport for nine hours on his way to Rio de Janeiro. The citizen allegedly has his mobile phone, notebook, DVDs and other things seized. UK politicians demand an explanation. The US denies involvement but recognizes it was given a “heads up” from British officials concerning the detention.

Common Ways In Which A Hard Disk Drive Can Fail

A computer’s hard disk drive is the central data repository for the entire system. All sorts of important files are stored on a hard drive, from the operating system itself to important work and personal data such as photographs and financial information. However, as with any component of a PC, hard drives can fail for a number of different reasons.

Few things are more distressing than trying to turn on your computer, only to discover that it will not boot up. In many cases, this is the result of a hard drive failure. A skilled technician may be able to provide the skills required, repair the damage and recover the data from the drive. However, his chances of success depend in a large part upon the cause of the failure.

One common cause of hard disk failure is an electrical problem. If may be a surge of electricity to your computer and the circuits can become damaged, making it difficult or impossible to control the hard drive. Common symptoms of this type of failure include a drive that powers on but does nothing, or a drive that makes a clicking sound.

In these cases, the data on the hard drive may still be intact, so retrieving it may not be terribly difficult. However, you may have to have certain parts of your PC replaced, or the technician may need to manually copy the files from the damaged drive onto a new one.

Hard drives are also prone to mechanical failures. Most hard drives involve a platter that spins at very high speeds. The read and write head hovers a fraction of a centimetre above this platter. In rare cases, a collision can occur. This is known as a “head crash.”

These collisions can severely damage the hard drive and lead to the loss of data. Recovering data from a hard drive after a head crash can be very difficult, and requires the use of specialised equipment such as a clean room. If your hard drive is making grinding noises, or if it makes no noise at all, this may indicate a mechanical problem.

Hard drives can also fail for non-physical reasons. In these cases, the drive itself is fine, but the data on the drive has become damaged or corrupted so that the computer can no longer access the files and folders. For example, if the information that tells the computer where each file is located becomes corrupted, you will be unable to open your files.

Fortunately, fixing these logical failures is generally a simple procedure. The technician will simply have to replace the corrupted data with new copies of the proper information. Once this has been done, your system will once again be able to access to your files. Even if some of your files are damaged, a skilled technician may be able to retrieve the remaining lost data.

Hard drives can crash and fail for many different reasons. Properly diagnosing the cause of the failure is the first step that a good hard drive recovery technician must take in order to solve the problem.

Data vs Information – A Quest For The Computer Forensics Examiner

The main action of the forensics detective within an information organization would be to look through information by searching, separating, removing information from data, and evidence collection is just planning the data form.

In this specific article, it’s significant the ideas of information and data are mixing securely. Evenly important is link between data and data, because without these ideas, the forensics detective will fight to finish also the easiest job.

Data versus Information
The crucial role in almost any forensics analysis is pertinent data; the shifting nature of whatever is relevant makes forensics an iterative procedure to investigations.

For instance, a first-pass of analysis may try to find email that signifies preparing, in a case. Another move, following the analysis progresses, may hunt for hidden pictures which are proof the homicide itself.

Info is better understood to be data that’s applicable for the case and data is basically any electronic evidence that’s not info. The truth is the fact that information and data are evenly critical as data; but the info is more crucial to improving the probe. Think about the typical pc. It definitely comprise an OS e.g. Windows, programs e.g. Ms Word and a few stored result from such programs. It’s critically important to accumulate evidence. Otherwise, a attorney might challenge quality of work.

Data as Documents
Data is rationally arranged into units, called documents, these documents are subsequently saved in groups, called directories or sites. These organizations are subsequently arranged into arrangement hierarchies I.e. listing trees, even though the plan of software applications which needs data rationally arranged.

For instance using computers in offense usually entails common applications including MS Office, storing data temporarily to enhance functionality, and storing copies to shield the data of its own client from reduction or by problem.

Group Files into Folders
Data is logically arranged in files. It’s much like how someone may sort and team printed paper records into a reasonable device. Like, am employee records may be kept by employer together by putting them in a document.

In many employers’ files, each worker may have files which are work description, degree, and wages. Therefore each kind of articles includes a title that conveys such; e.g. “wages” displays the content confirms. Data within the file arranged are later recovered by worker.

Thus, it’s ideal for your forensics detective to comprehend why borders to such hierarchical structures exist, they’re under:

Documents, files, and listing buildings for a number of physical apparatus that has limited capability. Therefore the apparatus capabilities itself becomes the border.

Execution of person bounds is beyond just what the physical apparatus demands for:

  • Data prioritization – some customers might have higher or lesser concern for the machine assets. A storage allowance like.
  • Data separation – a person may produce a border on spam that’s different from work-related e-mail files.
  • PC dependencies – some computers demanded trunk connected articles, situated inside the very first couple of Megabytes in the physical storage system.
  • Functionality – Physical storage products are identified to save and recover data with various shows founded on the data location inside the physical storage system.
  • Accessibility — when listing structure borders aren’t established correctly, programs or providers may neglect. In such instances, boundaries for the directory construction convert in to boundaries to accessibility or unavailability of a software or service.

Cyber Threats and Acceptable Risks

Cyber Crime and criminalityThere are numerous security problems that jeopardize the IT field now, in-fact data security is really a problem over the whole IT field. Risks often focused around WIFI systems, mobile phones, and also the cloud.

Do you know the Problems in Protection right now?
For system managers (even prior to the utilization of the web) network protection (prevention of outside network attacks which might potentially trigger harm, entry or take private information or data) has been among the most significant and challenging problems.

I believe the present scenario together with the developments in information and communication systems, which comprise bigger segments of society, brings improved security issues over a large size that formerly didn’t exist. Protection breaches to info methods is just another problem and it improve at an amazing tempo daily and provided that social and individual reliance on IT systems boost the chance of security breaches may continue growing at exactly the similar speed.

More therefore, the rate of cyber-crime nearly increases annually and I believe this price may continue to grow in accordance together with the quick progress in web use because it becomes more readily available and obtainable in now’s technologies.

May we actually have great Protection on Mobile Phones?
I believe we may have great protection but since the utilization of said devices increases because, assaults to mobile products will grow, we won’t and ever have complete security on mobile devices. Certainly, security measures are improved too with technical progress but however mass utilization of mobile phones also increases user recognition and understanding of aforementioned methods which that may maybe transforms like a security dangers. (INFORMATION technology experience is really no longer a specific area recognized by a couple thousand individuals but by millions all over the world and such information is freely-accessible with several experts being self educated.)

Likewise, technical systems and mobile phones are produced by folks as are protection measures. Thus, there’ll remain the threat that such methods may probably be subjected to assaults by systems specialists. While technical improvement raising an individual’s functionality and functionality also it may expose them to risks from specialized experts who investigate and then uses any program weaknesses.

Nevertheless, computer crimes increasing nearly twice by annually and it’ll keep increasing as web use increase. Consequently I believe every passing day provided that technology maintain creating people increasingly begin with them (more people become a specialist) mobile devices won’t be as safe.

Do Wi-Fi Systems must become more safe?
Wifi Networks are merely another sort of system that isn’t completely risk-free like the rest within the INFORMATION technology world. Actually it may be quite harmful if some significant components aren’t taken into consideration. As wifi networks offer a link with the web from just about any place, you will find more possible targets for hackers than other kinds of systems.

Definitely by getting some protection measures including altering password before begin using it (many Wi-Fi access apparatus and device includes default password that are simple to discover.), limit your access to your own Wi-Fi network (hence only trusted individuals who you enabled can employ your system.), change your wireless system name, secure your wireless signals, Mac filtering (so just the given products can link to your own Wi-Fi network.), decrease the number of the Wireless Transmission etc it’s not really difficult to turn your wireless network more protected.

But after taking all these security measures which largely prevents the others using your online or getting charge of the pc during your own wifi network, the concerns which should be requested here are “does our internet velocity stay steady?”, ” are we encountering delays while moving or delivering data or advice?”,”can such delays change our business?” etc.

Do you know the Primary Difficulties on Protection inside the Cloud?
Cloud computing supplies computing resources on-demand using a company as opposed to keeping your personal equipment or software environment. In a different words, we don’t must save data into our personal pc hard disks anymore, rather than this we use tremendous on-line computers. Picture without taking your laptop to be able to get all your own own personal data at any certain minute, being able to manage and share data, photographs, films, contacts, emails, files, etc. to your pals, family, or coworkers from just about any on-line resource.

Along with this there are many more advantages of businesses when working with cloud computing, including decreased IT price (prices of equipment and software), improved efficiency, immediate upgrade, endless storage capability, enhanced integration between os, increased document format compatibility, enhanced data protection. Cloud computing become quite appealing, nevertheless if we mention cloud computing before many of the benefits, the very first query that seems within our head is; could it be protected, as soon as we consider all these benefits? Obviously cloud computing could be compromised, there isn’t any strong protection program, however, I believe security within cloud processing could be considerably greater than that businesses can supply itself.

The primary problem here is; will there be any guarantee that not one of the cloud providers are going to have access to view our info or data? But if I were the proprietor of a large business I’d feel unsafe using cloud computing since there isn’t any guarantee that nobody has the capability to get an encryption key and take, damage, destroy or promote my businesses’ advice and data.

What’s Appropriate Risk?
In daily life, nothing that we’re utilizing or performing is completely protected. There isn’t any guarantee that we aren’t likely to perish with a falling brick striking us around the top while strolling along the street or run over with an automobile while crossing the street and so forth (even though the opportunities are reduced these sort of mishaps occur). Because, there’s always a danger of dying, should we quit going outside? Therefore, even though heading outside has some dangers, we may accept these as an okay dangers.

Their own acceptable risk levels are defined by everybody. For example some folks won’t travel by airplane thinking the amount of threat isn’t adequate due to the risk of crashing and so they favor vacationing my car-even though it requires more time. But, nearly all people don’t share this perspective and use airplanes knowing should you examine morbidity between plane crashes and motor vehicle collisions that statistically more individuals perish on your way.

Also, there’s always a danger from hackers while using communication and info technology methods but this really does not mean we ought to stop using them because they make our existence simpler. Provided that some protection measures are obtained (this cannot be 100 percent safe) we could maintain carry on with them.

The amount of acceptable risk depends on personal options, as I mentioned above, this applies to businesses. Every business identifies their own amount of acceptable risk depending on their demands. Like using cloud computing is found by some businesses being a suitable danger (even though there’s no guarantee the cloud providers won’t grab their info and market it onto other businesses) which shields them from hackers better-than using other systems, together with the additional safety from dropping details or data together with the lack of notebooks, exterior hard-drives and data storage products (Cloud computing also provides an individual the chance to get all their data anytime from just about any on-line source). But, some businesses consider the utilization of cloud processing is really not a satisfactory amount of danger that they’ll consider and where they could guard their information by personal approaches they would rather use their particular systems.

Solid State Drive Adoption – Roadmap to 2023

Which way do you go? Conventional hard drive or SSD ?  Here’s an interesting post about SSD hard drives.

Solid state drive adoption will continue to develop and it’ll be more than 10 years before it is ultimately replaced by a fresh memory technology, experts said.

SSDs are getting more attractive as NAND flash gets cheaper and faster, as it provides flexibility in use as a RAM or harddrive option, mentioned attendees and speakers in the Hot Chips conference in Stanford, California on Sunday.

Emerging memory sorts under development like phasechange memory (PCM), RRAM (resistive random access memory) and MRAM (magnetoresistive RAM) may show promise with faster speed and durability, but it will be several years till they may be manufactured in quantity and are priced competitively to replace NAND flash storage.

SSDs constructed on flash memory are now considered an option to spinning hard drives, that have reached their speed limit. Mobile phones have moved over to memory sticks, as well as a considerable number of light and thin ultrabooks are switching to SSDs, which are smaller, faster and more power efficient. But, the enterprise market still relies largely on spinning disks, and SSDs are poised to replace hard disks in server infrastructure, experts said. One of many grounds: SSDs are still more expensive than hard disks, although flash cost is coming down fast.

“It will probably be a number of years until NAND flash runs out of steam,” said Jim Handy, an analyst at Objective Evaluation, during a presentation.

Handy predicted that NAND flash will probably be changed by 2023 or beyond. The capacity of SSDs is expanding as NAND flash geometries get smaller, so scaling down flash will wind up tough, which will increase the demand for a brand new form of non volatile memory that will not rely on transistors.

Recovering Data From Damaged Mobile Phones

Damaged SmartphoneFor the past couple of years we’ve successfully extracted data from numerous mobile device, including mobile phones, smart phones, tablets, and so on. Among devices to be analyzed, we came across faulty cellular devices (damaged mechanically, by fire or on account of being kept in harsh or hostile environmental conditions) that electronic evidence must even be pulled. We’ve developed several strategies to analyzing damaged cellular devices which we’d like to tell our colleagues.

Before analyzing a damaged cellular device, a forensic investigator should ascertain just what is damaged within the unit. It isn’t essential whatsoever to desolder a memory chip simultaneously and execute further manipulations on it. Experience has shown there are generally simpler options for extracting data from damaged cellular devices.

The most typical flaw in cellular devices obtained for forensic evaluation is really a busted screen. In other words, a mobile system is functional but, due to a broken screen, doesn’t show any data. The assessment of said mobile devices presents no difficulties. To analyze cellular devices using a busted screen, we use UFED (Cellebrite Cellular Synchronization LTD) and.XRY (Micro Systemation). We produce a physical memory dump of the mobile device and extract data (a phonebook, calls, SMS messages, graphical files, movies, etc.) from it. At Times, when accessible products doesn’t assistance developing a physical memory dump of the mobile device, we perform a legitimate extraction of data. In this instance, lots of forensic applications for mobile system evaluation can be utilized. For instance, Oxygen Forensic Suite (Oxygen Software Company). Furthermore, You, you could usually replace a broken screen using a brand-new one. This creates the assessment more costly and timeconsuming, but it’s frequently the sole possible remedy (for example, when analyzing an Android apparatus with USB Debugging program alternative disabled).

Sometimes, to extract data, we use specific flasher tools (RIFF Box, Medusa Box, etc.) designed for fixing cellular products. Such flasher tools use JTAG interface for their work. Utilizing specific flasher tools, you can pull data from mobile devices that have broken system software or information protected with a PIN.

Processor swapping. The approach consists in extracting a memory chip from the damaged cellular device and installing it into the same great device. In the process, you solve several complicated difficulties which would need to be confronted should you choose to utilize a “Chip Off” method: there is no urgent need to understand the kind of a control employed by the unit to procedure memory chip data, the format of memory pages to the chip, the kind and characteristics of the file system employed by the unit, the format where data is saved (Oh, once you need to manually decode a physical memory dump, you’ll see that which we mean!), etc. The disadvantages of the approach contain the demand for a system (preferably two devices) that will be identical to the one obtained for assessment. Desoldering a processor is a quite complicated and laborious task. There’s a threat of destroying data because of heat or mechanical injury to the processor. You may even need gear for reballing. For instance, JOVY SYSTEMS JV-RKC – a package for reballing BGA chips.

When using this approach, it’s impossible to underestimate the possibility that, following the processor is swapped within the unit, all the data to the memory chip will probably be erased. This frequently occurs when a memory chip control is installed in the system board as a different processor. Usually, structurally it seems like a sandwich: to the one aspect of the system board there’s a memory chip, to another – a memory controller chip.

And So, if you got two identical devices that you are able to use as “donors”, attempt to swap their memory chips and examine the unit behavior before analyzing the unit.

Where memory chip swapping leads to data loss, you ought to put the memory chip as well as the memory chip control in the damaged device to the donor device.

When analyzing a broken device, you ought to focus on the building of its own system board. We analyzed a Motorola V3 cellphone which had spent two years within the earth. The phone appeared terrible. Numerous oxides had broken its casing and program board. It was out-of order. However, following the mobile was disassembled, it was discovered the program board contains several components. Part of the system board, using a memory chip on it, had endured environmental vulnerability minimal. To extract the data from this telephone, we purchased an identical one for an internet auction. We swapped part of the system board using a memory chip in the bought telephone for the component extracted from the broken telephone and read the data.

If not one of the previously described approaches has helped, you’ll need to utilize a Processor-Off method.

An investigator who would like to extract data from the mobile device memory chip must-follow four primary measures:

1. Chip extraction
Chip extraction is a fairly easy job: it is enough to warm the chip having a heat stream from the soldering station and separate the chip in the system board. With this measure, it is quite important to not overheat the processor (this can lead to data erasure) and damage it mechanically. Steadily climb the temperature of the new air.

2. Extracting data from the memory chip
Our co-workers occasionally ask us, “What flasher device ought to be utilized to extract data from the memory chip of the?” The inquiry is wrong. Mobile phone makers can alter a chipset of mobile devices even though generating just one batch. In other words, when we’ve got two mobile devices in the exact same batch, we can’t say with confidence they use similar memory chips. That’s the reason, not understanding what special processor is utilized within the mobile device to be analyzed, it’s impossible to answer the inquiry about the flasher tool, even though you’re conscious of the telephone design. Another bit of bad news is the fact that a mobile device may have many memory chips. You need to find all of these.

3. Flash translation layer (FTL) reconstruction
This measure isn’t difficult so long as you got a flasher device with the adapter for a crucial kind of BGA processor form-factor. However, to discover this kind of flasher device is a good difficulty. We’ve had lots of discussions with colleagues in what flasher device to purchase for a Processor-Off technique. A great flasher tool with a huge variety of adapters for different form factors of BGA chips can really cost a fortune. It’s unprofitable to invest as much on the system that you won’t frequently use. Consequently, we’ve achieved a consensus that, if needed, we’ll let such gear from enormous service centres that focus on electronics repair.

4. Dump decoding
Dump decoding is a complicated job. Fundamentals of dump decoding are educated at training classes (for instance, given by Cellebrite Mobile Synchronization LTD). Nevertheless, you shouldn’t believe that you simply’ll manage a physical dump of the telephone to be analyzed as readily as you execute an exercise dump. If XRY (Micro Systemation) or UFED Physical Analyzer (Cellebrite Mobile Synchronization LTD) supports decoding a physical dump for your device you’re analyzing, then you can attempt to decode the extracted dump utilizing all these programs. It is simpler to use UFED Physical Analyzer (Cellebrite Mobile Synchronization LTD), since it permits to customize motion sequence when processing a physical dump and also to create custom modules in Python for physical dump analysis.

About Data Recovery

Hard disk drive pictureComputers are amazing tools, likely among the best tools ever devised.

“Am I prepared?”. This is merely one of these particular things in existence, sorta like death and taxes. There isn’t any method to prevent it.

That is both bad and good for all those needing hard-drive data recovery services. The great thing has been the higher competition you aren’t any longer spending GBP3,000 to obtain an individual hard-drive recovered. The awful point is, data recovery is really a speciality that not everybody is competent to do.

It is not unusual nowadays to get your own local computer tech effort data recovery. This really does not help whenever your hard-drive has endured a mechanical failure, when there are several powerful software options available. Special repairs must be made, also it may be stated with 99.9% conviction, that the local pc tech or IT help doesn’t possess the products, skills, or knowledge essential to accomplish a recovery such as this. More times than not, their efforts will just leave the data absolutely unrecoverable.

This isn’t a knock to the pc fix and IT experts available, it is only the facts. A great analogy would be like visiting the physician; you visit your gp, if you are in need of a flu shot; you visit a heart specialist, if you need quadruple bypass. They’re both physicians, but with absolutely different specialties.

You also need to ensure that the firm you’re using is really a real business. We’ve got several resellers out there, and they are doing excellent work consuming drives for people, and forwarding the job to the laboratories throughout the UK. It is sometimes a great thought to look at a business before sending your drive for them. Many businesses are merely trying to make a fast buck from assessment fees, or try fees and actually have minimum expertise in recovering data.

So in case your pc has crashed, and also you require the data recovered, ensure you deal with a business that focuses on pc data recovery. Whenever you obtain your own data back, you’ll be happy you did.