Sunday, March 30, 2014

Saturday, March 15, 2014

BYOD risks and minefields

I read the article in CIO Think_Deleted_Text_Messages_Are_Gone_Forever_Think_Again and the discussion that rumbles on about BYOD.

Firstly, a bit surprising the article suggests a "wow" factor associated with recovering deleted text messages. I would have thought it was common knowledge by now in business, generally, and particularly at CIO level.

Secondly, the notion and practice of companies getting employees to use their own devices (BYOD) to access company networks and company information seems to be an open invitation to allow a security breach (intentional or by accident) to happen. The corporate body and individual (at senior level) duty of care place encumbent obligations on both to conduct risk assessments, identify company assets, control dissemenation of company information in order to protect. It might be there are legal risks for companies demanding access to employees phones to go through their personal data.

There appears no persuasive technical/technological evidence to support BYOD propagation on the basis without it a company could not operate. Moreover, why require BYOD policies, practices and procedures that in essence generate further and continuing costs to maintain them anyway whereas in-house company devices (properly controlled) also means retention of company assets, devices have an asset value, depreciation allows for write down and tax relief etc.

BTW the points about assets and finance came from a specialist corporate accountant in this area where as accounting is not my forte. Mind you, brain surgery is not my forte either as I could not get any practice in the subject matter due to the patients; there was a shortage of volunteers.

Saturday, February 08, 2014

Smart/Mobile Devices Brand Names Listing

Examiners regularly come into contact with Brand name mobile/smart devices and the list is continuously increasing. The problem that increase creates is that there is no one website that holds a complete list.  The listing below identifies how many Brand names I have managed to harvest at this stage. I shall be updating this listing as I go along and adding useful info that examiners may find of interest.

Number - Smart/Mobile Devices Brand Names Listing

3 Skypephone


A - Smart Devices Brand Names Listing

Acer
Airo Wireless
Alcatel
Allview
Altek
Amoi
Amazon
AnexTEK
AnyCool
AnyDATA
Apple
Asus
Archos
Arnova
AT Mobile
AT&T
AU (KDDI)
Audiovox
Auro
Axia

B - Mobile/Smart Device Brand Name Listing

Barnes And Noble
BBK Mobiles
Bell
Bendix King
Benefon
BenQ
BenQ-Siemens
Bird
BlackBerry
Blu
Bluebird
Blumax
BMW
Bookeen
Bushnell


C - Mobile/Smart Device Brand Name Listing

Cal Comp
Camangi
Canmore
Casio
Cat Mobile
Cect
Celkon
Changhong
Changjiang
Cheacomm
China Mobile
Cingular
Claro
CLIE
Concord
Coolpad
Cowon
CPA
Creative
Cricket
CSL



D - Mobile/Smart Device Brand Name Listing

Daewoo
Dallab
Danger
Dapeng
Dell
Donod
Dopod
Doro
Duet



E - Mobile/Smart Device Brand Name Listing

E-Ten
Enol
Emgeton
EMobile
Emporia
EPhone
Era
Ericsson
Eten
Ever
Everex
Evolve
Eyo


F - Mobile/Smart Device Brand Name Listing

Fifth Media
Firefly Mobile
Fly
Fly-Ying
Fujifilm
Fujitsu-Siemens
Fusion Garage



G - Mobile/Smart Device Brand Name Listing

G-Five
G-Tide
Garmin
Garmin-Asus
General Mobile
Gigabyte
Gionee
GiSTEQ
Global High Tech
GlobalSat
Google
GPS Technologijos
Gresso
Grundig


H - Mobile/Smart Device Brand Name Listing

Haier
Handspring
Helio
Hertz
Hewlett Packard (HP)
Highscreen
Hisense
HKC
Holux
Hop-on
HTC
Huawei
Hyundai (Electronics)


I - Mobile/Smart Device Brand Name Listing

IBM
Icemobile
I-mate
I-MOBILE
Innostream
I-node
I-teq
INQ
Insignia
iPAC
iPro
Iridium
I-teq
IzenMobile


J - Mobile/Smart Device Brand Name Listing

Jaga
JCB
Jincen
Jolla
JVC



K - Mobile/Smart Device Brand Name Listing

Karbonn Mobiles
Kendo
Kinpo
KPN
K-Touch
Kyocera



L - Mobile/Smart Device Brand Name Listing

Lark
Laser
Lava
Lemon Mobiles
Lenovo
Levi's
LG
Limited Label
Linx
Lowrance
Lumigon


M - Mobile/Smart Device Brand Name Listing

Magellan
Manta
Mappy
Maxon
MaxWest
MediaTek
Meizu
MemUp
Micromax
MIO
MiTAC
Mitsubishi
Mivvy
Mobiado
Mobin-Nova
Mobistel
ModeLabs
Modeo
Modu
Motorola
MTK
MTT
MWg
myPhone



N - Mobile/Smart Device Brand Name Listing

NavGear
Navin
Navitech
Navman
NDrive
Nec
Neonode
Newgen
Nexian
Nextar
NG Mobile
Nikon
Niu
No Brand
Nokia
Nordic
NotionInk
Novogo
NTT DoCoMo



O - Mobile/Smart Device Brand Name Listing

O2
Okta
Okwap
Olympus
Oppo
Opticon 
Orange
Orsio


P - Mobile/Smart Device Brand Name Listing

Packard-Bell
Palm
Panasonic
Pantech
Papago
Paragon Wireless
Parla
PCD
Pharos
PC-EPhone
Philips
Philips PDA
Pidion
Plum
Pocket Navigator
Prestigio
Psion
Puma


Q - Mobile/Smart Device Brand Name Listing

Qigi
Qool Labs
QStarz
Qtek
Quanta
Quest



R - Mobile/Smart Device Brand Name Listing

Rand-McNally
Reliance
Rogers
Rover
RoverPC


S - Mobile/Smart Device Brand Name Listing

Sagem
Samsung
SanDisk
Sanyo
Saygus
SciPhone
Sendo
Sewon
SFR 
Sharp
Siemens
SiGMATek
Sigmatel
Sim Valley
SK Telecom
SKY
Skype
Smart GPS
Socket Mobile
SoftBank
Sonim
Sony
SonyEricsson
Soutec
Spice
Sprint
Sunno
SVP
SwissCom
Sylvania


T - Mobile/Smart Device Brand Name Listing

TagHeuer
Takara
Tatung
TDS
TechFaithWireless
Telecom New Zealand
Telit
Tel.Me
Telsda
Telstra
Terrestar
Thuraya
Tiger
T-Mobile
TomTom
Torg
Toshiba
Toshiba PDA
TranSystem
Turkcell



U - Mobile/Smart Device Brand Name Listing

Ubiquam
UBiQUiO
UMX
Unnecto
UTano
UTStarcom


V - Mobile/Smart Device Brand Name Listing

Velocity Mobile
Ventus
Verizon
Verzo
Vertu
VeryKool
Videocon
Viewsonic
Virgin Mobile Lobster
Visor
vivo
Vizio 
VK Mobile
Vodafone
Voxtel


W - Mobile/Smart Device Brand Name Listing

WayWay
Wentto
WND


X - Mobile/Smart Device Brand Name Listing

XCute
Xiaomi
XKSSTEL
Xolo
XPhoneX


Y - Mobile/Smart Device Brand Name Listing

Yezz
Yoo Digital


Z - Mobile/Smart Device Brand Name Listing

Zakang
ZAP
ZEN Mobile
Zonda
ZTE

Saturday, January 04, 2014

Tracing Packet Switch (PS) Users

Investigations into mobile activity tend largely to concentrate on recovering data from the user handset, mast (tower) data and call records. The core network (CN) is less well understood and therefore picking through a GSM/3GPP standard can often assist in understanding the identity and form of tarried/empheral data surviving in a network. The standard to be used for this discussion is:

3GPP TS 25.413 V12.0.0 (2013-12)
3rd Generation Partnership Project;
Technical Specification Group Radio Access Network;
UTRAN Iu interface
Radio Access Network Application Part (RANAP) signalling
(Release 12)


Now with an investigation underway initial enquiries lead to an active smartphone user operating in the pack switched (PS) domain. The target under surveillance requires the investigator to combine visual logs and the use of the of the handset. Unlike CS, packet data communications requires a range of information BUT for the purposes of the current investigation understanding the services being used and the geographical area where services are being obtained the trainee investigator can start with understanding what can be learned from:

Cell ID - Cell Identity
C-ID - Common Identity
IMEI - International Mobile Equipment Identity

IMSI - International Mobile Subscriber Identity
IPAddress - Internet Protocol Address
SAI - Service Area Identifier

SAP - Service Access Point
LAI  - Location Area Identifier
RNC - Radio Network Controller

RNS  - Radio Network Subsystem

Some examples of trainee investigation elements for consideration:

Para 8.16.1

The purpose of the Common ID procedure is to inform the RNC about the permanent NAS UE Identity (i.e. IMSI) of a user. This is used by the RNC e.g. to create a reference between the permanent NAS UE identity of the user and the RRC connection of that user for UTRAN paging co-ordination. The procedure may also be used to provide the SNA Access Information IE to the RNC or to provide the Management Based MDT Allowed IE to the RNC or to provide the Management Based MDT PLMN List IE to the RNC.


Para 8.17.2

If Trace Collection Entity IP Address IE is included and if the MDT Configuration IE is also included then the RNC shall, if supported, store the Trace Collection Entity IP address and use it when transferring Trace records, otherwise if MDT Configuration IE is not included, the RNC may use the Trace Collection Entity IP address when transferring trace records.


Para 8.35.2
When the transferred information in the Information Transfer Type IE relates to a Trace Session in the RNC, the Trace Activation Indicator IE indicates whether the Trace Session identified by the Trace Reference IE is activated or deactivated in the RNC. In case the Trace Session is activated, the Equipments To Be Traced IE gives the Equipment Identity of the UEs that the RNC has to trace. If the Trace Recording Session Reference IE, Trace Collection Entity IP Address IE, the IMSI IE and optionally the Serving Cell Identifier IE are included in the message, the CN shall take the information into account for anonymization of MDT data (TS 32.422 [10]).
 
The purpose of this brief discussion is to illustrate mobile networks naturally hold surviving data in the network for a range of reasons to enable the network to a have uniformed approach for the objective of operational performance, enquiry and, equally, to trace user terminals and roaming user terminals active in or obtaining services from a network.

Friday, January 03, 2014

FSR positioning for statutory powers

You'll need to be quick to catch this one. 

Today, 3rd January 2014, the UK Government's consultation period ends regarding seeking views on whether new powers should be given to the Forensic Science Regulator.

Decisions are to be made which will impact on mobile, digital and computer evidential collection, forensic examination, acquiring evidence etc and you will need to decide where you or your organisation fit with the whole scheme of things.

https://www.gov.uk/government/consultations/new-statutory-powers-for-the-forensic-science-regulator#!

There is most likely to have been a wide range of responses from different industries and professions. One such response is the Forensic and Policing Services Association (FAPSA) and it is interesting to note that amongst its proposals they believe "high standard" is relevant. I take no issue with their stance and I am not suggesting for one moment this organisation hasn't always advocated such a stance. It is not always the case and some responses from other quarters, in the past, have suggested advocating "high standards" was to take an "elitist" attitude because 'some work to high standards and some work to low standards', which in my view was a strange stance to take regarding an individual's competency working in forensics and not in the interests of skillsets and standards to underpin forensic science.  FAPSA's stance communicates a useful message for those wanting to be or are involved with forensics science.

http://www.fapsa.org.uk/wp-content/uploads/2014/01/Forensic-regultaor-response-FAPSA.pdf

Another response to the consultation from Peter Sommer can be read here (see link below) and highlights some useful disparities between envisaged outcomes vis-a-vis the costs to implement them/the appropriate payment for such work:

http://pmsommer.com/HO%20FSR%20Consultation_sommer.rtf

What is clear is the need for those who never have to spend out of their own pockets should not set or allow vertical and horizontal market costs to rise by holding individuals or companies to ransom. This is quite important as there is too much reliance on the 'machine will do the thinking for me' and if my evidence and opinion is wrong then the human equation is not at fault. Knowledge, skills and experience are paramount to the work of forensic science. It is accepted devices are needed for acquisition but understanding how the device communicates with the target "thing" under examination (commonly we call this a DUT - device under test) and exactly what is being communicated to "action a command and receive a response" should be the prime facie case.

Useful examples of commands and responses can be found during the examination of mobile/smart phones. here are a few standards, but be mindful as standards extend to the air-interface (thus relevant to lawful interception etc) and mobile networks interfaces, too. 

Mobile/Smart Phones
GSM/3GPP TS 07.07 AT Command set for GSM Mobile Equipment (ME)
http://www.3gpp.org/ftp/Specs/archive/07_series/07.07/0707-780.zip

3GPP TS 27.007 AT command set for User Equipment (UE)
http://www.3gpp.org/ftp/Specs/archive/27_series/27.007/27007-c30.zip


Smart Card ICC/UICC - SIM/USIM
3GPP TS 11.11 Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) Interface
http://www.3gpp.org/ftp/Specs/archive/11_series/11.11/1111-8e0.zip

3GPP TS 51.011 Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) interface
http://www.3gpp.org/ftp/Specs/archive/51_series/51.011/51011-500.zip

3GPP TS 31.101 UICC-terminal interface; Physical and logical characteristics
http://www.3gpp.org/ftp/Specs/archive/31_series/31.101/31101-b00.zip

3GPP TS 31.102 Characteristics of the Universal Subscriber Identity Module (USIM) application
http://www.3gpp.org/ftp/Specs/archive/31_series/31.102/31102-c20.zip

The point of mentioning the abve standards brings the discussion back to an individual's understanding vis-a-vis the device being used against the target "DUT" and not leaving it to a machine to do the thinking.

Furthermore, it is essential to remember who is actually being 'caught in the net' under proposed changes. A response to a consultation I submitted some years ago raised the observation that if legal aid was to change regarding witness/expert fees where do organisations and scrutiny of the rules come into it where evidence is submitted directly e.g. from a mobile network operator. Never got a response on that one, but it really ought to be a fundamental requirement to identify who the FSR thinks should be excluded from his/her executive powers being imposed?

REMEMBER - DATA IS DISPASSIONATE, SO SHOULD THE EXPERT BE

Sunday, December 29, 2013

EU common charger for all mobiles/tablets

Members of the European Parliament have presented a persuasive first stage plan, based upon reduction of waste and consumer easy for charger migration when changing to a new handset, to the Council of Members for the need for a universal charger for all new mobiles sold into the EU.

2012/0283(COD)
26.4.2013
***I
DRAFT REPORT
on the proposal for a directive of the European Parliament and of the Council on the harmonisation of the laws of the Member States relating to the making available on the market of radio equipment (COM(2012)0584 – C7-0333/2012 – 2012/0283(COD))
Committee on the Internal Market and Consumer Protection


In accordance with the amendment to Article 2(3) of the proposed Directive.
Amendment 3

"appropriate type throughout the Union may be necessary. Interoperability between radio equipment and accessories such as chargers simplify use of radio equipment and reduce unnecessary waste."

"throughout the Union is necessary in some cases. Interoperability between radio equipment and accessories such as chargers simplifies use of radio equipment, reduces unnecessary waste and costs. A renewed effort to develop a common charger would therefore be highly desirable and consequently be beneficial in particular for consumers and other end-users."


If the further proposed stages receive approval the timescale envisaged to introduce a universal charger common to all new mobile phones could be available on the market by 2017 at the earliest. That is because members states will be given two years to transpose the new directive into local legislation.

Of course, the technical realisation needs to be transformed into an approved technical standard. Some years ago the EU approved micro-USB for use with smart phones. However, as the EU has yet to (a) decide the which standard will be ratified for the proposed universal charger; (b) given there has been technology advances since the earlier approval for use of micro-USB; (c) mobile tablets etc have also proliferated in the marketplace; the directive would need to cover these too, as would the Directive's need to have applicablity to other forms of radio equipment using a charger supplied into the EU for consumer use.

Of the various connector types it could be the universal charger connector may come in several guises. Two that come to mind are Apple's Lightning connector and the new type-C connector USB3.1 recently annouce by the USB Standards Group. Both would already be in the marketplace before the two-year deadline has expired.

Apple's Lightning connector
http://en.wikipedia.org/wiki/Lightning_(connector)







USB Standards Group type-C connector USB 3.1
http://www.usb.org/press/USB-IF_Press_Releases/Type-C_PR_20131203_Final.pdf
http://www.usb.org/developers/USB-Futures.pdf


Image Source - http://www.mrgco.com/blog/usb-3-0-promoter-group-announces-new-type-c-connector-for-usb/