Looking back at the future of SIM in 2002

Looking back at the future of SIM in 2002

.

I have always thought looking to the future is important, but equally looking back at what we know or think might be happening, from an historical perspective, can help see what problems can occur in the future and also to note whether foreseeable problems have been addressed or not, over time.

.

I have selected a summary of issues discussed in training back in 2002, which are set out in the downloadable .pdf document "SIM - The Future as Viewed in 2002".

.

http://www.filebucket.net/files/2537_89xfv/SIM%20The%20Future%20As%20Viewed%20in%202002.pdf

.

For example, did you know or remember the slow down in SIM Card manufacturing in 2001? This is hard to believe when we think about the saturation levels of SIMs and handsets in the marketplace today.

.

What about SIM Application Toolkits, applets and the exciting development of Java Standard Edition for mobile phones (KJava and PJava)? Our concerns then were how these advancements were going to impact on mobile telephone and SIM examination. Remember at that time we saw problems and tried to anticipate how to combat problems, but we had no immediate solutions which invariable had to be produced in some instance "on-the-hoof", so to speak.

.

Cloning of SIM Cards had raised its head back in 1998 and devices were starting to appear on the market in 2000/01. The problems we faced then was knowing what to look for to deternmine whether a SIM was cloned or not? And then if the SIM was a clone what impact on evidence could/would it have?

.

What about SIM Cards with multiple IMSIs? Still an issue today as it was then in 2002. The problem being is that SIM readers do not have the capability to read more than one IMSI from a SIM Card at any one time. Consequently, invocation of an IMSI selection in EF-7F20 6F07 is not possible other than the SIM being placed in the handset and another IMSI being selected using the handset menu Network selection. Moreover, once that has been done the green button on the handset needs to be pushed and a location update (and an IMSI-attach) to the network is required, which cannot be performed in a faraday bag, radio dampening field or isolation chamber. The question arises when do you search for more than one IMSI recorded into a SIM? What cases warrant it? How many cases have been missed in the past where more than one IMSI resided in SIM but has gone undetected? Put simply, when should allocution take place?

.

There were a huge range of issues to be addressed then in early 2000, as there are now. When reading these brief discussion documents representing issues spoken about on my training courses, I hope they convey the message that plug and play (PnP) or universal plug and play (UPnP) systems used to extract and harvest data are simply not enough to satisfy the requirements for mobile telephone examination.

Starter Kit Mobile Phone CPD Training Barristers & Solicitors

Starter Kit Mobile Phone CPD Training Barristers & Solicitors

CPD training delivered in 2005 to Bar Council and Law Society Members at the Chambers of Mr Ferguson QC.

http://www.rfqc.co.uk/images/lecture_notes/CPD_training_Pt1.pdf

http://www.rfqc.co.uk/images/lecture_notes/CPD_Training_Pt2.pdf

Barristers - Surrey Chambers

Barristers - Surrey Chambers

One of the most overlooked parts of the law when dealing with crimnal and civil cases is that an expert, professional and client comes into contact with Barristers and Barristers' Chambers. That is quite shocking really as we meet with Barristers virtually on a daily basis for mobile telephone, computer, software and technology evidence in criminal cases and other commerical and civil matters.

Most professional people or companies one way or another require legal advice about professional matters for business and there are others who need assistance when initiating or facing civil or criminal proceedings. I have found a very good Set run by Mr James Tucker, Surrey Chambers of 1A Middle Temple Lane and Global House, Epsom http://www.surreychambers.org/. Not only does Surrey Chambers handle full range of commercial and civil matters but also prosecution, police and defence work. Really excellent Set.

USIM-D Images

Global Mobile Telephone Forensics and Evidence

Global Mobile Telephone Forensics and Evidence

It is interesting to note, and a subject matter I have been keenly watching since this webblog started, the importance of mobile telephone forensics and evidence is receiving around the globe. It is very easy to get submersed into one's own country's (UK) activities in this area and forget how other countries have significantly increased their activities in forensics and evidence too. Below is a sample of the global visitors to trewmte.blogspot in the last 20 days. Some countries will have more visitors than others, but in itself that does not dent the relevance of the global following interested in mobile telephone forensics and evidence.
.

Albania

Algeria
Aruba

Austria
Australia
Belarus
Belgium
Brazil

Bulgaria
Canada

Colombia
Cote D'ivoire
Denmark
Egypt

Estonia
Finland

France
Germany
Greece

Hungary
India

Indonesia
Iran, Islamic Republic Of
Ireland
Israel
Italy

Jamaica
Japan

Kenya
Korea, Republic Of
Kuwait
Macao
Malaysia

Mauritania
Mauritius
Morocco

Netherlands
New Zealand
Nigeria

Norway

Pakistan

Philippines
Poland
Portugal

Qatar
Romania

Russian Federation
Serbia And Montenegro

Sri Lanka

Saudi Arabia
Senegal
Serbia
Seychelles
Slovakia
South Africa
Sudan
Sweden

Thailand

Taiwan
Turkey

United Arab Emirates
United Kingdom
United States

Viet Nam

.

It would be good to get more feedback from law enforcement, universities, forensic examiners and experts from around the global who, rather than lurk in the background, may like to suggest the type of information you would like to see at this webblog. I have been dealing with a variety of mobile telephone examination and evidence issues (SIM/USIM, handset and cell site) for many years and hopefully topics you raise for discussion can be answered here. I should point out, as I have in the past at this webblog (http://trewmte.blogspot.com/2006/11/cell-site-analysis.html), the more I know, the more I need to know, therefore I don't know everything, but I am willing to try and find out.
.
Additionally, as there are no academic qualifications designed precisely for mobile telephone forensics and evidence - no PhD, MSc, BSc, CEng or anything else, this means qualifications in other subjects other than this subject matter tend to get used as a passport, suggesting qualification to deal with mobile telephone forensics and evidence. To overcome that difficulty I have prepared a Diploma in Mobile Telephone Evidence that may help those who seek recognition for the skillsets they have acquired. The Diploma is not a PhD, MSc etc but it is the good old fashioned Diploma where your knowledge and skillsest need to be demonstrated and will be tested.
.

If you would like to know more about the Diploma please send an email to me, Greg Smith. My email is shown at the top righthand side of this webblog page.

MFW08 Mobile Forensics World 2008

I'm off to Chicago in May as a guest speaker (Greg Smith) at MFW08. I have asked Prof Rick Mislan to write a small piece about the conference for my trewmte.blogspot. Thanks Rick, and see you there. Greg.

MFW08 Mobile Forensics World 2008

It's hard to believe but we are almost a month away from the first ever Mobile Forensics World Conference in Chicago, Illinois, USA - May 8-10, 2008. If you've been living under a rock, or just stuck in the lab examining mobile phones, then you must have missed this announcement...so if you did, catch up here: http://www.MobileForensicsWorld.com.

A couple of notes I'd like to make:

I'd like to introduce our Keynote Speaker from the United States White House. Kurt Schmid is the Senior Law Enforcement Advisor/Technology Assessment Branch Chief for the Counterdrug Technology Assessment Center in the White House Office of National Drug Control Policy. Mr. Schmid is an exciting speaker with a great message, and we look forward to his enthusiasm. More information about Mr. Schmid can be found at the MFW website.

Another newsworthy item is that our Exhibit Hall is Full (actually overfull) and a Map has been posted at the Exhibitor site at the MFW website. Many great companies will be on-hand sharing their wares! For those of you traveling from elsewhere, Chicago has plenty to do, see, hear, and eat! (BTW, Chicago Police Department officials are great tour guides! Contact me for further info on this...) If you haven't had a chance to check out the local happenings of Chicago, please visit this link: http://www.choosechicago.com/Pages/default.aspx It is the official visitors site for Chicago visitors.

As always, I am looking forward to meeting each and everyone of you at this great event. Please take the time to stop and introduce yourself. I'd like to meet each and every one of you and give you my personal thanks, for coming to the show, but more inmportantly for the work you do in this ever-challenging field! Thanks for reading, and see you soon!

Rick Rick Mislan

Conference Director

Mobile Forensics World 2008

http://www.MobileForensicsWorld.com

Assistant Professor

Cyber Forensics

Purdue University College of Technology

http://cyberforensics.purdue.edu

Mobile Calls on Aeroplanes

Mobile Calls on Aeroplanes

.

Back in November 2006 I wrote here at trewmte.blogspot a brief piece regarding "Switch On, Update, Lose Evidence":

.

http://trewmte.blogspot.com/2006/11/switch-on-update-lose-evidence.html

.

The discussion thread related to the same but more indepth discussion in "Switch On, Update, Lose Evidence" that could be found in MTE (Mobile Telephone Evidence) Newsletter - copy of the May 2006 Newsletter can be downloaded here:

.

http://www.filebucket.net/files/1579_ov3rx/Switch%20On%20Update%20Lose%20Evidence%20.pdf

.

The purpose of the indepth discussion related to how evidence can be corrupted and contaminated where poor Seizure, Handling and Examination Procedures had been adopted. The discussion illustrated where a user with a mobile telephone steps off an aeroplane and the attempt to discover where the mobile phone had been used.

.

I had been aware for some years before I wrote the MTE Newsletter article that Airline companies were looking at and developing ways passengers could use their mobile phones on planes. At the time of writing the article it wasn't too difficult to imagine that "Switch On, Update, Lose Evidence" implicitly gave a heads up as early as May 2006 to pay attention to formulating various procedures for mobile telephone evidence at airports. Importantly, the indepth discussion wasn't then and isn't now intended to suggest victimising everyone who gets off a plane holding a mobile phone as being involved with something suspicious.

.

It would appear that the MTE Newsletter advanced warning though was well placed, for it now appears March 20th 2008 that according to BBC online middle east news that "Dubai-based airline Emirates has become the first commercial airline to allow passengers to make mobile phone calls during flights. Emirates said the first permitted mobile phone call was made on a flight between Dubai and Casablanca.":

.

http://news.bbc.co.uk/1/hi/world/middle_east/7308041.stm

.

The technology behind Emirates being able to offer mobile calls on their flights originates from http://www.aeromobile.net using pico-cell radio access technology inflight:

.

"AeroMobile allows the use of GSM phones and can also support GPRS mobile data (for BlackBerry’s etc), Wi-Fi, CDMA and 3G/UMTS. AeroMobile comprises an aircraft cabin ‘pico cell’ system that interfaces with the aircraft’s air-to-ground communications systems, typically a satellite-based system. Once transmitted to the ground, signals are sent to AeroMobile’s ground system and on to the destination mobile phone and telecoms networks around the world."

.

Evidentially, this could be very interesting but the use of mobile phones on planes may seem problematical at first. But we will cope, we always do. The evidence from the device shouldn't be too much of a problem although issues of dead-man's trap should always be considered. Equally of interest will be usage, call records and cell site analysis. The latter, cell site analysis, should prove thought provoking, for is there sovereignty on an aeroplane? If there is not (and sovereighty is only applicable to airspace) and a call starts and terminates within the same airspace the sovereignty of which belongs to country XYZ then there may well be some jurisdictional issues to deal with. However, given the confines of the plane's cabin it may well be difficult for a user, if you follow my drift, to suggest that when the call was made s/he wasn't in the plane, but somewhere in the neighbourhood.

World's first cellphone 'telepathic' chat

World's first cellphone 'telepathic' chat

Looking something like out of a future robot cops technology tool kit and been described as a "Nerve-tapping neckband used in 'telepathic' chat", the World's first cellphone telepathic call has taken place (12th March 2008). This new technology basically takes the neurological signals from the brain translates them into a transmission signal which is then sent and decoded through a processor into either, speech, communicate to a computer or communicate to move a wheel chair are just some of the possibilities, and all from a band around the neck and the receiver at the other end.

When this technology fully matures, it only understand "150-words and phrases" at present, and can be made portable, there could be some amazing possibilities for applications in the various cellular technologies and two-way radio fields. Obviously, there appear uses for surveillance, which immediately springs to mind, but other areas as well in high-noise environments such as war zones, industrial sites and airplanes etc.

.

Have a look at the video on the New Scientist's website:

http://technology.newscientist.com/article/dn13449

.

Ambient's website URL below (and where the photo above comes from) is well worth visiting.

http://www.theaudeo.com/