Friday, November 13, 2009

Mobile Phones, Security, Economy and Employment

Mobile Phones, Security, Economy and Employment
.
An article in the Telegraph on the 6th November 2009 caught my eye, titled "Inventor of mobile phones says they have become 'too complicated" are the thoughts of Martin Cooper who was th lead engineer at Motorola and made the first mobile phone call in 1973.
.
.
Echos of how complicated mobile phones can be are common views heard from many users. However, we need to make the distinction that complicated doesn't mean they are "functionally unused". As usage and personal data populates many memory areas in mobiles it is because of that "functional use" it is so important to mobile telephone examination.
.
The places where user information proliferates are places in smart phones memory that are simply not being examined by practitioners as they are being led to place too much reliance upon the machinery (reading devices) where the output is being presented parrot fashion. The machinery does not contain the high level of competence necessary to cope with all the aspects associated mobile telephone evidence. Neither, for that matter, does the machinery examine all areas of memory. The current round up of forensic readers on the market simply surf certain quarters where certain information resides in memory. Data recovered can also vary dependent upon the machinery and the machinery recovering data from some makes, models and firmware versions. It is great having tools but they really do not supercede in any shape, manner or form the ability of the knowledge and skills needed by the practitioner.
.
The above are some issues that are influencing the need for a common mobile telephone forensics standard in the UK. Other factors that require change:
.
-No longer have unnecessary separated areas between law enforcement and the independent sector.
-No longer have poorly considered policies, practices and procedures regarding mobile telephone examination and evidence because they are not fully considered by all
-No longer have various public agencies promulgating confused and diametrically opposed procedures
.
Another reason why it is important to have a single common standard approach (and a second reason why I started the mobile forensics and evidence Pathfinder Approach) is the misrespresentation regarding the status of 'mobile phone'. Inspite of a hugh array of information about wireless, radio, radio signals and their role in the creation of a mobile phone, there still remains a persistence in the forensic and evidential system in indulging the notion that mobile phones are computers. That is rather ashame because whether it is done for cheap-labelling or getting bigger budgets (more than likely) it is largely unnecessarily and willful. Computer forensics in the area of data recovery from mobile phones has made an enormous contribution to our field. But after data recovery has been performed what else does computer forensics do for mobile phone wireless, radio, radio signals etc? Nothing. That is because computer forensics is not a discipline needed to embrace wireless; computing is rather a subset of wireless communications.
.
A mobile phone is a wireless device at first instance and designed for that purpose. It has a history, decades before the hybrid (computer) was created. Mobile phones allow for instantaneous radio telecommunications to place and to enable voice and data to be communicated. The device also allows for a memory area to record exchange of information. Overall this makes wireless devices useful to the user and gives them an appeal of user-friendliness.
.
Memory, code and data can be found in many systems and devices and code and data may be subjected to computation, but in their finite existence they are not a computer. These elements are storage, protocol and information. The only area where mobile telephones are connected with computer, per se, is that they have a CPU to enable computation. But mobile phones could operate without a CPU albeit currently the experience would no doubt not be too pleasureable, and in the future where the commonly understood CPU is dispensed with.
.
Yet a further reason why practitioners tacitly admit, through their conduct, that a mobile phone is a wireless device and not a computer is through the use of radio isolation (faraday rooms, tents or bags). Faraday rooms can cost £70K of tax payers money. So why would practitioners use radio isolation if the device under test was simply a computer? Moreover, how could cell site analysis be conducted if mobile telephones were simply a computer?
.
Moreover, wireless and mobile telephones have their own legalisation, directive, standards and guidelines - none of these designate them, technically or otherwise, as computers. Indeed there is a huge number of mobile telephone departments and labs in the public sector - none of them are labelled computer.
.
Two further reasons for a common standard created by all practitioners to underpin integrity:
.
- to give courts of law guarantee about the relability of mobile telephone evidence and opinion and to allow the legal system to it jobs as opposed to trying to hoodiwink the legal system or dictate to it; the current position is high% of evidence is being pushed through on the nod without any appropriate or independent assessment or scrutiny. This is occurring because many claiming themselves to be experts the basis for which is that they have had several mobile phones or owned mobile phones or visited forums or bought a piece of equipment that reads mobile phones. This area potentially opens the door to a huge range of appeal cases costing tax payers many millions of pounds which society can ill-afford given the economic pressures on the UK for the next 6 years.
.
- there is no single coherent standard for mobile telephone examination in the UK, despite the fact that up until 2003/4 Britain led the world in mobile telephone examination and evidence which was underpinned with alot of my work that begun the programme to help law enforcement understand the technological evidence with which they were dealing. When the public sector changes took place, experience was through out of the window in favour for opening pandora's box; anyone with relatively limited experience could give mobile evidence or had a desire to train others in mobile phone evidence, they could do so; Britain's international standing has been allowed to plummet and has been dropping further ever since. This is what awaits the Olympic Games in 2012 in this country and it is important to rectify this.
.
Lastly, I point out to Government Ministers looking at this matter, you will have seen the UK MTEB Mobile Forensics Conference 25th and 26th November 2009. The point of the Pathfinder Approach is to ensure Governement has the experience available to it, not simply from Law Enforcement, but from the independent sector where 90% of knowledge and skills are developed for mobile phone examination and evidence.
.
However, there is some disappointing news that many of the Constabularies are not even sending one representative to the Conference because we are told they have no money (even where everyone knows the Conference charge is extremely low and is a not-for-profits Conference). Also, that apparently it would impact for the attending person to justify how s/he will do their work to catch up after 2-days away from the office; this is on the basis that delegation of work doesn't exist. On the back of that, numerous outsources to those Constabulary not attending, have not signed up either. This is not a case of forcing them to attend, but it highlights the glaring obvious gaps across the UK and the regional educated pot-holed thinking in the country.
.
A list of delegates of those attending Conference and speakers supporting the Pathfinder Approach can be provided to Ministers. I can confirm there are some law enforcement and public agencies attending.
.
The Economy and Employment
Maybe the NAO and/or the Competition Commissioner might start to look and to see whether the way the forensic system is divvied up stilfes proper competition in the UK and impacts on town and urban regeneration to help develop small businesses, leading to employment. For instance, what is the point of a Constabulary throwing £1-million or more at one firm when a contract for 3 years @ £100,000.00p.a. to one small firm could enable eg one-person business to take on, say, one secretary and one assistance for 3 years:
.
- £50,000.00 Principal
- £27,0000 Secretary/Assistant
- £5,000.00 for equipment
- £1800.00 for compliance training and checking
- £16,200 for office rent/business rates/phone etc etc
.
Using the £1-million as the financial basis, multiply the above idea by 10 new small businesses, 20 people newly employed, rejuvernation of local funding to locals councils and suddenly spread across the country the grass roots of growth can start without the Governement having to increase current funding levels. Certainly, if I were offered a deal like this and with my understanding of the forensics arena I could have turned one of these businesses in two years providing employment for 10 people and in 3 years employ 25 people and teach other businesses how to do it as well. I have been in this business for over 20 years. The Police have never offered me a £1 million or £500K pa contract for that matter but still seek out my advice. So why can we not put my skills to help others.
.
To assist I have a plan that can keep those new businesses up to common standard for 3 years under their contracts. Also I have a team I have identified that along with myself could spear head this project to lift it off the ground.
.
How will this help Parliament. MPs from all parties can now go back to their constituencies and offer some hope of rejuvenation and employment.
.
Hmmm....I wonder if "Dragons' Den" might be interested in this.

No comments: