Monday, June 25, 2012

Hidden data battery investigations

Hidden data battery investigations

Due to a common embedded controller found in Lithium Ion (Li-Ion) and Lithium
Polymer batteries and used in a large number of MacBook, MacBook Pro, and MacBook Air laptop computers it is possible when the battery is 'unsealed' to conceal data in its memory.

To avoid data being lost at the next boot up of the laptop, by setting the unsealed battery's embedded contoller into Boot ROM mode (factory setting stage) charging cannot function and pass information to the flash and overwrite the hidden data.

A perpetrator could therefore transport hidden data and/or pass data in the battery to another person/laptop. If the laptop/battery are seized before the hidden data has been extracted and the examiner switches on the laptop, the battery's memory can be re-written causing loss of the hidden data - a cross between a trojan horse and dead-man's trap.

It is possible to brick the battery giving the impression the battery is a dud. An examiner may not think to consider the battery as memory storage and disregard the battery during investigation.

Friday, June 22, 2012

iPhone changing to 19-pin port?

iPhone changing to 19-pin port?

Screen Shot 2012-06-20 at 5.13.55 PM
Image courtesy of Tech Crunch

This could be an interesting twist in the marketplace relating to Apple's campaign to continue separating iPhone innovation from other handsets in the marketplace, not only through the use of distinctive design, but distinctive access to the phone. According to Tech Crunch  (the popular online tech gadget news website) they have verified that iPhone is to have changes made to the pin port swapping out the 30-pin port for a 19-pin port -

Some handset manufacturers have taken the route adopting the miniUSB. See USB research reference materials (below), but other handset manufacturers still retain specialists plugs in order to gain access.

Tech Crunch's news suggests Apple are not yet ready to take the USB route. I am more intrigued though whether there is any connection between the 19-pin port intro and Apple's adoption of the 4FF-uicc size which they have been successful in gaining agreement and approval for inclusion into the ETSI standard?

4FF-uicc research reference material

The implications could be wider for the handset examination market as new standards, and tools ranging from plugs to STKs to newer software upgardes, should be expected from such a development.

Saturday, June 09, 2012

ETSI release details of new 4FF UICC

ETSI release details of new 4FF UICC

Following on from the discussion ( ) relating to SIM Card icc/uicc sizes, ETSI has now released the updated standard TS.102221 Release 11 that identifies that the new uicc size as '4FF'.

Wednesday, June 06, 2012

CSA - Masts and a head for heights

There are occasions when cell site analysis may require climbing the Mast. You really do have to have a head for heights and here is one video presenting the more extreme end of the heights that Mast climbing involves.

The video also holds some useful observations relevant to cell site identification, which is useful when considering the mini course I am running on Cell Site Identification:

Mini Course in Cell Site Identification (Pt3.s2)

Mini Course in Cell Site Identification (Pt3.s1)

Mini Course in Cell Site Identification (Pt2)

Mini Course in Cell Site Identification (Pt1)

More useful YouTube Videos on Cell Sites

Tuesday, June 05, 2012

SIM Card new 4FF form factor size

On 1st June 2012 ETSI announced a new SIM Card size has been agreed and approved for inclusion in the standard TS.102221 and the new inclusion will be in the updated standard in due course:

There are now four physical sizes for SIM Card. In the TS standard the physical card is referred to by its correct technical name an UICC (universal integrated circuit card), the UICC thus cover the transmission technologies of for GSM and 3G. Interestingly, although TS.102221 makes no reference to SIM but USIM, the generic use if the term SIM Card is still applied   

1FF: ID-1 uicc size (the size of a credit card)
2FF: Plug-in uicc (the size of a postage stamp)
3FF: Mini-uicc (the size of a finger-nail)
4FF: XXXX-uicc (12.3mm wide by 8.8mm high, and 0.67mm thick) A titled suggested for this new uicc size is nano-size. It is my suggestion that a fair representation of its size is **eye contact lense size, which might be of useful assistance to a Court or Jury.

Image courtesy of

* Diameter
The diameter of a contact is the distance across the lens in millimeters. Average eye measurement for diameter yields a size between 12 and 14 millimeters. Diameter is important for proper fit of the lens. If the lens is too small or too big, it can cause irritation or damage to the eye.
Quick reference source:

Currently TS10221 displays the characteristics for plug-in uicc and mini-uicc as:


 Regarding ID-1 uicc the ETSI TS records:

4.1 ID-1 UICC
The physical characteristics of the ID-1 UICC shall conform to ISO/IEC 7816-1 [9] and ISO/IEC 7816-2 [10].

The terminal shall accept embossed ID-1 UICCs. The embossing shall be in accordance with ISO/IEC 7811-1 [8] and ISO/IEC 7811-3 [i.1]. The contacts of the ID-1 UICC shall be located on the front (embossed face, see ISO/IEC 7810 [7]) of the card.

Discussion Updated 08-06-2012

ETSI release details of new 4FF UICC