Sunday, February 28, 2010

Mobile Phone is not a 'Closed Container'

Mobile Phone is not a 'Closed Container'
.

There has recently been an important judgment in an Ohio Supreme Court that ruled a mobile phone is not covered by the status that a mobile phone is a "closed container" for the purposes of searches; thus mobile phones require a "warrant" prior to searching their (mobile phones') contents. The ruling also refers to the "unique nature of cell phones".
.
.

A commentary discussing part of the Ohio Supreme Court finding

.
In the present case, Justice Lanzinger wrote, "The state argues that we should follow Finley and affirm the court of appeals because the trial court was correct in its conclusion that a cell phone is akin to a closed container and is thus subject to search upon a lawful arrest. We do not agree with this comparison, which ignores the unique nature of cell phones. Objects falling under the banner of 'closed container' have traditionally been physical objects capable of holding other physical objects. Indeed, the United States Supreme Court has stated that in this situation, 'container' means 'any object capable of holding another object.' New York v. Belton,/em> (1981)."

.
.

Further more indepth information:

.

http://www.supremecourt.ohio.gov/rod/docs/pdf/0/2009/2009-Ohio-6426.pdf
http://www.supremecourt.ohio.gov/PIO/summaries/2009/1215/081781.asp
.
.

This is not the first time the treatment towards mobile telephones has come under scrutiny in the US:

http://trewmte.blogspot.com/2009/02/cellular-phones-warrantless-searches.html
.
.

Looking Forward

It is going to be interesting to see how the US Supreme Courts will interpret how mobile phones have been examined and the programming that is imposed on them before the evidence was gathered?
.
.

In the UK, mobile phones have, for some unearthly reason, been attributed a Catagory 2 status under S129 Criminal Justice Act 2003. This allows the Prosecution to stand before the Court and say there is no justifiable reason to have this (mobile telephone) evidence excluded or make it the subject of a voire dire. Apparently, the Prosecution having been mistakenly led to suggest to the public Courts of Law that a mobile phone is almost a dumb terminal to which one simply plugs it in and simply print-off the evidence.

.
.

Having spoken to as many examiners, in the independent marketplace and in the Police as I can and running discussions at Forums (frequented by examiners), I cannot find one examiner who admits to ever informing (or who would have informed) the Prosecution of the explanation given above that would put mobile phones under Cat 2 S129 CJA2003.

.
.

I have not found one examiner who doesn't admit that for the majority of mobile phones it is inescapable thus unavoidable but to programme the mobile phone to get the evidence. Moreover, it has not been possible as yet to find out where the advice came from that informed the Prosecution to make the Cat 2 S129 CJA2003 attribution, when clearly Cat 3 for S129 CJA2003 is the appropriate.

.
.

What examiners are saying is that they do record 'contemporaneous notes' and honestly record what is done when examining phones under public sector contracts for the Police. What they are equally saying is that they are never asked for those notes and the Police do not require them to provide those notes upfront with their evidence. It is acknowledged that much of the programming that goes on with mobile phone examination perhaps does not get recorded in the Reports that actually get presented to the Judge, Juries and to the Defence.

.
.

So what might be the way forward. Well clearly it would be very difficult to carry on the way that it has been going. Observations about what was and is also needs to be viewed. Section 69 of the Police and Criminal Evidence Act 1984 was repealed to make it easier for the Prosecution to present its evidence. Under S69 PACE 1984 the Prosecution had to provide a Certificate and demonstrate the data had not change in the operation of the computer and in the obtaining of the evidence. Presumably the Catagories assigned to S129 CJA2003 are meant to provide some form of appropriate test?

.
.

I recently raised the idea that all mobile phone forensics tools used to acquire evidence should be Certified/Validated:

.
.

http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=5346

.
.

Over 1800 have viewed this important discussion; 36 have voted thus far. It is not actually that difficult to create Certified/Validated tools scheme but it is largely people having expectation that costs will soar or prevent free/low cost tools being brought to the marketplace, when dealing with the way mobile phones operate and the way people and the tools conduct examination in our 'field of distinction'.

.
.

But whatever peoples' feelings about this subject, importantly Certification/Validation would provide for the Courts an open-handed description of what the tools actually do and what actually has been done to get the evidence at first instance. Moreover, it doesn't remove the requirement for user training and having technical knowledge of the science/technology from which evidence is generated, nor reduced skillset and experience. Currently if someone goes on a handset reader training course they are told they are validated as a mobile phone examiner. That simply isn't correct. The person is approved merely because they are said to have understood they from the training, push the buttons on and connect phones to the handset reading software/hardware and the output material as to where to find data. In this regard the over-marketing, perhaps unwittingly so, has created false expectation in those users who have received the tool training and leaves them noticeably vulnerable when challenged by their peers.

.
.

There is more to come on this subject, it is just that there is not sufficient time at the present moment.

Monday, February 22, 2010

Humanitarian Aid or Pay As You Throw?

Humanitarian Aid or Pay As You Throw?


Vodafone's 150 design shape reminds me that this looks like a squared-edged version of the old rounded-edged Phillips Savvy (back when Virgin Mobile sold it in a box through their music chain stores) that use to be on the market. One distinction here though is that Vodi is selling the Vodafone-150 into developing countries India, Turkey and eight African countries including Lesotho, Kenya and Ghana at $15.00 (£10.00). The disclosed objective is a worthy and laudable aim that out there in the Africa countries communications relevant to voice calls, SMS, financial transfers and healthcare have more importance and relevance than touch screen functionality, games and posturing as to who has a weird app that they want to boast about.
.

The spec given for this product:
.

"Vodafone 150 device specification: Black candy bar device with 5-way navigation key; 1.0” monochrome graphic display 96x64 pixels; voice and SMS; GSM 900/1800; polyphonic ringtones; vibration; alarm clock; calculator; currency converter; 2 embedded games; memory for up to 100 entries in phonebook plus SMS storage; torch; battery: 500mAh (standby up to 400h, talk time up to 5h); mini USB connector."
.

A truly magnificent gesture on behalf of the international community would be to allow mobile phone credits to be used to purchase food and water, medicine, etc other than only allowing it to be solely used to make a mobile calls, whilst idly sitting by watching human life being put at risk. What could there ever be the point in watching people die of starvation and dehydration?
.

Imagine for each mobile phone user a maximum credit to purchase life sustaining essentials could be made available. Imagine that specialist supply waypoints (International Humanitarian Aid Points) were setup whereby the genuine user can get food/water, medicines etc, then the waypoints can check the applicants wanting the food/water, medicines are the genuine users of the phones. What a fantastic way that would be for finitely targetting humanitarian monetary aid to those in need.
.
Of course, it is not unrealistic to observe that there is also a calculated risk being taken here that cheap handsets can lead to their owners using them as disposal objects, as opposed to meaningful devices. Any owner migrating as a roaming-user are unlikely to be barred from making calls because the handsets are dual band RF chipset(s) (GSM MHz900/GSM MHZ1800) so should work in any GSM network.
.

Cheap handset can also make them a target for unlocking. It is not hard to imagine, cheap phones like these will not be long out of the cargo doors before they are being supplied into Europe. So this is one of the calculated risks (the other side of the coin so to speak). Such low-cost handsets (or officially "ULCH phones") are not new. We were already aware of ULCH's some years back but they have now grown in status as viable products because of the World recession. Cheap handsets are in Europe at the moment and regularly used in crime and thown away afterwards.
.
.

How might any operator stop such ULCH phones being used for making chargeable calls where such calls are being made for the purposes of the commission of a crime? Well, the first obvious point is to include a validity integrity key (VIK) to be transmitted along with the IMEI and associate the VIK to the IMEI at manufacturing production stage. Were someone to clone the IMEI of a handset it would not be associated with the VIK and therefore the network could detect this and block the handset from making calls. Equally, if the financial credits on the phone were from Humanitarian Aid, then the network operator could equally help in stopping that credit being spent on phone calls associated with crime because of the VIK conflict with cloned IMEI and/or because the phone isn't in the geographical region to which it was expected to operate (as a humanitarian aid phone). Moreover, the idea of security VIK/IMEI could be implemented in every new handset issued and maybe able to be implemented via SMS Class 1 messages to older handsets already in the marketplace. Realistically, how long would this take to be implemented? It depends, in as simpler statement that can be made, how long it takes to implement signalling in the network to the EIR and a response from the EIR.
.

I have sent this thread up to President of the United States of America, Mr Barack Obama, to the World Health Organisation, Oxfam, and to UK Government etc.

Friday, February 12, 2010

Certified/Validated Mobile Phone Tools

Certified/Validated Mobile Phone Tools
.
A Poll running over on ForensicFocus (www.forensicfocus.com) concerns mobile phone tools used for examination that have not been Certified/Validated as forensically sound for the purpose to which they have and are currently being put to use to generate evidence. The Poll questions are:

.

All Mobile Phone Forensic Tools should be Certified/Validated?
--> I strongly agree all new and existing tools should be Certified/Validated
--> I strongly agree that only new tools should be Certified/Validated
--> I agree such a scheme could be useful but not a necessity
--> I disagree as such a scheme would affect sales/profits or my job skills
--> Who cares, we've been getting away with it so far
.
.

Poll weblink:
http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=5346

Thursday, February 04, 2010

Finger powers mobile phone battery

Finger powers mobile phone battery
.
At trewmte.blogspot I have endeavoured over the years to ensure part of the content identifies innovations in the marketplace:
.
IPhone unlocker
http://trewmte.blogspot.com/2008/11/sim-dialer-iphone-unlocke.html

Telepathic Chat via Cellphone
http://trewmte.blogspot.com/2008/03/worlds-first-cellphone-telepathic-chat.html
Membrane technology
http://trewmte.blogspot.com/2008/12/another-ultra-thin-membrane-device.html
.

I also reported (back in 2008) how researched had been conducted into using sound waves to charge mobile phone batteries: http://trewmte.blogspot.com/2008/12/sound-waves-could-power-cell-phone.html . This year, 2010, a new invention has been developed that requires twirling a mobile phone battery (with the use of one finger) 130-revolutions generating 25-minutes standby time and 2-minutes talk time. The idea for this invention comes from Designers: Song Teaho & Hyejin Lee at http://www.yankodesign.com/2010/01/04/cheers-to-finger-power/. The invention is promoted using the following photoimages.
.

.
.
.
.
This invention is unliklely to replace the battery charger (PSU) but as a 'Green' (environmental) back-up power charging alternative, the idea may find merit with the mobile phone handset manufacturers. No doubt there will be those who may criticise the invention based upon 130-revolutions generating only 2-mins of talktime. However, 260-revolutions generating 4-minutes of power need not be spent '
yakking' away on the mobile phone, but perhaps sending text messages. Or it might be useful where a user's standard battery has discharged but may need to make an emergency call (999 etc); perhaps this design may have synergy with that old adage "necessity is the mother of invention".

Wednesday, February 03, 2010

MNO & VMNO SIM Cards

MNO & VMNO SIM Cards
.

.
If everyone can email to me (trewmte@gmail.com) a photo image of any MNO or VMNO SIMs complete in ISO Card (ID-1 card) then it could be helpful when dealing with examinations.
.
This is thread also posted at:
http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=4516

.
The image below is a Lyca Mobile SIM Card but embossed on the ID-1 card are the Mobile Telephone Number (MTN) and PUK Code on the front of the card. It would appear from other SIM examiners that I have spoken to that the MTN and PUK Code are commonly found on VMNO SIM Cards. Maybe MNOs ought to think about giving the PUK up front, too, as there appears no objection to the VMNOs doing it.

MNO & VMNO SIM Cards

MNO & VMNO SIM Cards
.

.
If everyone can email to me (trewmte@gmail.com) a photo image of any MNO or VMNO SIMs complete in ISO Card (ID-1 card) then it could be helpful when dealing with examinations.
.
This is thread also posted at:
http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=4516

.
The image below is a Lyca Mobile SIM Card but embossed on the ID-1 card are the Mobile Telephone Number (MTN) and PUK Code on the front of the card. It would appear from other SIM examiners that I have spoken to that the MTN and PUK Code are commonly found on VMNO SIM Cards. Maybe MNOs ought to think about giving the PUK up front, too, as there appears no objection to the VMNOs doing it.