Validation of ones tools has been very important in today’s very complex world of Cellphone acquisition. Courts are requiring tool validation before allowing evidence into their courtrooms. Military operations require validation that the tools being used work before operators use them on the battlefield to gather evidence/intelligence. Validation is a big problem, as many people do not have the time or expertise to create validation or test devices. HTCI has been doing this type of work for years in its classrooms. HTCI not only has the expertise but the tools to properly seed/load devices with data to be used in validation tests. The current phone included in the package price is a BLU 4.0 Android 4 phone. For an increased cost we can provide any of the following:
IOS Devices (Phone, Tablet and Watch)
Windows 8 or 10 (Phone or Tablet and Watch)
Android Tab or Note Series
Android Watch
Android Tablet
Garmin GPS
The price increase will depend on the device and version required and will be added to the package cost
Cell phone test plan seeding overview.
4 Generic Scenarios have been created. Custom scenarios can be created to replicate any crime or threat where a media device is present. The list below are the current scenarios.
Anti-American – Images and messages reflect an Anti-American attitude.
Intel Gatherer – Images and messages are designed to emulate someone taking photos of military operations. A clear pattern can be seen through the images.
Citizen – Images are designed to show a family person with a family. Texts and messages reflect this person’s unaffiliated nature. This is the neutral person scenario or someone caught up with others that is truly not a part of anything.
SIM – This scenario had to be created to seed some of the oldest Nokia phones. They were not able to connect to the cell network using the SIM cards purchased for the test. The SIM Cards were seeded with SMS, Phonebooks and Dialed numbers to simulate a used device. The phones were manually wiped of information.
These scenarios are based on HTCI personnel’s experiences in theater. They are not related to any specific person or military operation. The images that have been used are not internet downloads and do have any copyright attachment. The text messages are generated locally as well and have no intellectual property in them.
The Test Seeding Process
The following process was observed for all phones and is the baseline for our test.
All phones are physically checked for damage and functionality. Phones that do not meet minimum functional conditions are identified and replaced.
If multiple platforms are to be used, the devices are grouped by OS and media type.
All test devices are individually cleaned. Methods for cleaning included:
Individually deleting files from the container.
Reset of the data container to remove data from the cellphone.
Reset and wipe of the media device.
Logical extractions will be conducted with the test ripping device such as the cell phone extraction software to provide a baseline for the devices.
Data sets are then seeded to the devices in several different manners:
Manually by hand
Calling the device from cellphone to cellphone to produce the correct result
Backup restoration to ensure a direct copy
After all devices are seeded with Data Sets, Logical extractions are once again conducted with the device that is to be tested to show the difference between the pre-seeding device and post device. Devices that can be physically extracted are physically extracted.
Complete documentation is produced on the seeding process and devices themselves.
The test creation process can be used to test for:
Text Messages
Sent
Received
Unread
Deleted
Multi Media Messages
Sent
Received
Unread
Deleted
Phone Calls
Dialed
Received
Missed
Deleted
Documents
Pictures
Videos
Application pools (specific apps requested)
Encrypted devices
Phones with Malware/Spyware