iPhone - Does it Help the Police or Criminals More?
08.23.07 - 04:15pm
Cell phones have been used for years now as court evidence, most often to convict rather than defend people of crimes.
“People seem to take joy in recording their crimes to their mobiles,” said Lester Wilson, managing director of Crownhill, a company that makes a forensic tool for snarfing evidence off SIM cards in cell phones. “Anything you can think of — street robbery, kidnapping, sex crimes — they’re taking pictures.” Wilson work for the London police has required him to extract data from SIM cards “covered in blood, or bitten.”
While the iPhone is more likely to carry more data, due to its web use, than normal cell phones (a good thing if trying to catch a criminal) it can also be harder for the cell phone forensic scientists to get to the data without compromising it and making it unusable in court.
“There is more information in there than your average cell phone,” explains Donnelly. “The ease of use lends itself to more use … and more use creates more artifacts.”
More artifacts but with the iPhone closed systems more problems for the forensic experts.
“The iPhone is evil,” says Amber Schroader, CEO of Utah-based Paraben, a leader in digital-forensics software development. “It’s Mac OS X, and it’s a completely closed system.”
In the system of forensic cell phone science their is a special term for Mac systems called Mac forensic analysis, as it is a completely different system from any other PC. Those who know it are considered “highly specialized”.
“To know the iPhone is to know the Mac or vice versa,” explains Derrick Donnelly chief technology officer of Blackbag Technologies, a Silicon Valley-based company specializing in Apple forensic solutions. “Because it’s a different file system and a different operating system, right off the bat the things you’re usually looking for are not in the same places and they are in a very, very different format.”
Scientists are now required to use the forensic tools that show that the phone was not able to be tampered with by someone. It has become easy for people who know what they are doing to “plant” evidence on a cell phone. They can do this by showing calls or text messages were made that weren’t. Now companies have a “forensic” version of software that saves a cryptographic hash of the data so that it can be proven it wasn’t tampered with.
Since the iPhone is a different system from traditional cell phone none of the forensic tools that have been invented to get into the data without compromising it will work. Due to this fact forensic scientists for the moment are reduced to using old-school techniques such as photographing the data as it is displayed on the screen itself.
All in all as good as the iPhone is at storing the technology it is just as good at hiding it, and it may take a few more hacks before forensic scientists are able to get to the information without destroying its credibility by turning the phone on. For now their best bet is to find a computer the phone may have been linked to and get the data from there, (an hope its not a Mac.)
You might not be able to get the information off the iPhone,” says Donnelly, “but you may be able to get other devices that the iPhone was connected to. If the user had uploaded their phone’s data, analysts may find copies on the linked computer.”
Speak Your Peace