Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Smash, Drown, Burn and Shoot Your Phone: Forensics May Recover the Data

February 6, 2020

A lot of criminals have found to their chagrin that smashing, drowning or burning their phones doesn't necessarily mean the data is gone. Heck, shoot it for good measure! As Naked Security reported on February 4, you can do all these things but it doesn't matter so long as the internal memory chips still work.

The US National Institute of Standards and Technology (NIST) says it recently conducted tests using 10 popular Android smartphones careful loaded with a mix of data (social media, photos, app data, GPS traces, etc.) accumulated during simulated use.

Engineers from NIST and its forensic partners then attempted to extract the data from the internal chips using different methods to compare with the original data set. At a physical level this involved hooking up to the test smartphone's circuit board via 'JTAG' test connectors or by carefully extracting the chips and connecting to them direct. NIST writes:

"The comparison showed that both JTAG and chip-off extracted the data without altering it, but that some of the software tools were better at interpreting the data than others, especially for data from social media apps."

It's a big challenge. Neither technique is easy, especially extracting data using JTAG, and that's before factoring the shortage of trained forensics people and the subtle differences between different data extraction software and the diversity of smartphones.

NIST forensic expert Rick Ayers said, "Many labs have an overwhelming workload, and some of these tools are very expensive. To be able to look at a report and say, this tool will work better than that one for a particular case can be a big advantage."

Anyone who's interested in their findings can read the first set of results on the Department of Homeland Security (DHS) website. So far, the researchers have only managed to test two software products against the physical methods, which underlines the scale of the testing challenge ahead of them.

Note that these techniques allow forensics teams to retrieve data but have no bearing on their ability to bypass any encryption that has been applied to it – which is why the government keeps pressing for back doors.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Smash, Drown, Burn and Shoot Your Phone: Forensics May Recover the Data

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer