CSI smartphone
Posted on 15 Jul 2011 at 14:20
Stewart Mitchell reveals how forensic experts use smartphone data to place suspects at the scene of the crime - or in someone else's bed
Where you’ve been, who you’ve talked to, who you’ve been sleeping with – secrets that people wouldn’t even share with their closest friends are being spilled into a device that knows you better than any confidant.
Apple may have publicly denied that it’s tracking people via their iPhones, but the police and private forensic experts have no compunction about unlocking the secrets stored in smartphones.
Last year, the National Policing Improvement Agency placed mobile phone evidence in the top tier of training requirements for officers, teaching them how to secure evidence gleaned from handsets, with 3,500 officers a year expected to take the course.
The police and private forensic experts have no compunction about unlocking the secrets stored in smartphones
On top of in-house expertise, a huge number of handsets are sent to forensic specialists for analysis to discover where they’ve been and what they contain. “From what we see, 18 months or two years ago the proportion of smartphones we were seeing compared to PCs was very small,” said Phil Ridley, a mobile phone analyst with CCL-Forensics. “Now it’s well over half the devices that we see. We see both prosecution and defence – as well as private cases.”
Your smartphone could place you at the scene of a crime, destroy an alibi or maybe even provide one – which is why one of the first things police now do at the scene of a crime is take away a suspect’s mobile. “There’s so much in there,” said Ridley. “Pictures, notations, communications records, location information from cell records and Wi-Fi. You have navigation information in there from satnav software – the list goes on.”
Access all areas
With so much potentially incriminating evidence available to the police, you might think that there would be privacy protection in place to stop authorities probing your handset – but you’d be wrong.
According to legal experts, police have wide-ranging powers to search mobile phones providing they have a “reasonable suspicion” that a crime may have been committed. Once inside a handset, they could well stumble across other evidence, which could also be used in court.
Find out more
Can you really wipe a smartphone?“The baseline rule has to be that there is a reasonable suspicion that an offence has been committed for a phone to be inspected and to do an on-the-spot search,” said Tracey Stretton, legal consultant for data-recovery specialist Kroll Ontrack. “If you see a man after a car accident, you wouldn’t need a warrant because you could have a reasonable suspicion that a traffic offence had been committed.
“If you’re looking into one crime and find something else on the phone, then I guess the police would follow that line of inquiry. They wouldn’t stop to get a warrant because they now have suspicion of a further offence.”
No wonder the Police Central e-crime Unit dedicates significant space in its guidance notes on how to secure and retain data from mobiles, which is considered more difficult than PCs.
Or if you are planning a crime, you do like they did in the Bourne movies.buy up cheap mobile phones with sim cards. make the calls to setup the robberies/assassinations/etc with the crew or Mr Big. then just ditch/destroy the phones.Maybe buy 20/30 phones at £15 each just to make several calls and just ditch the phones.
There's a lot to be learned from Spy Movie's.The script writers have already though of it.
By Jaberwocky on 16 Jul 2011 
Um...Flash memory isn't volatile
That's kinda the point of flash memory.
As for the actually RAM-like memory in the phone, yeah...having a battery running is important.
But most smart phones store everything in flash so that you don't lose it when there are no more electrons around...
Just sayin'
By profshadow on 17 Jul 2011
Splodgebucket
Surely a GPS location record is not enough to prove presence (or absence) from a scene of a crime -it only proves the phone was there, not the alleged user. Extra evidence is needed to prove the person was there at the time.
By jbarnett on 18 Jul 2011
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on pictures@dennis.co.uk
advertisement
- Kim Dotcom outraged after Megaupload data "massacre"
- Yahoo: recycling user IDs isn’t a security risk
- Microsoft offers bug bounty for Windows 8.1
- Apple TV adds HBO Go, Sky News and WatchESPN
- Surface RT tablets to feature Qualcomm processors
- Microsoft frees two million PCs from botnet
- Government wheedles more funding for online child protection from ISPs
- AMD’s "Seattle" ARM chips set for 2014 release
- Microsoft offloads cheap Surface RT tablets to schools
- Outlook.com to ditch linked accounts over security fears
- Adobe Dreamweaver CC review: first look
- Huawei Ascend P6 review: first look
- Adobe Illustrator CC review: first look
- Let MPs tell us what they really want ISPs to block
- Adobe Photoshop CC review: first look
- WWDC 2013 and iOS 7 launch: live blog
- Sony VAIO Pro review: first look
- Want child porn blocked? Meet the IWF
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
advertisement
