List of built-in mobile phone web browsers

Built-in web browsers have existed on mobile phone handsets for many years before the iPhone came along and brought mobile phone Internet browsing to the masses. Internet artefacts can prove a rich source of evidence but can sometimes be overlooked during an investigation; either because the examiner didn’t know that such artefacts could be recovered or didn’t know how to find and interpret them.

Our new Built-in Mobile Phone Web Browsers page provides details on which web browser is pre-installed on which handset model (something which is often less than obvious!). The page also points examiners to where within the device’s file system the artefacts are located.

Our Phone Forensics Deconstructed training course teaches mobile phone examiners how to find, recover and interpret Internet artefacts from mobile phones.

The value of skills training

Our eye was caught recently by the editorial section of Digital Investigation journal (Vol 8, Issue 1, 2011, p2)

“Although it is important for practitioners to be conversant with forensic tools, training programs that concentrate on commercial off-the-shelf (COTS) forensic products are generally insufficient. An effective training program develops core competencies in digital forensics, and teaches practitioners to combine various existing tools and methods…….Although training that concentrates on commercial off-the-shelf forensic tools enables practitioners to perform certain routine tasks, digital investigators need to appreciate the limitations of each tool and have versatility in using multiple tools.

Hear hear!

At Control-F we believe passionately that digital forensics training is about more than knowing which buttons to click. We think digital forensic analysts need to understand underlying principles first and then introduce them to tools which will implement and automate those principles and processes (thereby making the forensic analyst more efficient).

Our vendor-neutral training courses utilise multiple tools from different vendors; we assess the value of different products during our research and course development and only include products on our courses which we trust. Any products which appear in our training courses are there because of their usefulness; we don’t get paid to include tools in our courses (although our customers often receive discounts for those products by attending our training!)

As the American essayist Ralph Waldo Emerson once said

“As to methods there may be a million and then some, but principles are few. The man who grasps principles can successfully select his own methods. The man who tries methods, ignoring principles, is sure to have trouble.”

Control-F at ICDDF 2012

Control-F Managing Director Kevin Mansell presented at the International Communications Data & Digital Forensics Seminar (ICDDF) 2012 at London Heathrow on Monday March 26th. Kevin talked about about the challenges posed for phone examiners by the 7-bit encoding of SMS messages, particularly when trying to identify and recover SMS from hex dumps of mobile handsets. During his well attended session, Kevin also provided practical advice to those in the audience for finding and recovering SMS effectively.

Our Phone Forensics Deconstructed course teaches delegates about the structure of SMS messages at a bits and bytes level, giving them the knowledge and skills they need to be able to search for, recover and interpret live and deleted SMS from hex dumps of a multitude of handset models.

Recover deleted data from Nokia BB5 handsets

Recovering deleted data from the BB5 series of Nokia handsets has long proved troublesome….until now. Control-F’s Flasher Box Forensics training course now teaches students how to safely recover deleted data from BB5 handsets such as the popular Nokia 6300, 6500 Classic, 6500 Slide and many more (without the need for physical chip removal!). In addition, students will learn how to access security code protected handsets, recover security code details and gain unrestricted access to the handset (such that a logical extraction can be performed).

Contact us now to book on our next scheduled course in May, or to enquire about running the course at your location.

Scheduled entry-level phone forensics training at Wyboston Lakes

Control-F is delighted to announce that it is running scheduled entry-level phone forensics training at Wyboston Lakes in the form of our Foundation in Mobile Phone Forensics course. Our next course runs on 23-27th April 2012 and is open to law enforcement and private sector delegates.

Foundation in Mobile Phone Forensics is a 4½ day course designed for those just starting out in mobile phone forensics (or existing examiners who have not had the benefit of formal training). The course is highly practical with delegates gaining hands-on experience with market leading forensic tools as they work through a series of realistic scenarios. Students are taught the theory and the practical sides of recovering evidence from handsets, SIM cards and memory cards.

By attending Control-F training courses, delegates will be exposed to forensic tools and products from a range of vendors (including many free utilities); thereby allowing them to compare and contrast their performance and quantify their benefit to their unit or department. All Control-F training is built around the ACPO Principles of Computer Based Digital Evidence so that customers can be assured that what is being taught is consistent with internationally recognised good practice in digital forensics.

At Control-F we know that there will be many occasions when delegates have returned to the workplace and will need to refer back to a topic that was covered on the course. For that reason students attending Foundation in Mobile Phone Forensics receive high quality printed & electronic training materials which include a 95 page book (fully referenced and written specifically to accompany the course).

Contact us today to enquire about availability and pricing.

Using flasher boxes with confidence

This week saw Control-F’s third Flasher Box Forensics course as we continue to see strong demand for the training from phone examiners who want to know how to use these powerful devices safely. The eleven delegates learned how to bypass and recover security codes as well as recover both live and deleted data from Nokia, Samsung, LG, Sagem and ZTE handsets.

The delegates were extremely positive in their feedback on the course:

“One of the best courses I have attended”

“It has given me everything I needed to know from set-up to examination”

“Well paced and relaxed, would highly recommend it”

Contact us today to find out how to book onto our next course.

Flasher Box Forensics goes down a storm

Control-F recently ran it’s first 3 day Flasher Box Forensics training course at Wyboston Lakes and we’re delighted with the feedback we’ve received from the delegates:

“This was a brilliant course – did exactly what it said on the tin. I certainly got what I came for”

“Has filled a gap in the market which will be very beneficial to a lot of people”

“Another excellent course from Control-F”

Flasher boxes help mobile forensic examiners recover evidence from devices which may not be supported by commercial off-the-shelf forensic tools, allowing them to gather key evidence. However, not being designed for forensic use, flasher boxes have the potential to erase data from devices; hence training is critical.

Contact us now before our next course sells out!

Handset-rebranding page launched

It’s quite common for the same mobile phone handset to be sold under different names; for example when a service provider releases “own brand” handsets. In order to assist mobile phone examiners in identifying equivalent models, we have produced a list of handsets and the various synonyms that they appear under. Can’t find the handset you’re looking for? Let us know and we’ll try and add it!

More rave reviews for Phone Forensics Deconstructed

Our 3 day Phone Forensics Deconstructed training course continues to get excellent feedback from delegates. Our September 2011 course was attended by delegates from law enforcement, private sector and academia who learnt how to find and successfully recover deleted SMS, videos, MMS and Internet artefacts.

Expressing his opinion on the training he’d received, one delegate stated “A fantastic course. Kev brilliantly presented full of charisma and provided delegates with masses of confidence to explain and prove points of interest”.

Flasher Box Forensics sell-out

Control-F’s new Flasher Box Forensics training course has certainly struck a chord with the mobile forensics community. Our first course running 1-3 November 2011 sold out back in August and course number two in January is filling fast. Flasher boxes help mobile forensic examiners recover evidence from devices which may not be supported by commercial off-the-shelf forensic tools, allowing them to gather key evidence. However, not being designed for forensic use, flasher boxes have the potential to erase data from devices; hence training is critical;