This essay will introduce computer forensics and narrow down to mobile forensics. It will then deal with the multiple mobile devices with different capabilities as well as significant capacities to store data. It also looks at the numerous challenges that are facing the mobile forensics community in obtaining data and evidence from these mobile devices that can be used in criminal investigations. The paper also makes a description of multiple tools used in forensics as well as the laws that challenge the work of the forensics officers. These rules may include the chain of custody as well fourth amendment laws that affect and governs the whole process of obtaining evidence from mobile devices. Readers will also be able to understand the struggle that comes about with the effective management of digital evidence acquired from mobile devices as well as the issues that arise from the use of various forensic tools. The paper will then conclude the numerous challenges faced by mobile forensics officers in their line of duty awaiting resolutions for the existing law disputes as well as the mellowness and normalisation of software gears progress.
Computer forensics is also known as forensic science refers to a branch of digital forensics science involving the obtaining of information from computers and other digital storage Medias. Its aim is the examination of digital storage Medias in a forensically sound style which aims at preservation, identification, recovery, analysis and presentation of the available facts and personal thoughts about the digital info. Forensics is part of a wider form of investigations of computer crimes. This discipline is also used in legal proceedings making use of some guidelines and practices that help to create a legal audit track. However, obtaining the required data from the computers and mobile devices is not easy. The computer forensics experts face numerous challenges, especially when obtaining data from the mobile devices. This essay will concentrate mostly on the challenges facing mobile devices forensics officers and what is being done about these challenges. It will also look at the numerous tools and laws that are being used in the field and how they affect the mobile forensics experts in their work
Essence of Mobile Forensics
The process of acquiring digital evidence from mobile devices through the use of the acceptance criteria and under forensically conducive conditions is known as mobile device forensics. To justify the use of accepted and specific tech, terms such as forensically sound methods are used. Such terms are used by forensics practitioners to justify the capabilities of some piece of software or approaches of forensic analysis. It’s therefore essential for forensics analysis to understand the changes in the mobile devices technology and how to handle them in the retrieval and acquisition of evidence. Knowing different types of mobile devices and their features is an important aspect in forensics since the relevant data can be acquired from the usage logs as well as the use of forensics toolkits. While it was hard to convince the world that mobile devices are essential in easing several activities and functions, those involved in crimes were aware of this. Sue to the numerous crimes that have been noted via the use of mobile devices, it has made it essential to make use of mobile forensics tech (Cahyani et al., 2017). However, forensics experts are struggling to acquire data from the mobile devices due to various reasons.
This refers to the tools and the open source applications that are available to the forensics team. However, none of these tools is recommended. Some of the new tools in the market include the UFED devices that utilised both in the laboratory and in the field. The tool can support numerous mobile devices interface such as Bluetooth, USB, serial, infrared etc. and can extract data such as deleted text messages, call history, video and audio content. Another popular tool is the COTS tool used in the acquisition and analysis of cellular devices. These tools, however, are considered as shelfware and do not perform as marketed. Other existing products are never recommended as substitutes for other existing products such as the COTS because of their unreliability. Some of this product such as flasher boxes are complicated to use and technically challenging. They are also highly intrusive and require highly skilled labour that works with them under controlled environments to bring about the desired outputs (Paullet, Pinchot & Mishra, 2017). Failure to use skilled labour can lead to modification of the available evidence that renders it useless. They also do not give a guarantee that they will be able to provide the expected data. For other tools such as BitPim, there are several issues that arise with them such as on-time update of their software (Wilson & Chi, 2017). Their functionality is limited and determining the quality of the software is also a problem. The process of acquisition of data from mobile devices is far more sophisticated. Therefore, the forensics departments are compelled to make use of multiple tools. These tools are much expensive to acquire which strains the limited budget that is always allocated to this department
These are the most famous electronic devices that are used everywhere in the world. They include the androids, blackberry, iPhone and other mobile devices making use of different operating systems. Most of these phones have computing chips, multiple modules and different electronic parts from different manufacturers that make it hard to make use of one tool to acquire data (Patsarikas, 2017). Sometimes, it gets more sophisticated to acquire the required data which makes the forensics community to make use of the hacker community for assistance. The forensics toolkits available are compatible with devices from a few manufacturers, and the manufacturers of these tools are unable to keep up with the changing technology in the mobile devices development market (Moore, Baggili&Breitinger, 2017). This makes it technical to retrieve the required data from most of these mobile devices.
Most manufacturers are trying to build standards that will act as a baseline for the manufacture of mobile phones. The standard that will be developed will act as the baseline for development of the mobile phones. Bringing the many manufacturers together is a hard thing. Some of these manufacturers such as Apple have already announced that they will not be part of this process. Also, cheap china phones that are not built with an IMEI code have flooded the market. Such phones attract terrorists since they are hard to trace. This makes it hard for the military to know the users of the phone. Such phones are then used for terrorist activities such as the detonation of bombs
The integrity of obtaining the required information must be maintained as stated and required by the laid laws. The methods made use of to obtain data by forensics community are best represented if the required standards are known and established by this community. The process of searching and seizing evidence inclusive of computers is prohibited by the fourth amendment which might place the government at a position in which they are unable to acquire relevant evidence without a warrant. This fourth amendment states that the right of persons should never be violated in a case where they want to secure their effects, house and papers against unreasonable seizure and searches (BRYCE, MCDOUGLE & ROBERTSON, 2017). It also adds that there is no issue of a warrant unless upon a feasible basis, with the support of an affirmation or oath and making a description of the search site as well as the thing or the person that requires commandeering. The privacy and exceptions provided by the law have always acted as an avenue through which criminals get away with the evidence.
Chain of Custody and Preservation of Evidence
The forensics investigators are required to obtain evidence via the use of the most conventional avenues. Admitting of the acquired evidence is done in accord with the edicts in the hearing. The admissibility always requires strict adherence to the custody rules that exist as well as legitimate searches. This process is far more scrutinised than the process of commandeering the property (BRYCE, MCDOUGLE & ROBERTSON, 2017). Following the rules of custody and preservation of evidence sometimes can be jeopardised in violent areas which render the commandeered devices useless. For example, the forensics officers can obtain a device and are unable to place it in farady bags immediately which allows for remote wiping of data. Also, if the mobile device is powered on, I can zero up to the register that holds the location data. Due to these strict rules, the evidence that is provided is mostly useless thus making the criminals get away with their criminal acts especially in the case of a suppression hearing.
Mobile devices forensics has proved to be one of the most critical methods of obtaining evidence from the criminals. However, it is far more complicated than the old computer forensics. This calls for the use of skilled labour that can develop forensic tools that can keep up with the continuously changing mobile tech. Also, forensics experts should be aware of the laws and the principle that guide their activities. This helps them to overcome the challenges that come about with their job. The challenges faced by mobile forensics experts include strict laws that have to be adhered to, the use of complicated forensics tools that requires very skilled labor and high capital to buy manage and maintain, numerous manufacturers of mobile devices which makes it hard to employ forensics techniques in the acquisition of data and the changing technology in the mobile devices world that is hard to put up with.