Blog

We are constantly fighting a tide of new firmware versions from smartphone manufacturers, and it is easy to get overwhelmed with the changes. Each of these firmware versions can dramatically change the results we receive in our acquisitions and with our investigations. Lately iOS 9 has been released, patched, and released; it is good to know where you stand with this firmware when it comes to your examination.

Jott is an interesting new App that has gained favor with teens because of some unique features. Jott is very similar to other popular Apps like KIK, TextPlus, and TextFree in that it allows text talk between friends, but unlike the others, it also has a social network feature. So what makes it so special? The reason it is special is how the communication happens. Jott works with Bluetooth, so it doesn’t solely rely on a cellular or WiFi connections. Many people and investigators can forget about Bluetooth as the red-headed stepchild of connections, but in the end, it is a great option for communication. I tested this theory with my 16-year old son because at his school there is no WiFi and no cellular. He loved the idea because he could then connect to anyone within a short distance and hit them up with questions like, “hey where r u?” Although this might not seem like priority communications to an older age group, that connection is like a drug to the younger age groups.

The Amazon FireTV Stick is essentially an Android device that can turn your TV into a smart TV. When you plug the device into an HDMI port and provide power through the microUSB cable, the FireTV Stick boots up and you can run any number of applications like Pandora, Netflix, Hulu, Plex, etc. For most users, it will be used to play video and music only. However, with the ability to run nearly any Android app including Facebook and other social media apps, it will undoubtedly contain valuable forensic data. In fact, even in its everyday use, examiners can find useful information about a suspect. There's even a smartphone app that acts as a remote control for the FireTV Stick. Unfortunately, there doesn't seem to be any user data on the app other than the name of the FireTV Sticks it has connected to when it comes to looking at the device.

Gaming console forensics is often overlooked by examiners, but times are changing where these gaming consoles are moving up to be the primary access point for some users. However, there are several obstacles to overcome when it comes to Xbox One forensics. First, you must find a tool that supports the modified NTFS (sometimes referred to as NTFSx) file system found on these consoles. Second, you must be able to acquire an image of the Xbox One hard drive. Last, you must be able to make sense of the data.

For anyone who has done mobile forensics for any length of time, you have likely come to had "burn phones". These inexpensive phones have been used for years by criminals because they are cheap and can easily be thrown away after being used for a short amount of time for nefarious purposes. These phones are typically broken into two categories the feature phone, and the smartphone. Both are still classified as burn phones. The largest problems with these types of phones are focused on the data connection that the manufacture has allowed with the device.