Chapter 13: Forensic Examination of Handheld Devices

Previous page
Table of content
Next page

Highlights

Personal Digital Assistants (PDAs) and mobile telephones are rapidly becoming a necessity for many people around the world, including criminals. Many vice officers and courts consider mobile telephones and pagers as an integral part of drug trafficking and dealing. This connection has motivated some halfway houses and schools to prohibit these devices. Also, parole boards are including these and other electronic devices in the list of items that certain parolees cannot possess.

CASE EXAMPLE (UNITED STATES v. RANDOLPH 2002):

start example

Randolph was convicted for armed robbery, burglary and criminal conspiracy. After his release to a halfway house, Randolph fled the halfway house and did not return. Randolph was later found at his sister's house and, upon entering his room one of the parole officers, Agent Taylor, saw a mobile telephone and pager in plain view. Randolph's possession of these items was in violation of specific conditions of his parole, which provided that he was "not to possess, on your person, property, or residence, any electronic paging devices such as pagers, cell phones, digital phones, etc." When Agent Taylor neared the cell phone, Randolph blurted out, "Oh, that cell phone doesn't even work." Agent Taylor then looked under the bed, which occupied much of the room, and found a 9 mm semiautomatic Llama firearm, which was loaded. Further search of the room uncovered body armor (in violation of Count #2 of Randolph's special conditions of parole) as well as drug paraphernalia, such as a scale and vials.

The defense argued that the search violated Randolph's right to privacy under the Fourth Amendment. However the court held that a warrant was not required to search the room of a fugitive from a halfway house.

end example

Under the circumstances here - where the officers were dealing with a fugitive who had been convicted of armed robbery - the officers had ample justification to conduct what Agent Taylor described as a "protective sweep" of Randolph's bedroom. In the course of that sweep, once Agent Taylor saw the forbidden cell phone and pager, she had double justification for looking for other contraband and, most seriously, weapons. She found more contraband when she and her colleagues discovered the body armor, and the gun was found in a place where Randolph could well have reached it if he was unhandcuffed as he dressed.

Although compact, these handheld devices can contain significant digital evidence including schedules, memos, address books, e-mail messages, passwords, credit card numbers, and other personal information. Some devices, such as Qualcomm's Kyocera models, combine a Palm OS PDA with a mobile telephone to provide a wider range of features and correspondingly more types of digital evidence. Other handheld devices are optimized for data acquisition such as bar code scanning and scientific measurements (e.g. voltage, temperature, acceleration). Furthermore, some PDAs and mobile telephones use Bluetooth and other wireless protocols to communicate with other nearby computers to form proximity networks (impromptu communities).

Many handheld devices can already be used to exchange photographs and access the Internet. As the technology develops, higher data transmission rates will allow individuals to transfer larger files and use handheld devices in much the same way as we currently use laptop systems. This rapid development of mobile computing and communication technology creates opportunities for criminals and investigators alike. This chapter describes the basic operation of handheld devices and presents tools and techniques for acquiring and examining digital evidence on these devices.

Many investigators do not realize that handheld devices can be a valuable source of digital evidence and fail to preserve them as such. It is not unheard of for an investigator to make calls from a victim's mobile telephone, using numbers programmed into the telephone to speed dial family members of the victim. As with any computer, operating a handheld device can destroy existing evidence. Furthermore, digital evidence in handheld devices can be lost completely if its batteries run down and can be overwritten by new data it receives over wireless networks. Therefore, it is advisable to acquire evidence from handheld devices promptly.

This chapter describes the structure and operation of handheld devices, how they structure data, and tools that can be used to process the digital evidence they contain. Notably, handheld devices are just one type of embedded system. A more in-depth treatment of embedded systems, including GSM mobile telephones is provided in the Handbook of Computer Crime Investigation, Chapter 11 (Van der Knijff 2001).



Previous page
Table of content
Next page
Digital Evidence and Computer Crime
Digital Evidence and Computer Crime, Second Edition
ISBN: 0121631044
EAN: 2147483647
Year: 2003
Pages: 279
Authors: Eoghan Casey BS MA
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
MySQL Clustering
Mapping Hacks: Tips & Tools for Electronic Cartography
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
802.11 Wireless Networks: The Definitive Guide, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy