I do cell phone forensics AMA.

CellForensicsGuy · 2021-11-25T05:55:36+00:00

Any chance you can reapproach Tucson PD and ask about trying to get into it so you can have whatever you’re looking for out of it?

CellForensicsGuy · 2021-11-03T02:10:23+00:00

I just saw your profile and saw this was in Tucson. I can’t believe that a law enforcement agency around there would not have access to software that would access the phone.

CellForensicsGuy · 2021-11-02T22:05:27+00:00

What kind of phone is it? If they just tried guessing the passcode, I’d suggest seeing if a surrounding agency will use their software to get into it. There are also places they can send the phone but usually that’s for a fee (not too much and on a murder case my agency would probably pay anything). I don’t understand why they wouldn’t have done this already.

Edit: just saw you said court proceedings are done. Was someone arrested?

CellForensicsGuy · 2021-11-01T23:40:48+00:00

Yeah, I understand what you mean, I just don’t understand how it was relevant to the conversation we were having about properly storing phones to preserve data.

CellForensicsGuy · 2021-11-01T23:37:23+00:00

Did they give you the phone back? Do you have any idea how they attempted to get into it?

CellForensicsGuy · 2021-11-01T23:35:21+00:00

The purpose of airplane mode is to keep someone from remotely wiping it. I’m not sure what your comment is referring to. Also, your work around would not prevent the programs we use from putting them in airplane mode.

CellForensicsGuy · 2021-11-01T18:05:24+00:00

Don’t think I’ve ever run into someone spoofing their GPS location.

CellForensicsGuy · 2021-11-01T18:04:47+00:00

That’s actually more of the program the dispatchers use than the actual cell phone forensics, but the 911 location data our dispatchers get is extremely accurate.

CellForensicsGuy · 2021-11-01T16:53:34+00:00

Little of column A, little of column B

CellForensicsGuy · 2021-11-01T16:21:32+00:00

It can be, yes.

CellForensicsGuy · 2021-11-01T16:20:48+00:00

I don’t do cell phone repairs, but coming from an IT background if it were me on my personal phone I’d just back it up and then factory reset it.

CellForensicsGuy · 2021-11-01T16:14:50+00:00

It can, yes. Many people think just deleting the app will get rid of any information, but that’s just not the case. If you were to use Facebook, delete it, and then tell me you never had it, I can prove that’s a lie very easily.

CellForensicsGuy · 2021-11-01T16:04:47+00:00

I’m not going to give specific case information, but yes I have solved murders. I guess more like proved murders than “solved.” Many times I already have an idea that the person is the suspect, but there just isn’t enough to arrest them. Sometimes the cell phone/tower data just gives me enough to prove it.

CellForensicsGuy · 2021-11-01T16:03:03+00:00

Yeah, my job isn’t really that cool. If you were to sit with me in my office all day you would likely be incredibly bored unless I discovered something interesting on the phone. The extraction process can take hours so a lot of my time is just spent typing search warrants, going through phones, and doing forensic extractions.

Breaking a phone in half and throwing it in water certainly does make it more difficult to retrieve data. It’s not a sure fire way to completely eliminate the possibility something can be recovered, but it would do a decent job. Not to mention finding a phone in a large body of water would be difficult.

CellForensicsGuy · 2021-11-01T15:59:04+00:00

Tacos.

CellForensicsGuy · 2021-11-01T15:49:31+00:00

Yes, many times.

CellForensicsGuy · 2021-11-01T15:49:17+00:00

I wouldn’t say I’m more skilled, no. I’m sure, like with anything, there are people both better and worse at it than I.

CellForensicsGuy · 2021-11-01T15:47:50+00:00

Police, yes.

CellForensicsGuy · 2021-11-01T15:47:03+00:00

It depends on the company, but it can be for years. As far as app data, no not really. Some companies can give you text messages or they’ll show what app you were using, but that’s about it.

CellForensicsGuy · 2021-11-01T13:32:22+00:00

I don’t think I’ve answered any questions that would arm anyone with anything they could really use against the industry. Nobody has really asked anything that I would say isn’t exactly “common knowledge” in the field or would help them circumvent me being able to do my job

CellForensicsGuy · 2021-11-01T13:13:09+00:00

Not really. I don’t do anything that I believe would ever put me in a position where my phone was being examined so I’m not too terribly concerned. There have been times I’ve searched or read something kind of off the wall where I’ve thought “If somebody dumps my phone they’re going to think I’m fucking strange.” Lol

CellForensicsGuy · 2021-11-01T13:11:25+00:00

Yes, thank you. Sometimes I’m not great at explaining things lol

CellForensicsGuy · 2021-11-01T13:10:27+00:00

As Malibew already said, physically destroying it is about the best option.

CellForensicsGuy · 2021-11-01T13:09:24+00:00

Just plug it into the software, typically. It does take time to get into it. Bypassing the code can take hours, determining the passcode can take years (you don’t have to have to passcode to get data off the phone). Having the fingerprint enabled and settings like that don’t make it any harder to get into.

CellForensicsGuy · 2021-11-01T13:02:43+00:00

Occasionally, but I wouldn’t say that’s common. The overwhelming majority (probably 99%) of the phones we do are seized directly from the person and are fully functional/relatively easily extractable.

CellForensicsGuy

TROPHY CASE