Mining Cell Phones for Data
First offering in Western Canada of Teel Technologies Advanced Mobile Forensics courses
In the Donald Rix Simulation Lab at Justice Institute of British Columbia, (JIBC), 10 men are deep in concentration at tables that are messy with soldering irons, tweezers, screw drivers and small square electronic boxes with gear that allows them to communicate with cell phones. Cell phones are splayed open, the shiny microchip guts of the digital technology that we use to communicate with, and that hold the revealing pathways of our personal interconnectedness, are being retrieved, mined, and even turned into reports that may end up in a courtroom.
This is the first ever offering in Western Canada of the Teel Technologies WildPCS Mobile Device Repair and JTAG Mobile Forensics Training, a five day course by Teel Technologies Canada that took place in late September. The company specializes in tools, services and training for professionals tasked with investigating wireless devices, analyzing networks, or securing communications.
Law Enforcement officers from across Canada have come to JIBC from municipal police forces and R.C.M.P. Detachments to learn how to dismantle, repair, access data and decode this data for reporting purposes.
Retired detective a 'cop geek'
TEEL Technologies Canada is owned by Bob Elder (partnered with Bill Teel in the USA). Elder is a retired detective from Victoria Police Department and currently a Special Constable with the Saanich Police Department.
Known as CopGeek018 around the world, the nickname came from Elder’s passion for getting information from cell phones, portable storage media, and digital devices like cameras, GPS units, mass storage items and computers. It’s a relatively new field with the teaching of how to retrieve mobile data from secure devices using processes like JTAG and Chipoff. And, it’s a field that demands constant research to keep up with ever-changing technology. Elder says that every time a new operating system is developed, the technology challenges what he already knows.
On the third day of the course, Elder is observing Perry Kuhl, a detective with the Santa Barbara’s County Sheriff Office, who is teaching the course this time. Most of the instructors are full time police officers who teach for Teel Tech on their own time, geeks like Elder, who are passionate about this new field.
Law enforcement from across Canada
The law enforcement officers in attendance have come from Sarnia, Regina, Winnipeg, Edmonton and Vancouver. They’ll leave with software, hardware, and most importantly, the knowledge they need to return to their units and put their newly acquired skills to immediate use.
There’s no doubt that Elder and the others who work in this field have endless stories they could share — the ones we’d all most want to hear — but they’re police officers, they’re used to keeping information close to the chest. Information is incrimination. Think gang members involved in illegal activities. Drug Dealers. Homicides. Suicides.
“Almost everyone uses a phone and that phone tells many stories,” says Elder. Sometimes the need to access a phone isn’t as much sinister as it is about finding the relatives of an individual found dead with no identification. “Those last text messages are full of useful information,” says Kuhl. “Other times, it’s the 20,000 text messages on a cell phone where 500 of those texts are proof of trafficking; proof that the one time you saw them dealing is not an isolated incident, the proof that may eventually lead to his incarceration.”
Elder came to this new and specialized focus in detective work through ongoing research and he’s keen to share what he’s learned with interested peers. He describes the ability to host courses at JIBC as a win-win partnership.
In the course of the week, the officers use terminology that’s unfamiliar to most of us: Flasher Box; JTAG (Joint Test Action Group); and Chip-off, the latest process for extracting user data from locked phones. There’s also logical data, which refers to the e-mail and text messages that are readily visible on a phone; and, physical data, or all the data including deleted data not readily accessible using typical forensic tools.
A suite of courses to be offered January 2014
This first course with JIBC as a hosting partner for Teel Technologies Canada is part of a suite of courses to be offered in the future at the New Westminster campus. Normally, the courses are taught only in the U.S.: Las Vegas, Los Angeles, Atlanta and Norwalk, Connecticut.
In some cases, agencies host the training at their training centers. The next line of courses begins at JIBC in January and includes: Cellebrite Forensic Certified Training; Advanced Chipoff Forensics; Programming for Mobile Forensics; and more.
In Canada, Teel Technologies also offers these courses at Peel Regional Police Training Bureau.
TEELTechnologies was hosted by the Justice & Public Safety Division of JIBC.
Visit Teeltechcanada to learn more.
Last updated April 4, 2017