by Alain Filotto | Apr 11, 2024 | Forensics, General Topic
In today’s digital age, mobile devices have become an integral part of our lives, storing a treasure trove of information that can be crucial in legal proceedings. From text messages to emails, photos, and app data, mobile devices often hold the key to unravelling complex cases. As a digital forensics expert, I often find myself at the forefront of acquiring and analyzing this vital evidence. In this blog post, we’ll explore the three types of acquisitions—logical, file system, and physical—and delve into the intricacies of recovering deleted data from both Apple and Android devices.
Logical Acquisition
Logical acquisition involves extracting data that is accessible through the device’s operating system. This method is non-intrusive and typically yields a comprehensive snapshot of the device’s current state. Legal professionals often opt for logical acquisitions when seeking recent communications, call logs, and app data. However, it’s essential to note that logical acquisitions may not capture deleted or hidden data.
File System Acquisition
File system acquisition goes one step further by directly accessing the device’s file structure. This method provides a more comprehensive view of the device’s storage including metadata. File system acquisitions are particularly valuable in cases where more evidence is needed than a simple logical acquisition. For legal professionals, this means a deeper dive into messages, images, and documents that could make or break a case.
Physical Acquisition
Physical acquisition is the most comprehensive method, involving a bit-by-bit copy of the device’s storage. This approach captures every byte of data, including hidden and deleted files, making it the gold standard for mobile forensic examinations. While physical acquisitions provide unparalleled insight, they also require specialized tools and may be subject to legal constraints. Nevertheless, for legal professionals seeking irrefutable evidence, physical acquisitions offer a comprehensive solution. The good news is that we have access to VeraKey which allows us to obtain physical acquisitions for most mobile devices!
Recovering Deleted Data
Both Apple and Android devices pose unique challenges when it comes to recovering deleted data. Apple’s iOS employs stringent security measures, making it difficult to access deleted information without specialized tools and expertise. However, with the right techniques, forensic experts can often recover deleted messages, photos, and app data from iCloud backups or device backups stored on computers.
On the other hand, Android devices offer a more varied landscape, with a multitude of manufacturers and operating system versions. While some Android devices may offer easier access to deleted data, others may pose significant hurdles. Forensic experts leverage a combination of techniques, including manual analysis and specialized software, to recover deleted data from Android devices.
Conclusion
In the realm of digital forensics, the acquisition and analysis of mobile devices play a pivotal role in legal proceedings. By understanding the nuances of logical, file system, and physical acquisitions, legal professionals can better navigate the complexities of digital evidence. Furthermore, with the ability to recover deleted data from both Apple and Android devices, forensic experts provide a valuable resource in building robust cases.
In summary, whether it’s uncovering incriminating text messages or retrieving deleted photos, mobile forensic acquisitions offer a wealth of opportunities for legal professionals seeking to present compelling evidence in court. By partnering with experienced digital forensics experts, lawyers can ensure that no digital stone is left unturned in their pursuit of justice.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Jan 3, 2024 | Cybersecurity, Forensics, General Topic
Happy new year everyone! For Christmas I got myself a new phone. The screen was broken on my old one and it was cheaper to get a new one than to fix it! Such is life in the modern world. I’m pretty cheap when it comes to phones, I always buy last year’s model on Craigslist. I get the phone new of course, usually Christmas gifts people don’t want or need. I got me a nice Samsung S22 (don’t forget to reset the phone to factory settings). Anyway, I’m always amazed at all the notifications being pushed out by ALL the apps. So I spent a good hour turning everything off and I thought it would make a good blog. I turn off almost all of the notifications on my phone, even LinkedIn. Our mobile devices have become indispensable tools, seamlessly integrating into every aspect of our lives. Over the last 30 years I’ve witnessed the evolution of technology and its impact on society and people. One of the significant challenges we face today is the incessant stream of notifications that permeate our mobile devices, disrupting daily life, hampering productivity, and even affecting the health of our children. In the words of comedian Chris Rock in his great video about dealing with the police, “Turn that shit off”!
The Constant Buzz:
Our smartphones have become a constant companion, alerting us to every message, email, social media update, and news flash. While notifications were initially designed to keep us informed, they have now become a double-edged sword, disrupting the flow of our daily lives. I’m mostly worried about the impact this has on kids. Have you seen the Netflix documentary The Social Dilemma? Go watch it now! No wait, finish reading my blog first:)
Interrupted Productivity:
For those of us who rely on concentration and focus in our work, the barrage of notifications poses a serious threat to productivity. Whether you’re in a crucial meeting, working on a complex task, or trying to unwind after a long day, constant interruptions can significantly hinder your ability to perform at your best. This isn’t just a matter of inconvenience; it’s a productivity crisis that affects individuals across various professions. Remember this, notifications are like someone else trying to use YOUR time.
Children’s Health at Stake:
The detrimental effects of mobile notifications extend beyond the realm of adults and into the world of children’s health. With the rise of smartphones and tablets as babysitters, children are increasingly exposed to the same flood of notifications that adults contend with. Studies have shown that excessive screen time, coupled with constant interruptions, can lead to issues such as sleep disturbances, attention deficits, and even behavioural problems in children. My kids were upset with me as I did not let them have their phones at bedtime. But it was for best interest.
Balancing Act:
I understand the importance of staying connected in an increasingly digital world. However, it is crucial to strike a balance between leveraging technology and being consumed by it. Here are some practical tips for mitigating the negative effects of mobile notifications:
1. **Customize your notification settings:** Take control of your device by customizing notification settings. Prioritize essential alerts and silence unnecessary ones during specific hours.
2. **Schedule notification breaks:** Designate specific times during the day to check and respond to notifications. This allows you to maintain focus during work or quality time with family.
3. **Establish tech-free zones:** Create designated areas or times in your home where mobile devices are off-limits. This promotes healthier communication, fosters relationships, and prevents constant distraction.
4. **Parental controls:** Implement parental controls on devices used by children to limit screen time and exposure to potentially disruptive notifications.
Conclusion:
As we navigate the digital landscape, it’s crucial to be aware of the impact that mobile notifications can have on our daily lives, productivity, and the well-being of our children. Striking a balance between staying connected and maintaining a healthy, focused life is key. I encourage individuals and families to adopt mindful technology usage to ensure a harmonious and productive existence in our digital age.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Nov 16, 2023 | Cybersecurity, Forensics, General Topic
After an amazing 20 years in business, TCS Forensics Ltd. will be ceasing operations at the end of this month. I have been authorized to make the announcement. I want to wish Keith Perrin the absolute best retirement 🍻! You deserve it my friend. You are one of the hardest-working persons I know. I worked with Keith after I retired from the RCMP and I consider him to be a mentor. I would not be where I am without him.
I am also proud to announce that ALPHAFOX Forensics Ltd. 🦊 has been designated as a point of contact for all clients who currently have an open case with TCS or require any #digitalforensics work in the future. Please contact me and I will ensure your case is well looked after and that the transition is very smooth. #dfir #lawyers #legalcase #mobileforensics #expertwitness
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Oct 25, 2023 | Forensics
Introduction
I love the image above. When I started policing in 1992 I was posted at Surrey Detachment, the largest RCMP Detachment in Canada. We had only 2 of those phones for the entire Detachment! The battery weighed like 5 pounds lol. In today’s digital age, the importance of mobile devices in both our personal and professional lives cannot be overstated. These small gadgets serve as a treasure trove of information, often holding the key to solving intricate legal cases. For lawyers, understanding the realm of mobile device forensics is crucial, as it provides a wealth of digital evidence that can be instrumental in a trial. In this blog entry, I will explore the world of mobile device forensics, shedding light on the types of digital evidence lawyers can use to build a strong case.
The Rise of Mobile Device Forensics
Mobile device forensics is a branch of digital forensics that focuses on the recovery and analysis of digital evidence from smartphones, tablets, and other portable devices. Over the past few years, mobile devices have become an integral part of our daily lives, and their role in criminal investigations and civil litigation has grown exponentially.
Key Types of Digital Evidence
- Text Messages and Call Logs: Mobile devices store a record of text messages and call logs, which can be crucial in establishing timelines, alibis, and communication patterns between parties involved in a case. These records can be instrumental in both criminal and civil matters.
- Email and Social Media Content: Emails and social media applications provide a goldmine of information. Lawyers can access conversations, shared content, and even deleted messages to piece together a comprehensive picture of a person’s online activities and connections.
- Geolocation Data: Mobile devices continuously track their users’ locations. This information can be used to corroborate or refute an individual’s claims about their whereabouts at a particular time, making it invaluable in cases involving alibis or the movement of suspects.
- Multimedia Files: Photos and videos often contain timestamps and geolocation data, which can be used as evidence. This can be particularly important in cases involving harassment, cyberbullying, or intellectual property theft.
- App Data and Browsing History: The apps installed on a mobile device can provide insights into a user’s interests, activities, and even financial transactions. Browsing history can reveal internet searches, website visits, and much more.
- Device Logs and Metadata: Mobile devices generate extensive logs and metadata, which can be useful in verifying the authenticity of other evidence and uncovering a device’s usage history.
An Example
Alex Murdaugh was convicted of killing his wife and son. Crucial evidence was found in the son’s mobile phone 2 years after it was seized! Murdaugh had always claimed he was not at the crime scene. When the phone was finally unlocked, police found a video the son had made. In the background, Murdaugh can be heard, so he was at the crime scene. And 5 minutes before the deaths. That’s as good as a smoking gun!
Challenges and Legal Considerations
While mobile device forensics is a powerful tool for lawyers, it comes with its set of challenges and legal considerations. It’s essential for legal professionals to understand the following:
- Privacy Concerns: The process of extracting data from a mobile device can be intrusive, and privacy concerns may arise. Lawyers must ensure that the evidence obtained is collected legally and ethically, respecting the individual’s privacy rights.
- Chain of Custody: Proper chain of custody procedures must be followed to maintain the integrity of digital evidence. This includes documenting who handled the device, where it was stored, and how it was preserved.
- Expert Testimony: In many cases, it may be necessary to bring in a digital forensics expert as a witness to explain the process of data extraction and the significance of the evidence. This is where I come in. I have testified as an expert on many occasions.
Conclusion
Mobile device forensics has revolutionized the legal landscape, providing lawyers with a powerful tool for gathering digital evidence that can significantly impact the outcome of a trial. Understanding the types of evidence that can be obtained from mobile devices and the legal considerations involved is essential for lawyers seeking to leverage this technology effectively.
In an era where our lives are increasingly intertwined with technology, mobile device forensics has become a critical component of modern legal practice. As lawyers, embracing this field can help you build stronger cases and present compelling evidence in the courtroom.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Sep 6, 2023 | Cybersecurity, Forensics
First things first, Elon Musk is in no way associated to Quantum AI and it’s cryptoscam. Neither is Tucker Carlson or any of the personalities used for promotions. It’s all DEEP FAKES! In the ever-evolving realm of cryptocurrencies, the allure of quick profits has not only attracted legitimate investors but also a new breed of scammers. These scammers, operating on the fringes of technology, have found ways to exploit artificial intelligence (AI) for their illicit schemes. In this blog, I will delve into the dark side of AI, exploring how it is being used to perpetrate crypto scams that bear eerie similarities to Ponzi schemes. Specifically I will look at a recent scam I was made aware of, Quantum AI.
The Crypto Scam Landscape
Before we delve into the misuse of AI in crypto scams, it’s crucial to understand the nature of these fraudulent activities and their resemblance to Ponzi schemes.
1. Ponzi-Like Deception: Much like Ponzi schemes, crypto scams lure unsuspecting victims with promises of astronomical returns on their investments. Scammers craft narratives of guaranteed profits through various investment vehicles, often citing fabricated success stories to create an aura of credibility. In this case, the links pointed to Fake websites that looked like the official sites of CNN or Forbes.
I looked up Johnathan Ponciano. He is a real reporter with Forbes and unfortunately a victim of this scheme. I sent him a message about it.
These scams will also use urgency to make you decide quickly. Fake, fake, fake!
2. Shadowy Operations: In the spirit of Ponzi schemes, crypto scam operators often conceal their true identities, making it virtually impossible for victims to unmask or hold them accountable. In this case the actual website is https://catwaring.com which was created only a few days ago with https://www.namecheap.com. And finally the registration is with an anonymizer service, https://withheldforprivacy.com, which is based in Reykjavik, Iceland,
3. Recruitment and Expansion: Just as Ponzi schemes rely on the recruitment of new investors to pay off earlier ones, crypto scams thrive by continuously bringing in fresh victims. This cycle sustains the illusion of profitability until you want to take money out. Then you have to pay “fees” and more fees and you never get any money. I’ve had clients who lost several thousand dollars! This scam even pretends to have a positive social impact…
AI’s Role in Perpetrating Crypto Scams
Now, let’s explore how AI is playing a pivotal role in enabling crypto scams:
1. Sophisticated Phishing: AI-powered algorithms can craft convincing phishing emails and websites that imitate legitimate cryptocurrency platforms. These scams trick users into sharing sensitive information, such as private keys or wallet credentials, leading to the theft of their assets.
2. Social Engineering: AI-driven chatbots and voice synthesizers can simulate human interactions, making it easier for scammers to manipulate victims through online chat or voice calls. These deceptive tactics increase the chances of users falling for fraudulent schemes.
3. Fake News and Pump-and-Dump Schemes: AI-generated fake news articles and social media posts can artificially inflate the reputation of certain cryptocurrencies, driving up their prices. Scammers then sell off their assets at a profit, leaving unsuspecting investors with worthless tokens.
4. Targeted Scam Campaigns: AI can analyze vast datasets to identify potential victims based on their online behavior and preferences. Scammers can tailor their scams to appeal specifically to these individuals, increasing the likelihood of success.
Comparing Crypto Scams to Ponzi Schemes
While crypto scams share similarities with Ponzi schemes, the use of AI introduces unique aspects to the deception:
1. Technological Advantage: Crypto scams leverage cutting-edge AI technologies to craft convincing schemes, making them more sophisticated and harder to detect than traditional Ponzi schemes.
2. Global Reach: The decentralized nature of cryptocurrencies allows AI-powered scams to target a global audience, whereas traditional Ponzi schemes are often limited in scope.
3. Evasive Tactics: AI enables scammers to remain anonymous and change tactics quickly, making it challenging for authorities to track and apprehend them.
Conclusion
The misuse of artificial intelligence in crypto scams represents a dark and evolving facet of the cryptocurrency landscape. While AI has tremendous potential for legitimate applications, it is essential to remain vigilant and skeptical in this digital age. There is a great review of this scam here https://csracademy.org.uk/quantum-ai-elon-musk-review-scam/
To protect oneself from the alluring but perilous world of crypto scams, individuals must stay informed, exercise caution, and be wary of too-good-to-be-true promises. As scammers continue to harness AI for their illicit schemes, it’s crucial for users to educate themselves and seek out reliable sources of information to navigate the cryptocurrency space safely.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Jun 7, 2023 | Forensics
Introduction
In the digital age, the vast amount of information stored within a computer system can be both awe-inspiring and overwhelming. When I was a police officer, we used the following information to explain to both prosecutors and defence lawyers, why it was not possible to print everything on a computer. As lawyers, it is crucial to understand the practical limitations when dealing with data, especially in cases involving stolen information or data breaches. In this blog post, I will explore why it is virtually impossible to print all the information found in a computer and provide some eye-opening calculations to emphasize the enormity of this task.
The Byte and Its Implications
The math required to calculate how much paper you need is fairly simple. Every character typed on a keyboard requires 1 byte of storage. To put things into perspective, a typical Microsoft Word document consists of approximately 500 words, which is equivalent to roughly 3,000 characters. One megabyte (1MB) is 1 million bytes. Based on this estimation, we can deduce that 1 million characters would require over 300 pages of paper to print. Keep in mind that these calculations only pertain to text-based data and do not account for images or videos. You can buy a 500-page stack of paper almost anywhere. They measure about 5 centimetres in height or 2.5 inches. Using theses numbers, we can calculate the paper needs for any size of data.
Scaling Up: From Megabytes to Gigabytes
To delve deeper into the magnitude of the challenge, let’s consider the concept of storage units. One gigabyte (1GB) is 1,000 times larger than a megabyte (1MB). Hence, if 1MB results in over 300 pages, 1GB would encompass more than 300,000 pages of printed text. To visualize this staggering amount, imagine a stack of paper stretching approximately 30 meters in height!
Expanding the Scope
Now, let’s apply these numbers to a more comprehensive scenario. If we multiply the number of pages per gigabyte (300,000) by 100 (100GB is typical for a data breach), the result is a mind-boggling 30 million pages! To put this figure into context, imagine a towering stack of paper measuring over 3 kilometres in height (1.86 miles). To provide a relatable comparison, this height surpasses the impressive CN Tower in Toronto, which stands at 553 meters (more than 5 times). Hence the image of this blog:)
And that’s just 100 gigabytes. A typical hard drive these days is 2 terabytes or 2000 gigabytes! (20 times larger or 60 kilometres)
The Time Factor
To further emphasize the impracticality of printing such an enormous amount of data, let’s consider the time it would take to complete the task. Assuming a steady pace of one page per second, it would require approximately 1 year to print the aforementioned 30 million pages. This staggering time frame highlights the overwhelming nature of the endeavour, making it clear that printing all the information found in a computer is an arduous and virtually impossible task.
Conclusion
In the realm of law, dealing with evidence, data breaches or stolen information often involves grappling with massive amounts of digital data. It is important for lawyers to grasp the inherent limitations when it comes to printing such vast quantities of information. The calculations presented here serve as a stark reminder of the unfeasibility of physically reproducing the contents of a computer on paper. As legal professionals, it is vital to adapt to the digital era and develop strategies to navigate the complexities of digital data effectively. The advantage here is that if you want to show that the data stolen in a data breach is large, these calculations can help your case. I’ve provided this service in the form of opinion reports.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto