Other issues in this category (26)
They will fish out everything
Friday, February 14, 2020
You’ve probably seen how movie characters destroy data by smashing computers and even shooting at them. And many people still believe that mobile gadgets use the same hard drives as ordinary desktops. Of course, we can't make claims about all the devices in existence, but just try to compare a standard hard drive with sleek modern smartphones and tablets. It’s much thicker.
State-of-the-art gadgets store data on devices that look more like small flash drives. More often than not, the storage is soldered to the circuit board to keep the gadget as compact as possible. Because of this, to dispose of the storage, one needs to know exactly where it is located and manage to take a clean shot.
So, even if a device is severely damaged, the information can still be recovered (if one is willing to pay the price).
The NIST (the National Institute of Standards and Technology) tested forensic methods for getting data from damaged mobile phones.
The researchers ran their tests on 10 popular models of Android-powered smart phones.
The NIST experts used two data extraction methods. The first method takes advantage of the fact that many circuit boards have small metal taps that provide access to data on the chips. Manufacturers use those taps to test their circuit boards, but by soldering wires onto them, forensic investigators can extract data from the chips. This is called the JTAG method, for the Joint Task Action Group, the manufacturing industry association that codified this testing feature. First - JTAG, in its essence using the fact that many printed circuit boards are small metal branches, which provide access to the data on the chips. Manufacturers use these outlets to test their PCBs, but soldering wires to them, forensic investigators can retrieve data from the chip. Chips connect to the circuit board via tiny metal pins, and the second method, called “chip-off,” involves connecting to those pins directly. Experts used to do this by gently plucking the chips off the board and seating them into chip readers, but the pins are delicate. If you damage them, getting the data can be difficult or impossible. A few years ago, experts found that instead of pulling the chips off the circuit board, they could grind down the opposite side of the board on a lathe until the pins were exposed. This is like stripping insulation off a wire, and it allows access to the pins.
Then the researchers used eight different forensic software tools to interpret the raw data, generating contacts, locations, texts, photos, social media data, and so on. They then compared those to the data originally loaded onto each phone. The comparison showed that both the JTAG and chip-off methods extracted the data without altering it.
Note that the NIST only studied how data can be extracted but didn't attempt to decrypt it.
The Anti-virus Times recommends
If your PC or handheld stores important data, keep it encrypted. And toggle on the Dr.Web Anti-theft on your smartphone or tablet to prevent attackers from rummaging in your gadget, should it get lost or stolen.