Bolo wrote:
You will not find socket for this since this is MMP (Multichip Memory Package) - please look to it from side (not from top) ... if you require to get specification/pinout for NAND protocol as well as xRay you can check this http://www.techinsights.com/reports-and-subscriptions/open-market-reports/Report-Profile/?ReportKey=7906
Yes, it is A multi-chip module actually,see piturePicture1and Picture 2,
so we had to find another way to get the data .Because the phone has been tear down,can't be repair again. Any Help?
Thank you.
↧
Mobile Phone Forensics: Htc chip-off question which socket adapters to choice
↧
Mobile Phone Forensics: Mobile extractions infecting your investigative platform?
I do note from time to time that my AV (Vipre) will block some items when I'm dumping a phone download for a client.
In some cases they appear to be genuine malware attachments to emails etc, but in most cases they are false positives.
I always suspected that perhaps some legitimate mobile apps are coded in such a way that they get flagged by computer AV, but I'm not really sure.
↧
↧
Forensic Software: Sleuthkit Error
I would add that the original idea of partition type codes (though not originally explained/documented) is that of a "protective ID".
The (Microsoft) Operating Systems only know about certain partition types and if you use another partition ID won't even attempt to use/mount that partition entry (and corresponding volume).
For years we have been told that 0x07 meant HPFS or NTFS partition, but in reality what that meant was "this partition entry cannot be accessed by DOS or Windows 9x/Me).
Nowadays 0x07 can be also (besides HPFS and NTFS) exFAT/TexFAT and UDF.
The "new" UEFI standards made this definitely clear with the GPT sub-standard that introduces 0xEE as a protective partition type.
Also, Linux is different and - just for the record - it usually "accepts" also the 0x00 partition ID type, as a matter of fact this feature is largely used to boot on USB devices some (particularly pesky) Linux distro's (LiveCD's) from their .iso images, JFYI:
http://reboot.pro/topic/9916-grub4dos-isohybrided/?p=88531
jaclaz
↧
Digital Forensics Job Vacancies: Looking for Trainer
We again held a training which was suspended before We are looking for 15 day trainer logical and physical data recovery and all of tolls included raid and removable drives also forensics metodology softwares and reporting for 15 days
You can send me your cv and payement expectations to onur@fordefence.com
↧
Mobile Phone Forensics: Mobile extractions infecting your investigative platform?
This is a very good question, that illustrate yet another advantage of a stand-alone dedicated extraction solution such as the Cellebrite UFED Touch that was designed to be protected.
↧
↧
Mobile Phone Forensics: Recover data ... Stuck in Recovery - iPhone 3GS
My iPhone 5 stuck on recovery mode three years ago. But it's not a problem for me now.
↧
Digital Forensics Job Vacancies: Vacancy Announcement - Forensic Scientist (Digital Evidence)
Vacancy Announcement JO-1611-7265 for the Forensic Scientist (Digital Evidence), CS-401-12 position is Open to the Public and closes on December 9, 2016.
To apply go to the DCHR homepage at dchr.dc.gov and access the Careers DC tab at the top left of the homepage click on Register to apply for position or log in to the PeopleSoft and access the Self Service homepage. Search the Department of Forensic Sciences in the Agency drop down menu. Under the Search Results, click on Job Title, “Forensic Scientist (Digital Evidence)”. Please thoroughly review the announcement and confirm your experience meets the qualifications, then scroll to the bottom of the webpage. At the bottom, there will be a hyperlink to select titled “Forensic Scientist (Digital Evidence)” and follow the instructions to upload resumes, ranking factor questions, and any other requested documentation.
Please click on the link below to go directly to the job posting:
http://dcgov.force.com/external/apex/ts2__JobDetails?jobId=a0K1600000k9m0nEAA
↧
Mobile Phone Forensics: How to determine when a memory card is inserted
When you connect a memory card to run Android Media Scanner, which scans all the media files to the external drive. The list of files and the date of the scan (the date of the creation of records in the database) are recorded in external.db, /data/com.android.providers.media/database. If you have a memory card, which is connected, you can compare the files stored on it with a list of files included in external.db. Latest records about the files in external.db can testify about the date of a memory card connection.
↧
Mobile Phone Forensics: ipad A1337 jailbreaked , but no data recovery !!
qassam22222 wrote:
i try to use testdisk to recover deleted files nothing restored !!
May be, it happened because files of the device are encrypted. <img src="images/smiles/icon_wink.gif" alt="Wink" title="Wink" />
qassam22222 wrote:
is this steps rights or what ??echo ios-root.img > /dev/null <img src="images/smiles/icon_lol.gif" alt="Laughing" title="Laughing" />
↧
↧
Mobile Phone Forensics: Backup of Android Device
Coolmuster Android Assistant could backup everything from android device to computer, like text messages, contacts, photos, etc. But it can't transfer app data and settings.
↧
Mobile Phone Forensics: MediaTek Download Mode
Hi All,
Need to find info about MediaTek Download Mode and How to does it work?
Thanks.
↧
Mobile Phone Forensics: Htc chip-off question which socket adapters to choice
Hey, we have the emcp529 socket, I've attached the photo below and also the emcp 529 chip.
Contact me if you're intrested in these sockets or data recovery from android phones or Samsung S6, we can help you. alice@allsocket.com http://p1.bpimg.com/567571/2fd7f4e54c86e62e.png http://p1.bpimg.com/567571/a313a1ef99e0ae7c.jpg
↧
Mobile Phone Forensics: Thoughtful function is also good for investigation
Did you know how many friends in your IM? Some of them you are not familiar with, but your friends close to you are their friends..So your get acquainted with friends' friends easily in a complicated social network.
Figure out the relationship for suspect and his/her friends is helpful for investigation. Let's take iPhone for example. A very thoughtful fucction called "Set up family sharing". With Family Sharing, family members get immediate access to each others’ music, movies, TV shows, books, and apps, and can download them to their own devices any time they like. But guess what? It could also let family members know where your iPhone is.
You guys could take a look at my blog to see what's going on.
http://www.cnblogs.com/pieces0310/p/6124014.html
↧
↧
General Discussion: vhdx: solved
Dear all I solved the situation. Using windows 10 I mounted the vhdx file. And then with ftk imager created the copy of the virtual drive.
thanks
↧
Digital Forensics Job Vacancies: Digital Forensics Marketing Manager Required
Marketing Manager, leading to Director position for appropriate candidate
Package to £60k
Location: Horsham, but would consider applicants in the USA
Start Date: ASAP
We are a recognised market leading vendor of forensic and security software solutions and professional services for the Security, Police and Corporate markets, having already established ourselves as the “Number 1” in the Military market for our solutions with patented technologies. The company has a strong and growing reputation in the UK and world-wide markets, and has entered a major growth phase in its overseas development. As a result there is a need to appoint an experienced Marketing anager to support our growth.
Our culture is entrepreneurial, hugely 'can-do’ and free from red tape. As such, you will need to be an individual who thrives on personal accountability and making things happen. There are significant career and financial benefits for those that deliver results. We believe in giving people with the right attitude, opportunity to grow and develop and the successful candidate should be appointed to Director within 2 years if results are delivered.
MCM Solutions is looking for a marketing heavyweight, with experience in the digital forensics sector preferably internationally. In order to fulfil this role, it is essential that you have the ability to co-ordinate all company marketing activities, including but not limited to marketing material, events, database management etc... To be considered, you must be able to demonstrate creativity with a keen interest in Marketing and the world of Business. A qualification in Marketing / Business Studies subjects and/or relevant internships or experience is essential, along with a full and clean driving licence and passport. ‘Design software package’ knowledge and knowledge of the HTML language would be beneficial, but is not essential.
Duties/Responsibilities
• Build the MCMS and Detego brand and build the marketing department
• Deliver and target the right messages to the right market sector from each of our products
• Understand the products to produce brochures & other marketing materials.
• Overseeing events and the marketing calendar
• Maintain website
• Designing and mailing out marketing campaigns, both general and targeted to generate business
• Helping to manage and update the customer database to ensure effective targeting
• Keeping up to date with Market research
You Must
• Industry experience and contacts
• Have the knowledge and ability to deliver marketing campaigns across a range of platforms and channels
• Be comfortable co-ordinating a number of different projects within tight deadlines
• Be innovative, organised and proactive
• Have the confidence to present new sales and marketing ideas to senior management and drive this forward
• Have a confident manner with excellent written/verbal communication skills
• Have a track record of achieving tasks and projects to completion
• Be visually creative. Photoshop and Illustrator experience desired.
• Co-ordinate all company marketing activities
CVs & Covering Letter to emma@mcmsolutions.co.uk
↧
Mobile Phone Forensics: How to determine when a memory card is inserted
tito wrote:
When you connect a memory card to run Android Media Scanner, which scans all the media files to the external drive. The list of files and the date of the scan (the date of the creation of records in the database) are recorded in external.db, /data/com.android.providers.media/database. If you have a memory card, which is connected, you can compare the files stored on it with a list of files included in external.db. Latest records about the files in external.db can testify about the date of a memory card connection.
Thank you. It helped me.
↧
Mobile Phone Forensics: Write blocker on smartphones?
Write blockers are used on attaching interfaces. For example if you block a USB port (or SATA, etc.) to be read-only, whatever device you connect to it, writing on it won't be possible.
It doesn't matter if it is a disk, pendrive, phone, tablet, etc.
↧
↧
General Discussion: Regripper profilelist entries
That is your opinion, I can't help that
I've seen many server/client bad practices followed by so named "experts", because they found something they considered valuable on a workstation. After lots of work for nothing they started having doubts about trusting the local workstation registry. They ended up using only server logs for the whole analyzing process and at the end they only verified if the workstation logs/registry entries are confirming the results they obtained.
When the server is trusted this way of doing things leads to results and not to bogus issues.
When they server can't be trusted, it doesn't matter what ways of analyzing are used to get at the end bogus results
↧
Forensic Software: File carving software
FTK and R-studio I have always been pleased with these software!good luck!
↧
Mobile Phone Forensics: Htc chip-off question which socket adapters to choice
In fact, we've got the 2 glued chips and found that they're not the restored data chip, of course, they're not emcp529 also.
↧