![]() ![]() ![]() If your evidence is deleted, you are more reliant than ever on using more than one tool to make sure you haven’t just picked up a spurious record from somewhere. You can never take recovered data at face value and need at least two tools to verify your results, as well as manually checking against what you can see on the phone, assuming the recovered data is live and not deleted. You can examine two phones of identical model but have plain sailing with one and a nightmare with the other. Mobile phone forensics is a strange beast. Rather than comment on individual phone models, I did two or three of each major OS (iOS, Android, BlackBerry and some other ‘dumb’ models) so my comments relate to the families rather than individual members of them. Oxygen still seems to be geared towards smart phones, although it does what my wife calls ‘dumb phones’ too, so although I’ve tried a few different types for review purposes, I haven’t tried every type. Compared to now, examination back then was slow, manual and difficult, with Oxygen being one of the few glimmers of hope if you happened to have a supported phone. For those with not quite so many miles on the clock, Symbian was the fore-runner of smart phones but had certain quirks that made examination difficult sometimes, particularly when the battery went flat and the date reset. Oxygen have been around for some time, as have I, and I remember them for excellent recovery of data from Symbian phones. There are several license types, such as “Internet” (software key), USB dongle (individual machine) and an enterprise version whereby a single USB dongle is installed on a server and allows several machines to use the software at the same time.There are also three editions of the software which comprise a Standard but feature-limited version, the Analyst version and a Passware Analyst version which is the same as Analyst but has the facility to brute-force password protected iTunes and Android back-ups.Ī comparison of these editions is available on ![]() You don’t have to be particularly savvy to use it, but you do to get the most out of it and be able to use it effectively. ![]() It is straightforward to use once you get your head around the way it works, and with some thought you can make it fit into your examination system quite easily. It claims to have the “widest range of supported devices” with over 8,400 models listed and is geared towards smart-phones with a particular emphasis on the analysis of data recovered from them. Oxygen Forensic Suite 2014 is specialist software aimed squarely at mobile phone forensics. Reviewed by Mark Rigby, Faraday Forensics Ltd ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |