Forensic software takes aim at the iPhone
Pleasant Grove (UT) – iPhone owners and software developers aren’t the only ones complaining about the access restrictions to their iPhone, it is also pretty much the only cellphone that is giving government agencies and criminal investigators a tough time accessing data that is or was stored in the phone’s memory. Now there is the first application that actually squeezes through the iPhone OS to acquire some (read: not all) data that, for example, can be used as evidence in court.
Paraben today released Device Seizure 2.0, which is the first version of the application and, to our knowledge, the first forensic application that can retrieve data from iPhones. “With a variety of options used, the new release of Device Seizure 2.0 will stop the elusiveness of the Apple iPhone and allow for quality forensic evidence to be gathered,” the company said.
Amber Schroader, CEO of Paraben, told TG Daily that until this point it has not been able to access data on the iPhone, mainly because of the lack of OS information provided by Apple. “It is essentially a baby laptop running a full version of OS X,” Schroader said. The only way to retrieve data from the device was using iTunes and related communications protocols. And even if Paraben got through to the device, the information that actually can be retrieved for forensic purposes is limited to the address book, the SMS history, call logs, calendar, notes and the file system. We were told that deleted SMS can be retrieved in some cases, but there is no guarantee as incoming SMS could overwrite deleted data in an instant.
According to Paraben, iPhones with firmware versions 1.0, 1.0.1 and 1.0.2 should release “most logical data”. iPhones with Firmware 1.1.1 and 1.1.2 allow users to “acquire most logical data if they were unlocked by some program. If they are not unlocked, Device Seizure 2.0 will allow access to the /var/root/Media folder only. The developer also said that “unlocking programs did not unlock access to contacts, call logs, and other portions of the phone.” Schroader told us that there are “vast limitations” on which data can be accessed externally and which not. She declined to say which data cannot be accessed.
Eventually, Schroader hopes that Apples iPhone SDK will enable the development of a client application to directly access the iPhone and a greater set of data. She did not say if and when such an application may be available.
Device Seizure 2.0 supports a total of 1928 different cellphones and is available now for $895.
While software makers are still trying to catch up with Apple, it appears that the company is preparing a next-generation iPhone for launch in June. According to Bank of America analyst Scott Craig, a 3G iPhone could be launching in Q3, supporting a data transfer rate of up to 2 Mb/s.