Social Media and Cell Phone Forensics

Social media and cell phone forensics can play an important role in thwarting criminal activity. Check out this conversation between Cyber Forensic Expert Lee Neubecker and Data Diva, Debbie Reynolds. You will be so much smarter afterwards!

Snap Chat, Twitter, Facebook: Social Media and the Importance of Cell Phone Forensics

Lee Neubecker and Debbie Reynolds, the Data Diva, discuss the role of law enforcement in capturing social media posts when trying to thwart the bad guys coordinating a riot or the more recent looting incidents in Chicago. During this difficult time in our nation, what is the role that cell phone forensics should take? Did you know that Apple phones have the ability to automatically shut down when stolen and have a beacon that will detect the location of the phone making it easy for law enforcement to come knocking on the thief’s door? Check out this video to learn more about the role of social media and cell phone forensics.

Transcripts of Video Follows

Lee Neubecker (LN): Hi, it’s Lee Neubecker, and I have Debbie Reynolds back on the show, Debbie thanks for being on remotely.

Debbie Reynolds (DR): Thank you for having me.

LN: So I asked you to come on so that we could talk a little bit about some of the recent lootings that have happened in Chicago and other areas across the country. And what could be happening, as it relates to cell phone forensics and how law enforcement can be using that to get to the bottom of how these coordinated attacks are being planned and who might be involved.

DR: Most of what I know about this is basically what you told me so, why don’t you just sort of share what your experience has been so far in the current environment, and then we can talk from there?

LN: Sure. Well, right now, I know that some of the looters that were apprehended had cell phones on them. We don’t know exactly how the information is being used by law enforcement, but technically, an example of things that could happen could include, doing forensics on the cell phone, identifying Snapchat handles they have communicated with, looking at text messages, looking for Twitter accounts and postings. And potentially, what I saw happening during the last week, at least in one instance, there was a post made to Twitter by a user that made a reference to doing a gig at Urban Outfitters on the West Side, and roughly a few hours after, that post went out on Twitter, referencing Urban Outfitters, Nike’s, Liquor and other things. Around four hours after that, looting that went on at that store, so that handle that posted and anyone else that reacted to that post could certainly have been alerted to the potential for mass looting in a coordinated way via social media.

DR: Yeah, I think even though the police do have capabilities to do that type of tracking and tracing, they they do heat maps of certain things. The problem is that these incidents, if they are coordinated, they happen pretty quickly so it’s sort of hard for them to kind of preempt it. But as you said, always, they have capabilities, right? To do anything with like cell phones that they capture, but they also have capabilities to do things like geofencing about who was in the area at certain time. So, a lot of what they’re doing is not necessarily preemptive or pre-crime is more of, if something is happening or has happened, they can go back and try to backtrack or trace or… If there are people on the scene they can apprehend whoever is there that’s doing whatever and they sort of build it out from there, right?

LN: Yeah, but just the other day, someone was captured and apprehended in… They got caught because they were posting their raid via social media, and they had a live view of them going to bomb, they were threatening to bomb the place and looted, taking cash registers and the stuff was, this someone that was not from Chicago, I think from downstate, somewhere that came in and came in with a goal to create problems and had a past history of that, but the person had the audacity to post it to Facebook, and the FBI just busted them and they’re indicted now.

DR: I don’t know why people share such things on social media. Because yeah, they do track and trace that. But, a lot of the things especially as I saw, it seemed like a lot of stores that have things like mobile phones have been attacked. And as you know those things are pretty easy to trace back. So I don’t know how far people–

LN: Apple had LoJack, in all their phones at the retail store, and so people who took those phones likely those phones likely got located but-

DR: Oh yeah, definately.

LN: I don’t know that that’s happening at the the cheap cell phone stores, the burner phones.

DR: Well, yeah, those are… No, I mean, they probably… If anything, obviously may have serial numbers and stuff like that but, once you… Whether it’s broken, or people change sims or whatever, it’s harder to track that stuff down. But yeah, the Apple phones, yes. They wouldn’t have very much problem. I think as I heard, I read that what Apple had done is for all the phones that were stolen from them, they were able to lock those down. And then it had a screen on there so that you actually couldn’t use it. So, that’s what I heard was happening with Apple.

LN: Yeah, well, they also have the ability to beacon out and send GPS location so-

DR: Oh, absolutely.

LN: People who are buying stolen Apple phones might find someone knocking on their door, law enforcement.

DR: Yeah, it’s probably not a good idea to buy one off the street at this point. So yeah.

LN: Yeah. Well, any thoughts on your concerns if the privacy issues that might relate to mere surveillance on people and tracking social media posts and actually getting in and subpoenaing phone numbers that were taxed to help try to prevent looting from happening?

DR: Well, okay. I guess that’s a couple of different things rolled up into one. So, obviously I’m concerned with mass surveillance, especially if it is capturing information not accurately or targeting people who may not have even been involved. So for example, a cell phone can’t tell like let’s say for instance, you’re standing at a corner and I’m at the stoplight. It says we’re next each other, but we’re not together. So, a cell phone tracking can’t really tell that so eury people who aren’t involved, who are innocent, who are especially in this regard, peacefully protesting, having them be adjacent to other people doesn’t mean that they were involved so-

LN: Lets just say though, for instance, that they found that there was a string of businesses hit, the Foot Locker, then Denny’s Liquor, CVS and Walgreens.

DR: Yeah.

LN: There were a group of 20 people that all pinged off the four cell phone towers at the same times, and we’re in close proximity to that and a few other people were ID’d, would that be enough to justify surveillance on people where there were four cell phone towers in common across a range that put them all in the vicinity of where looting took place?

DR: I’m not sure if it would justify surveillance, so to speak, but I think that if they have other evidence, it may help them target those people more closely but, in terms of sweeping people up in surveillance exercise, I don’t think that’s going to happen unless they have additional information. So, let’s say they have information just like you said, like, okay, these people are in the vicinity and then they posted a picture on Facebook with some loot gear that they got, that would be enough, I think, to justify surveillance but just the fact, surrounding the vicinity, that’s probably not enough to go on, I don’t think.

LN: I appreciate your opinions and thoughts on this. It’s a difficult time right now and hopefully we’ll have stability and we’ll have people held accountable on all fronts, not just the leaders.

DR: Yep, I agree.

LN: Yeah, thanks Debbie.

DR: You’re welcome.

See Similar Posts

Technical Solutions: Cell Phone Privacy

Is it necessary to have Apple provide a back door so that law enforcement can access a person’s cell phone? Computer Forensic Experts Lee Neubecker and Debbie Reynolds say there are technical solutions to use instead.

A law-abiding citizen or a criminal’s cell phone can be the largest piece of evidence in a criminal investigation. Once confiscated, cell phones are powerful tracking devices that can be used to infringe on an individual’s cell phone privacy. In this video, Data Diva, Debbie Reynolds of Debbie Reynolds Consulting’s and renowned Computer Forensics Expert Lee Neubecker, CEO & President of Enigma Forensics share their cell phone cracking technical solutions. Is the government’s desire to have a backdoor into all smartphones really necessary? No matter what security measures are placed on smart phone devices, there are many technical solutions available from the computer forensics experts to utilize when attempting to unlock a mobile smart cell phone. Check out this video to learn what technical solutions available that don’t require going back to the manufacturer and asking them to create a backdoor.

Experts discuss unique technical solutions available to retrieve cell phone information

Cell Phone Privacy: Part 3 of 4

Lee Neubecker: Hi, thanks for watching the show again, we’re now talking again about cell phone forensics as it relates to privacy issues and our government’s request to get information on specific cell phone users. I have Debbie Reynolds the data diva back on the show. Joining me again, and to help me elucidate some of the unique issues that relate to the current situation.

Debbie Reynolds: Right, so there are privacy issues obviously with being able to track, or be able to crack someone’s cell phone. In a law enforcement situation, time’s of the essence. They want to be able to get the information on the cell phone the best way that they can. The issue is, and especially with the Louden news reports, they aren’t exactly accurate about how this happened. So in order to do this cracking of certain cell phones, there are things that forensic folks, like Lee can do to actually do this that don’t require you going back to the manufacturer, asking them to create a backdoor. My opinion, and I think this is something that was echoed by Apple in their objection to this. Is that, you know, the iPhone or the cell phone is their invention. And the way that they do privacy for phones is kind of their unique, you know, secret sauce or special sauce so. Being able to, Having to try to do that is sort of the antithesis of what they’re doing, of their invention. And I’m not seeing any court cases where ever. Where someone had to literally create, invent something to sort of negate their own invention.

LN: And even then government, like, our US government has resources to have a lab where they can use equipment to actually replicate all the chips and storage devices. And then make a virtual machine where they can brute-force crack the device without worrying about the three false passwords that slow it down. Because if you virtualize, if you duplicate the embedded memory off the D-Ram, the various chips and storage, you can then set up a mass server farm of virtual machines to just pound away, trying combinations. And with quantum computing, it wouldn’t take much time, but that isn’t even necessary today. There are easier tools to get into the phones, but the real issue becomes if, it would much be like if the government said we want everyone to have one particular key-type for their home.

DR: Right.

LN: So that we have a key that we can take and we can get into any door without having to break down the door.

DR: Yeah.

LN: And the problem with that is, what happens when someone gets fired from the FBI and they copy that key? You know, then we got to lock change every house in America? And every business.

DR: Yeah, who’s to say, I mean not every person who has a phone is a criminal. So if you think let’s say you know 1% of everyone who has cell phones is doing a criminal activity, so should 99% of everyone else have these vulnerabilities that, you know, hackers love to have. They would love to be able to crack into your phone and do different things.

LN: That could actually you know lead to HIPAA violations, you know there are physicians and people that have some medical data as they connect to their work machines. and if there’s this weak backdoor key, that creates a problem. Now, I want to talk a little bit about how I think they could do it and it hasn’t been done yet.

DR: Okay.

LN: But if Apple were to issue, I mean if you have a multi-key solution where anyone key alone doesn’t work. But the FBI could make a request to the justice department, to the judiciary, a judge of some sort. The judge could issue a key unique to the cell phone IMEI identifier, and then that information could be a key that then goes to Apple or to Microsoft or whatever provider, who then generates a key that can unlock the phone. So you can have a multi-key solution, but it’s specific to the phone and that would preclude a situation where any one person’s key gets leaked and all phones are compromised. And, you know, if for instance the FBI’s key that they use to generate request keys, if that got compromised they would rotate that and going forward new keys would be used and they’d invalidate all the others. But you’d have a technical means to still get into the phone without necessarily meaning that every phone is totally open to one key.

DR: I think so, but I think, that’s actually a smart solution. But I also think companies like Apple, and I’m, we’re just picking on Apple ’cause the phone was an Apple phone that we’re talking about. But, you know, companies are in business to make money, and not to be law enforcement. So there’s probably not a lot of money in law enforcement stuff for them, so they may not be compelled, or feel like this is something they really want to invest a lot of time or energy in. Especially because there are smart people that do this for a living and can actually do this work.

LN: I support the idea that if there’s a terrorist out there, that we should have a system that does allow to get into that phone, but there’s got to be a check and balance, it can’t just be one person acting alone or else it inherently makes everything insecure.

DR: I agree, I agree. Yeah, it’s a tough issue, I feel like people get really, sort of, wound up about it. especially ’cause they’re thinking about sort of, patriotism and freedom and stuff like that. But you know there’s a way to solve this problem without creating problems for the whole world basically.

LN: Thanks for watching this segment, in our next segment we’ll talk about the more recent story regarding the Pensacola Naval Air Station terrorist attack, as they’re calling it. And the FBI’s renewed request of Apple to get into the cell phone.

DR: Thank you.

LN: Thanks

Watch the Next Segment on Cell Phone Privacy: Part 3 of 4 continued

Part One on our Series of Cell Phone Privacy as it relates to the user

National Institute of Standards and Technology for company cyber security

Here’s Apple’s stance on government requests for personal cell phones.

https://www.apple.com/privacy/government-information-requests/

What does the ACLU have to say about personal cell phone privacy?

https://www.aclu.org/issues/privacy-technology/location-tracking/cell-phone-privacy