Wednesday, 22-May-2013 16:05:44 UTC

Why “Certified Training” in mobile forensics is so important

Appeal Court ruling reveals the need for effective training

If you are going to the expense of investing in a digital forensics tool like XRY, then make sure you also budget to invest in the operators too.

One of our customers has drawn our attention to a court case in the State of Western Australia, where the ruling judge prescribed the need for witnesses producing evidence to demonstrate that they have an effective understanding of how the product works. The court felt it was essential for the officer to be able to explain to the court that XRY was functioning correctly when it produced the evidence in question.

Quote from the Official Court Documentation: 

Whether the text messages were admissible:

37 There are greater difficulties in understanding the second downloading process (from the mobile phone memory). The officer was not asked to explain this process in any detail, but he made mention of a web camera taking film of the text messages while they were displayed on the mobile phone. It was the first time he had experienced the relevant software and he did not have any formal training in its use. It was also his evidence that the software 'tried to do its best job at doing it'. To my mind this clearly raised questions as to the reliability of the software and of the officer's correct use of it. In my view, the prosecution failed to establish that the downloading process was of a type generally accepted by experts as being accurate, and that the particular downloading by the officer was properly performed.

It is difficult to think of a better example of why it is so important to ensure staff are adequately trained. This case is a good illustration of why it is not enough to simply use digital forensic tools. You also have to be able to explain the functions performed and why the information produced can be relied upon by the court. The court will base much of their assessment on the strength of this evidence. 

XRY Training Courses are essential to help you become confident in the presentation of evidence and provide documentary proof of your competency on the forensic analysis of mobile devices with XRY. These classes are hands on with a wide variety of mobile devices to give you practical experience in understanding and explaining XRY reports. When you successfully complete the courses, you will be issued with a Certificate from the equipment manufacturer - which helps demonstrate to the court, that you have the required skills to provide commentary on the results produced by XRY.

For more information about our training courses please visit the web pages here >>

 

Thursday, 25-Apr-2013 17:04:30 UTC

XAMN - Product Launch

We are pleased to announce the launch of XAMN v6.5

For some time now we have been testing beta versions of XAMN - the new analytical software tool from MSAB designed specifically for phone forensics.

XAMN creates a new market sector for analytical solutions with the unique ability to review forensic extractions to the same level of granular detail available in XRY, where you can see images and read SMS details, but on a whole new scale - up to 25 device files all at the same time.

It's a powerful new tool to complement XRY , which allows quicker understanding and assessment of information for our customers. It can facilitate the explanation and presentation of data in court and is user friendly enough to be understood by beginners with just one days training.

A tool purpose built for phone forensics which handles all of the challenges of time stamp normalization and viewing of image files with ease. XAMN is perfect for performing a search across a complete set of devices in one go and allows users to immediately visualize links, times and maps.

Why is it needed?

Well put simply there is simply too much data available these days, commonly referred to as BIG DATA - it seems that almost all of our customers now receive multiple mobile phones when investigating any case or operation. This combined with the increasing volume of data available in smartphones makes overwhelm a real problem.

In one of our Beta test sites we were able to help a team of several examiners speed up the analysis work significantly. They had been going through all the data recovered from the mobile phones on spreadsheets and it had taken them weeks to get to grips with the information. Within a couple of hours of using XAMN, they had identified two new suspects, which had not been apparent before.

With XAMN users will now be able to:

  • Understand the big picture
  • Visualize the links, times and locations of mobiles
  • Compare and contrast multiple XRY files
  • Convert other forensic files into XRY format
  • Run ‘Watch Lists’ against multiple files
  • Create ‘User Added Data’ to assist understanding
  • Assess the volume of information that will need analysis
  • Assist with resource planning for investigators
  • Present simple to understand graphics for briefings
  • Translate foreign language text offline

For more information please visit the product page here >>

Monday, 25-Feb-2013 22:02:23 UTC

New Products from XRY

The Kiosk is coming...

MSAB plans to launch two new exciting products in 2013:

XAMN - the smart analytical tool for phone forensic examiners.

and

XRY KIOSK - the power of XRY combined with simplicity of use.

XAMN will be released first in the coming weeks and will provide an impressive new analytical suite capability for XRY, with the power to review up to 25 XRY files simultaneously, run watch lists, visualize connections, plot timelines and map all available geo-data.

The Kiosk will follow later in the year and is now in beta development stage. Designed for busy office environments, we have taken the core engine of XRY and made it easier to use than ever before, with a touch screen interface for front line users who need to quickly and easily recover mobile data.

Both products will provide increasing flexibility for customers to help them in their quest to recover and make sense of recovered mobile data.

Because it's not just about the data, it’s about the context and the meaning.

 

Monday, 25-Feb-2013 21:02:57 UTC

XRY for Windows 8

The end of support for Windows XP is close

MSAB will introduce support for XRY on the Windows 8 platform later this year. Conversely we will be ceasing technical support for XRY on the Windows XP operating system before the end of 2013.

We are giving you advance notice, so you can have the maximum time to plan ahead and advise relevant IT departments of this impending change. 

Windows 7 support is not affected by this announcement and will continue as normal for both 32-bit and 64-bit support.

Microsoft has announced that it will cease all support for Windows XP in 2014 now they have launched Windows 8 and we anticipate increasing demand for XRY to run on this new platform from customers. As a result we will be introducing support for Windows 8 this year to meet this demand.

As we manufacture a validated forensic tool we are required to test XRY on all variations of all operating system platforms we support. The time and work load implications mean we cannot support legacy operating systems indefinitely, so as these Microsoft operating systems continue to diverge we have to move towards more modern versions.

There is a high probability XRY will continue to work on Windows XP for some time after we cease official support, as it has worked on XP since 2004, nevertheless official support will cease by the end of the year. 

For more details and information you can contact support@msab.com

Thursday, 31-Jan-2013 18:01:26 UTC

Forensics Europe Expo

The premier international forum for sourcing forensics products, equipment and services

Olympia, London, UK

24 - 25 April 2013

This conference is a UK first – in that it is the first time ever that law enforcers, scientists, academics and industry experts in the field of forensics have been brought together in London in a major show that embraces forensic innovation.

The conference theme will be Forensic Innovation – past, present and future. The conference will be a celebration of these advancements, examining them in detail and debating present and future challenges that will occur as a result.

Micro Systemation will be exhibiting at this event and we would be delighted to see you there.

For more information please visit the event website >>

 1 2 3 >  Last ›