At our 2008 OBA Solo and Small Firm Conference, Judge Gary Dean of Prior, OK (who was chair of the 1st OBA Solo and Small Firm Conference before rising to the bench) stumped our panel of experts with this inquiry: " I am seeking a reasonably simple (and inexpensive) device to be able to download and print cell phone messages and call logs. Hopefully something simple enough for a law enforcement officer with reasonable computer skills to use. In domestic violence and protective order cases which I handle, I am seeing an ever increasing volume of threats and harassment by cell text messages. In domestic protective order cases the messages have been kept and are frequently shown to me. The problem is preservation for possible later court use."
As a veteran of many Q & A panels as a so-called expert, I've had to do this drill a couple of times. You have no idea whatsoever and you look hopefully at your co-panelists, only to see them looking hopefully back at you. Then the lawyer training for candor kicks in (especially since a judge asked) and you hear "I have no clue" escaping from your lips. The good judge is undeterred, however, and wonders if we can find out.
The problem with using Internet research for such a query is that many products promise but do not deliver and, generally speaking, the terms "inexpensive" and "electronic evidence preservation" don't even go on the same piece of paper, much less in the same sentence.
So I decided to look for the answer, frankly expecting that the answer would be "Sure, the ACME Phone Slurper 4000 will do a great job on this for only $11,995 and six month's training to certify the operator."
I queried my friend John Simek, figuring he could give me a list of devices costing five figures that would get the judge off my back. John, as many readers know, is the vice-president of Sensei Enterprises, Inc., a computer forensics firm. He has a list of credentials a mile long.
With his permission, I am passing along his response to my readers.
"There is really only one 'sure fire' way to document text messages, call logs, etc. from ALL cell phones," John says. "That way is to take pictures of the actual screen of the phone while the user accesses the various functions. We use a device called Project-a-Phone that is available from Paraben. It only costs $295, which is a bargain for documenting cell phone contents. We also have several multi-thousand dollar software/hardware combinations to get the cell phone data. However, no single solution gets all of the data from EVERY cell phone."
"To compound the problem, we have several hardware kits that contain hundreds of data cables to connect to the cell phone. Sometimes a particular model phone is not supported by one vendor so we have to try another one of our kits to see if we have the data cable and ability to extract information. The beauty of the Project-a-Phone is that you don’t need any data cables, which means it works with every phone. You are just taking a picture of the screen. This means that you are only capturing (documenting) the logical data and cannot retrieve any deleted information that may exist. As with anybody taking crime scene photos, there needs to be a chain of custody and, perhaps, a statement from the examiner that they are the ones who retrieved the data on a particular date while observing cell phone model XXX and serial number YYY-ZZZ. I think you get the picture! (bad pun)."
That was all probably elementary to a computer forensics professional, but I found it fascinating! I hope you found it interesting.