±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36595
New Yesterday: 4 Visitors: 109

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

iPhone interception

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

giandega
Senior Member
 

iPhone interception

Post Posted: Jun 21, 19 18:07

Dear all, a young girl with no money feels intercepted by someone, maybe boyfriend, she can't afford UFED rent and mobile edit works only on android. Is it possibile to test the iPhone in a cheap way?
thanks  
 
  

UnallocatedClusters
Senior Member
 

Re: iPhone interception

Post Posted: Jun 21, 19 19:12

Hello,

One of my expertises is helping LE arrest "bad leavers"; a "bad leaver" is someone who will not stop interacting with the victim.

My security work of this type is performed on a Pro Bono basis as the victim did NOT ask for this situation to occur.

If after the below steps there is still a need, I will image her phone Pro Bono; however the below steps must come first please:

STEP #1: Define date range "bad leaver" had physical access to victim: Start Date 00/00/0000 through End Date 00/00/0000

STEP #2: Identify and write down all computers, phones, email accounts, social media accounts, residences, vehicles "bad leaver" had physical access to during STEP #1 date range.

*** All sources identified in STEP #2 should be considered compromised until proven otherwise ***

STEP #3: Procure for the victim a no-contract Android phone, setup with a new Google account and gmail address. Install Signal for encrypted SMS messages and phone calls. Communications with LE and/or attorneys involved will only occur through the new device and Gmail account over public WiFi hotspots.

Install application on Android phone to un-mask blocked calls and capture phone record if "bad leaver"'s phone number is exposed.

STEP #4: Secure security logs from email and social media providers identified in STEP #2.

For Gmail accounts, look at the Google "device access" history to determine if "bad leaver"'s device has accessed the victim's Gmail account within the last 30 days. For non-LE access, Google only displays last 30 days of device activity so quick collection of this data is critical.

Within the victim's Gmail account, confirm that "autoforwarding" is not turned and and perhaps being forwarded to the "bad leaver"'s email address.

For Facebook, have victim create a Facebook archive of her profile including all possible content; analyze the messages and posts for evidence tied to the "bad leaver".

STEP #5: Record a time-line of unwanted interactions including Dates, Times and Methods (Call from a blocked number, unexpected meeting at restaurant). The method of unwanted interaction can inform as to how "bad leaver" is spying upon victim.

STEP #6: Tickle the wire. Send communication through one method at a time and wait to see if "bad leaver" acts on the communication. For audio surveillance testing, have victim make a plan to visit a specific restaurant in the victim's car (so that a planted listening device will pick up the audio), home, all locations identified in STEP #2.

STEP #7: Work with LE to arrest the "bad leaver" with independently verifiable evidence that "bad leaver" is stalking victim. I typically write a sworn affidavit memorializing steps one through six above and the evidence directly connected to the "bad leaver".

In Chicago, Illinois, after a victim claimant procures a plenary (meaning 1-2 years) Order of Protection from the Domestic Violence Court House, violation of the court's Order of Protection is a felony, thus allowing LE to arrest the "bad leaver".

For Hungary please consult LE to confirm what type(s) of evidence would enable them to make an arrest.  
 
  

passcodeunlock
Senior Member
 

Re: iPhone interception

Post Posted: Jun 21, 19 21:03

giandega is from Italy, not Hungary Smile
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

TinyBrain
Senior Member
 

Re: iPhone interception

Post Posted: Jun 22, 19 06:35

MVNO people are able to provide may not insights (as very technical All-IP routing, diameter) but can set flags in their Core Networks about intercepting misbehaviours. In Switzerland this works well with all major MVNOs or CSPs if not mobile-based.  
 
  

jaclaz
Senior Member
 

Re: iPhone interception

Post Posted: Jun 22, 19 09:56

- giandega
Dear all, a young girl with no money feels intercepted by someone, maybe boyfriend, she can't afford UFED rent and mobile edit works only on android. Is it possibile to test the iPhone in a cheap way?
thanks


I know my post will sound extremely grumpy and blunt, but an alternative suitable four-steps-plan for the poor girl would be IMHO:
1) borrow temporarily some money
2) buy an el-cheapo android phone and move the SIM from the Iphone to it
3) wipe the Iphone and sell it used
4) re-pay the temporary loan and profit with the rest

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 

Page 1 of 1