reverse engineering

Questions to answer from private forensic companies

mobilephonesecurity936843331Leave a comment

Chris Williams from The Register has published an article “Yorkshire cops accused of copyright theft”: http://www.theregister.co.uk/2009/07/14/fts_west_yorkshire/ . It seems that Steve Hirst, a policeman from West Yorkshire Police created some mobile handset forensic software and used some hexadecimal look-up tables from manuals provided by a private company, Forensic Telecommunications Services (FTS). These tables had been created from reverse engineering and extracting data from various manufacturers’ handsets. It looks like FTS have taken quite a heavy-handed approach and have taken Steve Hirst and West Yorkshire Police to the High Court.

Private forensic companies such as FTS make a lot of money out of police forces and security agencies around the world. They provide in-house services where handsets can be sent to them for analysis, including a full report of the findings or they will produce and sell their own forensic hardware and software.

Whilst West Yorkshire Police clearly seem to have put their foot in it with FTS, there are some bigger questions to answer about the forensic analysis of mobile handsets. Is it right to hack into handsets in order to reverse engineer the storage mechanisms? For example, Nokia’s e71 user manual clearly states the following:

Reverse engineering of any software in the Nokia device is prohibited to the extent permitted by applicable law.

So what are private forensic companies playing at? By reverse engineer manufacturer’s devices themselves they are in breach of manufacturers’ terms and conditions.

This subject goes a lot further than in-house reverse engineering and brings up the questionable use of hacking software and hardware purchased or downloaded from the Internet. What happens when data extracted from phones was performed using software that was purchased over the internet from organised criminals in Russia?

The Police need to go about their jobs in a challenging technical environment, but there is a clear need for oversight and regulation of private forensic companies and to reign-in cowboy practices which will inevitably cause miscarriages of justice.