Paraben's Device Seizure

From ForensicsWiki
Revision as of 12:25, 21 April 2008 by Marina (Talk | contribs)

Jump to: navigation, search

Paraben's Device Seizure is your first line of defense in handheld forensics. Unlike data management software turned forensic tool, Device Seizure has its roots in digital forensics with such things as PDD (Palm DD command line acquisition), deleted data recovery, full data dumps of certain cell phone models, logical and physical acquisitions of PDAs, data cable access, and advanced reporting. The amount and quality of data you can get from a full physical acquisition far surpasses the information you can get from a simple logical acquisition. Accessing phones via IrDA and Bluetooth should only be used when other data connections are not available due to the insecure nature of these communication methods. With support for more devices than ever before and the addition of Symbian 6.0 support, no toolbox will be complete without Device Seizure.

What's the difference between Device Seizure and other commercial or free products to view Cell Phone data? Most commercial or free software devices is designed to not only view data but to upload data. This is not a safe way to perform a forensic evaluation. In fact, even some software marketed as forensic software warns of possible data loss. Device Seizure does not allow data to be changed on the device. Paraben can also add support for unsupported cell phone models from supported manufacturers with simple log files and a little time. Add all this together and there's no comparison for forensic acquisition, analysis, and reporting of handheld device data.

Paraben focuses on the physical level of acquisition offering more physical downloads of devices than any other company. Logical data acquisitions can't acquire more data than the device Operating System was designed to allow. The physical acquisition plug-in is unique to Paraben offering memory imaging on most of the devices supported in Device Seizure.

Supported Cell Phone Manufacturers

   * LG
   * Motorola - Including iDen
   * Nokia
   * Siemens
   * Samsung
   * Sony-Ericsson
   * iPhone*

Paraben's Device Seizure supports GSM SIM cards with use of a SIM card reader (which can be found in Device Seizure Toolbox).

Paraben's Device Seizure also supports PDAs with the following Operating Systems:

   * Palm through 5.4
   * Windows CE/Pocket PC/Mobile 5.0 and earlier
   * BlackBerry 4.x and earlier
   * Symbian 6.0, 6.1, 7.X, 8.X, & 9.X
   * EPOC 16/32 (Psion devices)

Paraben's Device Seizure also supports the following types of GPS Devices with more manufacturers to follow:

   * Garmin


   * Comprehensive easy-to-use interface
   * USB and serial support
   * Comprehensive data acquisition of text messages, address books, call logs, and more
   * Recovers deleted data
   * Verification of file integrity with use of MD5 and SHA1 hash values
   * Built-in file viewing of proprietary files
   * Built-in searching and bookmarking
   * Text and Hex viewing options available for data
   * Analyzes PDA data files stored on PCs
   * Built-in recovery Palm password (prior to Palm OS 4.0)
   * Windows CE registry viewer
   * Acquires complete GSM SIM card information including deleted data
   * Full flash download for certain models of cell phones
   * Image viewing for graphic information, including data carving for multi-media files for most devices
   * Comprehensive HTML & Text reporting
   * Encrypted image files to guarantee image integrity
   * Text searching (including Unicode) and hex information in the acquired data
   * Export acquired data to PC
   * Viewing acquired data with external viewer
   * Import of databases acquired with PDA Seizure, Cell Seizure and SIM Card Seizure
   * Comparing 2 databases to verify differences in their structure
   * Includes a free 60 day subscription with purchase