Upload File

cellular phone investigations topeka police department 2015 detective patrick ladd

  • Home
  • Documents
  • Cellular Phone Investigations Topeka Police Department 2015 Detective Patrick Ladd
34
Cellular Phone Investigations Topeka Police Department 2015 Detective Patrick Ladd

Upload: gabriel-park

Post on 23-Dec-2015

225 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • Slide 1
  • Cellular Phone Investigations Topeka Police Department 2015 Detective Patrick Ladd
  • Slide 2
  • Cases Involving Cell Phones Homicides Narcotics Missing Persons and Runaways Sex Offenses Burglaries and Thefts
  • Slide 3
  • What we focus on Hardware Records Analysis Mapping
  • Slide 4
  • Why are Cell Phones Important to Investigations??? Most everyone carries on their person a phone AT ALL TIMES Phones hold vast amount of data Contact Lists SMS content and history, Call Log history E-Mails GPS and Geo Encoded information Photos and Videos
  • Slide 5
  • Legal Requirements Hardware SEARCH WARRANT (Required for advanced processing) Riley v. California 2014 Written Consent Some cases where ownership/possession cannot be established (Check with local prosecutors for advice)
  • Slide 6
  • Legal Requirements For Records Exigent Circumstances Emergency Location, Pinging, Officer or Dispatch Limited Subscriber and Call Detail Records Subpoena Can take a long time to receive records No content (if available) provided Potential cost
  • Slide 7
  • Legal Requirements Search Warrant Preferred method Can mitigate some cost In some circumstances can receive content of SMS Quickest turn-around Most complete information received
  • Slide 8
  • Collecting Phones Can anyone on scene provide pass code (PIN, Pattern, biometrics) We do not need the cables or chargers We can process broken phones When placing into evidence for later examination put make of phone, model of phone and if known carrier of phone, WHY?? iPhones identifying information is stored on the phone electronically and DO NOT come apart without special tools
  • Slide 9
  • Collecting Phones Allows us to know which exam we have to do without removing it from evidence or its evidence bag or if an exam is even possible Each carrier has a unique model number for a generic phone Samsung Galaxy S5 is GSM SM-G900A, Samsung S5 CDMA is SM- G900V We may be able to process the AT&T phone but not the Verizon Phone even though theyre both Galaxy S5s
  • Slide 10
  • Collecting Phones Isolation from the network or Wi-Fi is important!!!! Phones can be remotely wiped Phones can still receive data, such as texts, after an event takes place A search warrant for a phone may not encompass data received outside the date/time frame for which it is written
  • Slide 11
  • How do we Isolate? Power off Faraday bags Foil Airplane mode Can a phone be accessed to enable this setting without a search warrant???? Still debatable, no solid case law if unsure power off and get a warrant
  • Slide 12
  • Forensic Analysis Technology advances far quicker than our abilities Phone manufacturers encrypting devices Pre-paid phones normally have their data ports disabled
  • Slide 13
  • Forensic Analysis Forensic tools available Cellebrite Secure-View (Provided by FBI HRCFL) When normal tools cant do the job JTAG MFC Dongle Flasher Boxes
  • Slide 14
  • JTAG
  • Slide 15
  • Exigent Ping Requests Generally speaking, Law Enforcement establishes exigency, NOT THE PHONE COMPANIES There have been occasions when the phone companies will reject our requests when they deem them not exigent enough For Field Personnel, your dispatch will generally request the info from the carriers Establish which carrier we need to request the info from Information provided to Dispatch is limited!!! Only Sworn Law Enforcement may receive some records Please get a hold of trained personnel as soon as possible when the need arises for phone support Exigency is not allowed to track/locate suspects with warrants
  • Slide 16
  • Exigent Location Requests Location Requests, Pinging, generally gets Officers to a general area The area can be as precise as a few meters or as broad as a 5000+ meter radius which equates to a 3 mile plus radius from a tower Can at least isolate an area of the city, but not precise enough to search Other specialized equipment used from other agencies to hone in on the handset Only used in serious cases Requires search warrant with very specific information to use
  • Slide 17
  • Location Requests Received via automated email Can take some time to be set up Only info received is Lat/Long and certainty factor
  • Slide 18
  • Location Based Tracking This was a 1706m (1.07mi) certainty factor
  • Slide 19
  • Phone Record/Location Requests Very specific legal compliance language On occasion we have to educate our Judges as to what were seeking to do Pinging a phone requires a warrant TPD Personnel must obtain Supervisor approval prior to locating phone This can be very expensive We possess the software and training to interpret the records and map the records
  • Slide 20
  • 911 Calls to Dispatch Locations not always reported In California 63% of cellphone 911 calls did not report location in 2014 In Colorado only 58% of cellphone 911 calls reported coordinates in 2014 New rules coming from FCC in conjunction with the four large carriers 40% of cellphone calls by 2017 contain location data 80% by 2021 Kelly, John and Keefe, Brendan 02/22/2015 911s Deadly Flaw: Lack of Location Data. USA Today Online http://www.usatoday.com/story/news/2015/02/22/cellphone-911-lack-location-data/23570499/
  • Slide 21
  • Search Warrants For Carriers Each carrier has unique capabilities and language You must ask for it to receive it Verizon has the best technology when it comes to precise location AT&T is OK Sprint had Precise Call Measurement found to be unreliable and no longer offer T-Mobile does not offer (Yet)
  • Slide 22
  • Search Warrants For both hardware and records, Judges are beginning to question the nexus between the phone/records and the crime committed We cant ask to dump a phone simply because the suspect was in possession of a phone at the time Training and Experience alone is not enough to satisfy probable cause
  • Slide 23
  • How can a State Court Judge Sign an Out of State Search Warrant?? The following applies to this Affidavit and Search Warrant: To obtain records and other information (not including the contents of communications) pertaining to subscribers of an electronic communications service provider or remote computing service, the government must comply with 18 U.S.C. 2703(c)(1), which provides, in pertinent part: A governmental entity may require a provider of electronic communication service or remote computing service to disclose a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications) only when the governmental entity.... (B) obtains a court order for such disclosure under subsection (d) of this section. Section 2703(d), in turn, provides in pertinent part: A court order for disclosure under subsection (b) or (c) may be issued by any court that is a court of competent jurisdiction, defined pursuant to 18 U.S.C. 2711(3) as: (3) the term court of competent jurisdiction has the meaning assigned by section 3127, and includes any Federal court within that definition, without geographic limitation 18 U.S.C. 3127 defines court of competent jurisdiction as: (B) a court of general criminal jurisdiction of a State authorized by law of that State to enter orders authorizing the use of a pen register or a trap and trace device It is the above sub-section that covers our Courts ability to issue these
  • Slide 24
  • How can a State Court Judge Sign an Out of State Search Warrant?? This is a question I have been asked Newer Judges who have never read these need to be educated Not just phone companies Think any social media with servers not located in Kansas
  • Slide 25
  • Receiving Records There is NO Industry standard in how records are received or format they are in Usually E-Mailed Have received recently via US Mail Takes training to interpret the records and testify in court about them Must receive certification of records from the person providing the records May have cost associated with them and an invoice will be included
  • Slide 26
  • Slide 27
  • Records Retention No Industry standard, each carrier differs Generally speaking SMS Content is not preserved at all Have had limited success with Verizon Call Detail Records- general rule is one year Tower Information- general rule is one year T-Mobile will tell you six months but we have been able to obtain older records
  • Slide 28
  • Working With the Records We use analytic software to parse the records We have mapping software that can map an entire record set in seconds Very hard to get assistance from the phone companies They will NOT provide any technical details on tower information Even them interpreting their own data is not always possible Prosecuting Authority can request trial team support from the carriers and it is very expensive
  • Slide 29
  • Tower Dumps Good tool available Usually best once a pattern covering different dates/times are involved It takes time to receive the records back (ESPECIALLY T-Mobile!!) Can cost a substantial amount of money Each carrier is different and the cost can even differ depending on which analyst you speak with
  • Slide 30
  • Mapping Can be used to place a suspect in a particular area at a particular time Records dont lie Great info to have to poke holes in stories Can be done manually or with software Carriers are working to provide better location data
  • Slide 31
  • Mapping
  • Slide 32
  • Mapping With RTT
  • Slide 33
  • Mapping
  • Slide 34

Ladd Keith, Ph.D

Forum 2013 Check’n In with LADD Philip Hahn LADD System Administrator

Topeka, KS :: 01/13/12 - 01/15/12 Friday KS 01.13.1… · Topeka, KS :: 01/13/12 - 01/15/12 Friday TOPEKA ... 4 293 Alex Cleaver Topeka KS ... EVS, Yoshmura, Dragon Fuel, Only One

TOPEKA-JEFFERSON CITY BASE'S SCUTTLEBUTTussvi.org/BaseNewsletters/Topeka-JeffersonCity... · 2016-09-06 · TOPEKA-JEFFERSON CITY BASE'S SCUTTLEBUTT SOME IMPORTANT REMINDERS George

Ladd Army Air Field

Downtown Topeka meetings

Buhs, Ladd and Herald 2006

Topeka tendencias 2

2722 SW Topeka Blvd. Room 136 (North Side), Topeka, KS ... Bulletin July-August 2… · 2722 SW Topeka Blvd. Room 136 (North Side), Topeka, KS 66611 July-August 2010 Planning for

Creating Community - Topeka & Shawnee County Public Library · Library of the Year Application. Topeka & Shawnee County Public Library. Contact: Gina Millsap, CEO Topeka & Shawnee

TOPEKA REGIONAL AIRPORT, FORBES FIELD, TOPEKA, KANSAS

LADD MARSH WILDLIFE AREA MANAGEMENT PLAN · Ladd Marsh Wildlife Area Habitat Management Units. List of Tables Table 1. Habitat Composition on the Ladd Marsh Wildlife Area. Table 2

Carol Ladd - University of Washington

Topeka History Geeks

Topeka Bikeways Project

CTE Conference February 2016 TOPEKA CENTER ... - Smoky …€¦ · CTE Conference February 2016 TOPEKA CENTER FOR ... Topeka Center for Advanced Learning & Careers May ... Vision

Cheryl ladd plastic surgery

2018 Topeka Relocation Guide (from Washburn University ... · TOPEKA RELOCATION GUIDE 2018 | 9 Topeka, impacting the city’s growth pattern for years to come. In the 1980s, Topeka

Story from Topeka

Topeka Shiner Notropis topeka - Nebraska Game … · Topeka Shiner (Notropis topeka ) A Species Conservation Assessment for The Nebraska Natural Legacy Project Prepared by Melissa

Section 1: Identification - Ladd Research

Elizabeth ladd portfolio

2 REFRAMING TOPEKA: HOW DO WE IMPROVE TOPEKA?

matrimonial detective agency in delhi, private detective service, detective

Metropolitan Government Archives of Nashville-Davidson County - … births/labaudt... · 2015. 7. 3. · Ladd Porter Ladd Sadie Ladd 1/2/1906 9 W Ladd Wm Ladd Maud Ladd 7/20/1910

Topeka, Kansas Monthly Community Newsletter M… · Greater Topeka Bed Race - Downtown Topeka Mater Dei Irish Fest - D0Nmtown Topeka Mater Dei Irish Fest 5k - Downtown Topeka St Patrick's

Check’n In with LADD

Ladd Foott

Ladd Terzaghi Lecture

Story from Topeka George Phillips Science and Operations Officer NWS – Topeka KS

Presentation functional theoryofgroupdecisionquality-ladd

Erin Ladd Portfolio1

True Detective A Hybridised Detective Narrative

INTRADEPARTMENTAL CORRESPONDENCE October 28, 2010 … · - Detective Monica Quijano - Detective Shannon Geaney - Detective Tracie Noggle - Detective Carlos Monterroso - Detective

John Pinegar Topeka