INCIDENT RESPONSE & RISK MITIGATION


logo

Teel Technologies is today’s leading supplier of Mobile Device Forensics tools and training for local, state and federal law enforcement customers, as well as private forensic firms. Whether you are building out a complete forensic lab, setting-up an analysis kiosk, or deploying kits on the battlefield, Teel Technologies is your dedicated, platform-neutral product supplier and complete training partner to ensure you have the right tools and skills to meet your unique requirements. At Teel Technologies, our mission is to provide the best tools, training and services for professionals tasked with investigating mobile devices. With a focus on the total lab establishment, training in all skill levels, as well as applying our extensive experience and expertise in our services offering, we provide a comprehensive approach to all clients, to meet their specific requirements. Our unyielding credo of maintaining the highest level of integrity and quality ensures our customers are provided with the best service and support in the industry.

article featured image

CHIP-OFF

Chip-off Forensics is the process in which a BGA memory chip is removed from a device and prepared so that a chip reader can acquire the raw data to obtain a physical data dump. A chip reader, like the UP 828P Programmer or a SIREDA test socket, is required to perform the read and in the case of the UP 828P, a specific adapter will be required depending on the specific chip. Unlike JTAG, chip-off is a destructive process, and the device will no longer function. Many examiners start with a non-destructive technique like JTAG or ISP before submitting to a Chip-off.

JTAG

Joint Test Action Group (JTAG) is an industry standard devised for testing printed circuit boards (PCBs) using boundary scan and was designed to quickly and easily test PCBs coming off a manufacturing assembly line. JTAG Forensics is a process that uses that same process and involves connecting the the Test Access Ports (TAPs) on a PCB via solder, molex or jig and then uses a supported JTAG Box (Riff, Z3X, ATF, etc.) to instruct the processor to acquire the raw data stored on the connected memory chip to get a full physical image from the device. This process is non-destructive to the phone.

ISP

article featured image

In-System Programming (ISP) applied to forensics, is the practice of connecting to an eMMC or eMCP flash memory chip for the purpose of downloading a device’s complete memory contents. eMMC and eMCP memory are the standard in today’s smartphones, and the ISP practice enables examiners to directly recover a complete data dump without removing the chip or destroying the device. Identifying the taps that connect to the memory chip using a multimeter is required in ISP technique. Thus, for each evidence phone, a second identical phone that can be destroyed will be needed.