This episode was recorded live at the Cellebrite Envisioning Center.

Heather and Jared Barnhart, Training Instructor at Cellebrite, performed live demonstrations of answers to questions from the audience using the following Cellerbtie solutions:

Here are some of the questions that were answered during the live Ask the Expert session:

  • How can Cellebrite UFED or Physical Analyzer (PA) be used to adhere to a date range warrant when performing an analysis of an Android device?

  • How can I avoid seeing data outside of a warrant?

  • What is the possibility of Pegasus spyware being found “in the wild?”

  • Regarding sensor data from a Galaxy S20 FE 5G, what is parsed by PA from a fingerprint sensor, accelerometer, barometer, gyro sensor, geomagnetic sensor, hall sensor, proximity sensor, or the RGB light sensor?

  • How can I determine whether thumbnails in an iPhone data collection are sourced from iCloud photos?

  • How should examiners deal with apps that are only connected to the cloud? For example, messages are seen when a phone is seized but are gone once the device is placed in Airplane Mode. 

  • How can I deal with the possibility of remote wipes versus getting the evidence?

  • How can I determine what a suspect was doing with their phone at a specific point in time?

  • Is there any way to tell if a device was powered off at a specific time?

  • What data can we collect regarding cryptocurrencies? Can we know how much was sent, where it was sent, and other details?

  • How can I map data tables for all social media profiles on a device to confirm a proxy social media account that is being used for terrorism recruitment?

  • How can I enable the owners’ name field on the Load Evidence screen?

  • How can I see all the items tagged under a specific tag label regardless of what category the data was tagged under?

Watch the entire episode to hear more questions answered and examples demonstrated.

Share this post