Mobile phone forensic extraction devices have been a law enforcement tool for years now, and the number of agencies using them is only rising. As part of an ongoing investigation, we have finally been able to turn up some usage logs of this equipment, from Tulsa Police Department, and Tucson Police Department. While the logs do not list the cause of the crime or any other notes about why the phone was being searched, it does list the make of the phone, the date, and the type of extraction.As an aside, there are three types of extraction – physical extraction, when the phone is connected via USB cable to the extraction device and its contents downloaded as copies of the phone’s files. A logical extraction is done using the phone’s corresponding API. A file system extraction is more or less a physical extraction that uses what is called the synchronization interface of a phone to access the phone’s memory system. This is a way to access deleted and hidden data.First, let’s go over what extraction devices are being used here. Tucson PD opted for the brand that is arguably the worldwide leader in mobile device forensics, the Israeli company Cellebrite.
Police are getting a lot of use out of cell phone extraction tech