(U) Converged Analysis of Smartphone Devices Identification/Processing/Tasking All in a day's work Converged mobile devices offering advanced capabilities, often with PC-like functionality. No set industry standard definition. Boasts powerful processors, memory, larger screens and open operating systems. TOP SECRETIICOMINT/REL TO USA, FVEY 2 • The gradual "blurring" of telecommunications, computers, and the Internet • Multifaceted layering technologies • Examples of convergence in SIGINT: y Blackberry, iPhone data, Smartphones yVOIP y Wireless Local Loop o y GPRS - General Packet Radio Service TOP SECRETIICOMINT/REL TO USA, FVEY 3 • Visual Communicator - Free application that combines Instant Messaging, Photo-Messaging and Push2Taik capabilities on a mobile latform. VC used on GPRS or 3G networks· • Sym Ian OperatIng System supportIng encryption programs. • WinZip, compression and encryption program. TOP SECRETIICOMINT/REL TO USA, FVEY 4 • Social Networking via Flixster Social Networking site allowing users to share movie ratings, discover new movies and meet others with similar movie taste. • Google Maps features • Photo capture and editing capabilities • Phone settings • Mobile Facebook Apps (iPhone/Android) TOP SECRETIICOMINT/REL TO USA, FVEY 6 Where is the target? • GPRS Dataset - breaking down barriers • Providers catering to users based on location • Android Phones pass GPS data in the clear • No longer DNI/DNR TOP SECRETIICOMINT/REL TO USA, FVEY 7 Photo Capture Software • iPhone Geotags for Photos Raw tags coming through from a variety of devices • Flixster App uses GPRS • Flickr/Photobucket • Mobile Facebook Apps Uploads TOP SECRETIICOMINT/REL TO USA, FVEY 8 All in the Metadata, not the pretty pictures • Unique applications require unique analysis • GPS Indicators (sent to the server and towers for both phone and application) • VoIP Indicators (multiple services) • Type of Phone and Apps TOP SECRETIICOMINT/REL TO USA, FVEY 9 • Make use of fingerprints in Xkeyscore via the EXIF metadata plugin • Fingerprints for images Gpeg, tiff, gifs etc.) • Examine the raw XML • Provides device and time/location for the image TOP SECRETIICOMINT/REL TO USA, FVEY 10 Perfect Scenario - Target uploading photo to a social media site taken with a mobile device. What can we get? TOP SECRETIICOMINT/REL TO USA, FVEY 11 • Examine settings of phone as well as service providers for geo-Iocation; specific to a certain • regIon • Networks connected • Websites visited • Buddy Lists • Documents Downloaded • Encryption used and supported • User Agents TOP SECRETIICOMINT/REL TO USA, FVEY 12 Targeting both Telephony and DNI systems • Call Logs • SMS • SIM Card Leads • Email address • IMEI/IMSI • Unique Identifiers • Blackberry PINS TOP SECRETIICOMINT/REL TO USA, FVEY 13 -Additional exploitation -Target Knowledge/Leads -Location -Target Technology -Denote Media used TOP SECRETIICOMINT/REL TO USA, FVEY 14 • Challenge is how to tag data for analysts • We can geo phones from virtually anywhere • Buried GeoStamp from Phone or Apps • Xkeyscore/Marina • Tasking systems .--- TOP SECRETIICOMINT/REL TO USA, FVEY - 15