I helped investigators complete an organized retail theft investigation a few years ago. As with most cases in law enforcement, there is always cell phone evidence. Investigators were looking for cellular data like pictures, text messages and specific transactions that would tie the suspect to the sale of stolen items. After arresting the suspect, they placed his cell phone in a clear evidence bag and took it to the lab to start the extraction process. They found nothing. Nothing was there. The phone was completely clean of all data and reset to factory settings.
In my discussions with investigative units from around the country, I can’t help but wonder why we are still losing evidence due to the remote access wiping of data. Nearly every agency has a policy on how to properly collect digital devices for data extraction, including the importance of putting the device in airplane mode to avoid remote wipes. So even with those safeguards in place, why are we losing evidence?
Challenges in 21st-century policing
There are two significant challenges that police departments face when completing digital evidence investigation extractions.
The first challenge is the use of nefarious phone applications to trick investigators. Even the most seasoned detectives can fall victim to such tactics, as I learned from a child crimes detective whose efforts to collect critical evidence were foiled by a fake airplane mode application installed by the suspect.
Yep, there’s an app for that.
The detective removed the phone from the suspect, switched it to airplane mode, and took it to the lab. While driving to the lab, a friend of the suspect wiped all the devices remotely.
The second issue law enforcement faces is from the phone manufacturers themselves. In December 2022, Apple announced a massive security overhaul for its iPhone 14 and iCloud. Without delving into intricate technical details, Apple has good encryption. When the phone is powered off due to running out of batteries, the device will go into secondary encryption, locking down the phone. This security update is good for the user but adds a hurdle for law enforcement.
Solution 1: Fixing the evidence room
Luckily, there are solutions to these problems. The first solution is to modernize evidence storage rooms to meet the demands of 21st-century policing. Many agencies’ evidence rooms are antiquated and haven’t really changed beyond the four walls, cubbies and a vault system.
A simple fix is to designate an area for devices awaiting search warrants. This area should have individual secured boxes and a charger for each device. Keeping a phone charged while waiting for the device to be extracted will prevent the phone from going into lockdown mode.
Solution 2: Faraday bags and cages
To prevent remote wipes, an inexpensive option is to use Faraday bags. Police1 is no stranger to recommending Faraday equipment. In 2018, Tim Dees recommended including Faraday equipment use in department policies.
Everyone is on the same page with Faraday bags and equipment. We have to use them. But all Faraday equipment is not created equally, especially when technology is advancing as fast as it is.
Review of MOS equipment Faraday bags
Recently, MOS Equipment sent me various Faraday bags to test in the lab and real-life police operations:
- Mission Darkness non-window Faraday bag for phones
- Mission Darkness Window Faraday Bag for phones
- Mission Darkness Non-Window Faraday Bag for laptops
- Mission Darkness NeoLock Faraday bag with battery Kit
- Mission Darkness Window Charge and Shield
I ran each bag through various testing before using them for an operation. I pushed a very high Wi-Fi 5 and Wi-Fi 6 signal to the devices. The Wi-Fi strength was 100% but plummeted to 0% within a few seconds after being placed in the different Faraday bags. I tried calling each device using a standard cell signal, sending data through Bluetooth, and even tried activating GPS tracking. Each test was successful, and the bags blocked all the signals I used.
All Faraday bags, no matter the brand, must pass testing to be called a Faraday bag. The basic requirement is to shield for all the relevant Wi-Fi, GPS, Bluetooth, Active RFID and cell phone frequencies. The normal standard is 400MHz to 6000MHZ with an attenuation of more than 50dB. Several MOS Equipment products are certified MIL-STD-188-185 compliant, which means the bags must block 30MHz to 1GHz with an attenuation of 60. Because of the MIL-STD-188-185 certification, you can count on these bags to block even the strongest 5G and Wifi signals.
Once the devices passed the lab test, we used them in our police operations. One thing I really liked about MOS Equipment Faraday bags is the attached clear pockets on the outside of the bag. This made it easy for us to slide our business cards into and to keep track of whose bag was whose.
The build quality was also excellent. Each bag is built with durable water-resistant ballistic nylon, and the interior includes two layers of high-shielding TitanRF Faraday Fabric. I am confident these bags will last even when abused in a patrol bag or stuffed away in a search warrant kit.
What sets MOS Equipment apart from other companies is the variety of bags. I really enjoyed the window bags because it is nice to tell if the device is powered on and in airplane mode. The Mission Darkness NeoLock Faraday bag with battery kit is fantastic for phones that were nearly dead. If you are looking for a top-of-the-line Faraday bag, the Mission Darkness Window Charge and Shield proved highly effective. Users can plug the Faraday bag into an outlet or battery pack, which makes this a great long-term shield option if needed. Since it has a nice transparent window, the user can view the device status. When the user is ready to extract the data from the device, they don’t have to remove it from the bag. Instead, the user can attach the extraction tools directly to the bag because the bag is attached to the device using an internal cable. This will ensure that there is no chance that evidence will be lost.
Conclusion
In the ever-evolving landscape of technology and crime, investigators must be proactive in adopting innovative tools. The use of MOS Equipment’s Faraday bags has proven to be a crucial step in safeguarding digital evidence and maintaining the integrity of investigations. Equipped with these bags, we can confidently address the challenges posed by remote data wiping and phone encryption, knowing that vital evidence will be securely preserved.
