The topic of Physics may not be the first thing that comes to mind when you think of digital forensics, but it does play a key role in the preservation of your digital evidence. Not every organization is lucky enough to have their lab so isolated that they get no issues with signals that could potentially risk their digital evidence. This is where physics and the role of EMI shielding, or the use of Faraday technology, come into play.
Here are some of the basics to get you started. First, what is EMI? EMI stands for Electromagnetic Interference. It happens whenever one electronic signal disrupts another electronic signal. EMI is also referred to as Radio Frequency Interference or RFI. The two biggest problems related to EMI are that you cannot see it, and it affects everything wireless. This is where it is a primary factor for digital forensic investigators and what it can do to the data they are trying to preserve.
A perfect example is mobile phones. They deal with signals, small voltages, and currents, which are easily disrupted by an electromagnetic field. EMI can disrupt mobile and other electronic devices, equipment, and systems or decrease the performance of a specific circuit. Other devices such as wireless laptops, handheld GPS devices, and even our vehicles can have the same issue with transmitting a signal that can be disrupted. We dip our toes into the physics pool when we look at the EMI impact on data preservation and the need to block the signals for the variety of devices that transmit them.
Digital devices collected to preserve the data on them should not stay connected to wireless signals. This is one of the basic rules of mobile device seizure when working with smartphones and mobiles. The Supreme Court of the United States also brought up the need for the protection of these types of devices.
The disruption of the signals transmitting to these devices can happen by several means, from natural sources to artificial options. Since it is not realistic to have a cave at every seizure point with wireless devices, it can be practical to have portable faraday options.
What is Faraday?
Faraday technology is designed to block the signals received by wireless devices and create a “cone of silence” so no disruption to that device can occur. This technology was originally invented by Michael Faraday. According to Wikipedia, Michael Faraday was an English scientist who contributed to the study of Electromagnetism and Electrochemistry. Faraday’s main discoveries include the principles underlying electromagnetic induction, diamagnetism, and electrolysis.
In the end, when you remove some of the high-end science, you end up with a principle associated with blocking signals. This allows the preservation of the device and follows the best evidence rules for an investigator.
How is it done?
When you start looking at Faraday technology, there are a few factors that you want to consider when picking one that will work for your purpose. EMI shielding can be accomplished in three different ways: reflection, absorption, and multiple reflections. The shielding materials used to prevent EMI consist of a combination of different metals, specifically copper, nickel, and zinc. This combination is used due to its corrosion resistance. Once you know that your shielding was created with multiple metal materials, you can start to look at a few other factors.
When designing my first Faraday bag, I looked at a Dutch oven to see what type of metal I would need to use and how thick. Although a signal could easily be blocked by the thick iron that made up the Dutch oven, it was not a practical solution. Upon experimenting with different metals, the combination of nickel, copper started to show the best prospect for blocking the largest frequency range. The fine weave also allowed for strong protection that had fewer risks for signals to escape.
When evaluating different Faraday options, durability needs to be considered. The more seams sewn in Faraday protection material, the more risks you must signal escaping.
The patented design of the Paraben StrongHold Bag (U.S. Patent No. 7,601,921) holds not only the double folded side seams but also the fold-over closure technique. This design allows potential holes in the seam that may be created during the production of a Faraday Bag to be sealed. The durability scale improves with canvas covering and double seaming on the shielded hook and loop closure.
Without looking at the seams and construction of a Faraday bag, you might end up with a cheap knockoff that has not taken into account the rough use these bags go through in the field.
The last area for evaluation is functionality. Functionality is the most difficult area to evaluate Faraday technology because the functionality changes based on the location of use. The proximity to any signal generating factor also plays an important role in functionality.
Typically, a Faraday bag/device is designed to block for a frequency range in ideal conditions. As those conditions change for anything from weather, power, and age of transmitting device, you will receive different blockage effectiveness. Many times, people believe their devices are failing, and in fact, they are. What they fail to consider is that the Faraday device may not be effective due to outside conditions. One example we often see is with police departments using Faraday bags for their evidence protection. They will report that the devices are still getting signals, and upon further research, we find that the police station has a cellular antenna on the roof. The outside factor of the cellular antenna on the roof is the cause of the failure, not the device itself. Typically adding power into a Faraday enclosure requires special shielding for that power source and can change the overall effectiveness. All of these factors can contribute to the functionality of the Faraday device.
If the Faraday technology was designed with multiple layers and multiple sealing points, it should function in an ideal state if the environmental factors do not pose a problem.
How do I select a bag?
As those conditions change for anything from weather, power, and age of transmitting device, you will receive different blockage effectiveness.
Take the three factors involved in the evaluation of the technology and select the one that ranks and tests the highest in each of those factors. Select from manufacturers that you know are producing quality products with higher signal penetration protection from newer devices.
Paraben’s StrongHold Faraday Bags are patented with the design and effectiveness of each of these factors. The handling of wireless devices with Faraday equipment is more necessary due to an increased number of kill commands and changes that can occur wirelessly to the device once it is out of the custody of the primary owner. More information on StrongHold Faraday Bags.
Blog by: Cameron Cisneros, Zachary Wilson, Karla Soler and Ian Yates Research by: Felix Murray, Cameron Cisneros, Zachary Wilson, Karla Soler, Ian Yates, Unny Menon, Richard D’souza Sponsored by: When we began our research into vulnerabilities of electrical vehicle...
Starting 24 years of being a small business in the digital forensic investigations space is a rare activity. With many transitions happening with the different technology providers being sold, going public, or just disappearing it is rare to experience this many years...
Guest Blogger Hilary Rodela, Lead Digital Content Writer for Taction USA Collecting and extracting evidence is half the battle when it comes to seizing evidence and processing a crime scene. When you don’t have the right supplies or resources it can impede your...