Test Results for Mobile Device Acquisition Tool: Secure View 3v3.8.0

This NIJ report presents the results from testing Mobile Device Acquisition Tool: Secure View version 3.8.0 conducted through the Computer Forensics Tool Testing (CFTT) program. The testing covered several areas about the tool: device connectivity, personal information management (PIM) data, acquisition of stand-alone files, acquisition of Internet-related data, acquisition of SIM subscriber-related data, non-ASCII characters (internal phone memory), and non-ASCII characters (SIM memory). The tool was tested for its ability to obtain data from the internal memory of mobile devices and subscriber identity modules (SIMs). The testing revealed that, for the most part, the tool was able to acquire data from the internal memory of the devices tested. A list of devices tested is included in the report. A few anomalies did occur with the data acquisition, however they were specific to certain devices. Some of these anomalies included inability to establish connectivity to the mobile device (Noki 6350); data truncation and unreported graphic files (iPhone4 and BlackBerry Torch); Internet-related data not reported (iPhone4); service provider names not reported (SIMs); and contacts and text messages containing the non-ASCII characters not reported incorrectly (BlackBerry Torch). The information in this report is divided into five sections: 1) a summary of the results from the test runs; 2) justification for the selection of test cases from the set of possible cases defined in the test plan; 3) detailed description of the anomalies found during testing; 4) lists of hardware and software used to run the test cases; and 5) a description of each test case run, including the test assertions used in the case, the expected results, and the actual results. Tables