Government Technology

XBox Forensics Toolkit Enhances Criminal Investigation Possibilities



XBox Forensics
XBox Forensics

April 30, 2009 By

Computer scientist David Collins has probably spent more time messing around with the Microsoft XBox, other gaming consoles, and PDAs in the name of forensic science than anyone else in the world. But then, it's his job as the digital forensics expert at Sam Houston State University.

According to Collins, criminals often hide illicit data on the XBox in the hope that a gaming console will not be seen as a likely evidence target, especially when conventional personal computers are also present in the same premises.

For all of us, cell phones, smart phones, PDAs, game consoles and other devices now provide a convenient means to store lots of digital information, such as images, video, audio, program and text files. But that's something that criminals also have been fast to recognize. Such devices like the XBox also proved a simple way for criminals to possess and hide illegal material.

Collins has now developed a forensic toolkit that allows police and other investigators the chance to lay bare the contents of XBox hard disks.

Collins' XFT utility, as he calls it, can mount an image of the FATX file system used by the XBox, allowing the user to explore in detail the directory structure. Collins points out that unlike the standard FAT32, NTFS, and similar systems used by the hard disks in personal computers, there is little documentation on the proprietary FATX system. However, it is possible nevertheless to acquire an image of a FATX hard disk and to mount it on another device.

"Once the XBox file system is mounted, the analyst can use shell commands to browse the directory tree, open files, view files in hex editor mode, list the contents of the current directory in short or long mode and expand the current directory to list all associated subdirectories and files," explained Collins in a university news statement.

He adds that his XFT can also record investigative sessions for playback in a court of law, important from a legal perspective. This protects the defendant from falsified evidence as well as providing more solid presentation of evidence for the prosecution.

Collins plans to develop the toolkit software further, turning it into a fully functional forensic operating system that can be packaged as both a bootable operating system from a hard disk and a "live" bootable compact disk. a explains how future work on XFT will involve making the into

"This implementation will be open source, designed from the ground up as a forensic operating system," said Collins in his statement. "This will remove any and all proprietary operating system dependencies, making the forensic process as transparent as possible."

Photo of XBox 360 Elite by Jamie McCall. CC Attribution-No Derivative Works 2.0 Generic

 


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
Best Practice Guide for Cloud and As-A-Service Procurements
While technology service options for government continue to evolve, procurement processes and policies have remained firmly rooted in practices that are no longer effective. This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes.
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
View All

Featured Papers