Belkasoft Evidence Center Reads Cleared Skype Logs, Deleted iPhone Messages, Analyzes Destroyed SQLite Records
St. Petersburg, Russia (PRWEB) October 09, 2013 -- Belkasoft updates its flagship computer forensic product, Belkasoft Evidence Center 2013. The new release adds fully native SQLite processing, allowing investigators analyzing destroyed SQLite databases and accessing deleted records. With many Windows, Mac OS X, iOS and Android applications including all recent versions of Skype using SQLite format to keep communication history logs, the ability to recover deleted records from cleared SQLite databases becomes essential for any investigation involving the analysis of suspects’ online activities.
Recovering Deleted Skype Histories and iPhone Messages
All recent versions of Skype going several years back use a database in SQLite to keep their history. Skype history logs contain essential information about the user’s communications. Skype logs keep information on date and time of each conversation, message content, as well as nicknames and IP addresses of remote parties. When investigating online crime, results of Skype log analysis may become important evidence.
Suspects routinely delete their conversation histories by clearing Skype logs. However, for performance reasons, SQLite does not wipe or erase records immediately. Deleted records end up in a special area, the so-called ‘freelist’. Freelists may contain records that were deleted a long time ago. Analyzing freelists gives investigators another chance to recover essential evidence.
In Apple iOS, most applications including system tools are producing log files in SQLite format. Call logs, address books, as well as the content of all text messages (SMS and iMessage services) are kept in various SQLite databases. The latest release of Belkasoft Evidence Center can restore deleted messages, contacts and call entries from existing and deleted database files.
With newly added native SQLite processing with freelist support, Belkasoft Evidence Center 2013 is able to retrieve deleted records from the freelist area, restoring evidence from cleared log files.
Native SQLite Processing Enables Access to Deleted Database Records
Belkasoft Evidence Center 2013 now uses fully native code to parse the content of SQLite databases.
The components were developed from the scratch specifically for digital forensic purposes. Commonly available SQLite libraries are optimized for high performance under heavy load. In comparison, Belkasoft native components are optimized for in-depth comprehensive analysis of SQLite databases, specifically targeting databases that the suspect attempted to destroy. Targeting corrupted, badly damaged or incomplete SQLite databases, Belkasoft Evidence Center 2013 allows investigators extracting more valuable evidence out of log and history files produced by many popular applications.
About Belkasoft Evidence Center 2013
Belkasoft Evidence Center is the company’s flagship computer forensic tool enabling security experts and forensic specialists collect and analyze more digital evidence than ever. Belkasoft Evidence Center can automatically locate, process and analyze Office documents, mobile device backups, system and registry files, Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos, a variety of history and log files. Low-level access to hard disk and system structures means that even data that’s been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux and Mac OS X file systems and natively mounting images created in EnCase, DD and SMART formats without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.
Pricing and Availability
Belkasoft Evidence Center 2013 is available immediately. Pricing for Forensic IM Analyzer edition starts from $499.95, the Professional edition is available from $799.95, while the Ultimate edition sells for $1099.95.
About Belkasoft
Founded in 2002, Belkasoft is a computer forensic software manufacturer. Belkasoft products back the company’s "Forensics made easier" slogan, offering IT security experts and forensic investigators solutions that work right out of the box, without requiring a steep learning curve or any specific skills to operate.
Belkasoft Evidence Center 2013 is a world renowned tool used by thousands of customers for conducting forensic investigations, as well as for law enforcement, intelligence and corporate security applications. Belkasoft customers include government and private organizations in more than 40 countries, including the FBI, US Army, DHS, police departments in Germany, Norway, Australia and New Zealand, PricewaterhouseCoopers, and Ernst & Young.
More information about the company and its products at http://belkasoft.com
# # #
Information on Belkasoft Evidence Center as well as the free demo download are available at http://forensic.belkasoft.com/
The complete list of additions and enhancements in version 5.4 is available at http://forensic.belkasoft.com/en/bec/en/Whats_New_In_Version_5.4
Yuri Gubanov, Belkasoft, http://belkasoft.com, +7 8129211201, [email protected]
Share this article