The following sections discuss techniques for bypassing an obstructed device, i.e., a mobile device that requires successful authentication using a password or some other means to obtain access to the device. Several ways exist to recover data from obstructed devices. These methods fall into one of three categories: software-based, hardware-based and investigative. Common obstructed devices include those with missing identity modules, PIN-enabled UICCs, or an enabled mobile device lock. Password locked, and encrypted memory cards provide a user with additional means to protect data. This protection may make the recovery of such data more complex. Content encryption capabilities are offered as a standard feature in many mobile devices or available through add-on applications. Software and hardware-based methods are often directed at a particular device or narrow class of device.
As mobile forensics tools have evolved, they have begun to provide automated functions allowing examiners to bypass many security mechanisms as a part of their products. For instance, some tools provide an automated function to recover passwords from locked mobile devices. In developing a method, the following sections provide actions to consider for determining possible approaches.