This is a Technikon podcast.

This is a Technikon podcast.

Our mobile phones have become devices that we carry everywhere and which contain some of our most important data. Knowing this, the manufacturers of these devices have guaranteed an extraordinary level of security. As you can imagine, this is a real benefit to the users of such devices. But there are times when locked data has to be legitimately extracted, and there's no help from the people who designed these hardware and software entanglements. I'm Peter Balint from Technikon, and today we continue our in-depth look at the EXFILES project. This European 2020 endeavor focuses on these cases where law enforcement officials need to extract data from mobile telephones to conduct an investigation, and for the record, they're pretty much on their own. That's why EXFILES is so important. In EXFILES federal government, local law enforcement and intelligence agencies, as well as cybersecurity experts, come together to create methods and tools to collect the evidence they need from locked devices. Today, we speak with Nicholas from the National Forensic Lab for the French Gendarmerie. Let's have a listen. Welcome, Nicholas, and thanks for coming on today.

Our mobile phones have become devices that we carry everywhere and which contain some of our most important data. Knowing this, the manufacturers of these devices have guaranteed an extraordinary level of security. As you can imagine, this is a real benefit to the users of such devices. But there are times when locked data has to be legitimately extracted, and there's no help from the people who designed these hardware and software entanglements. I'm Peter Balint from Technikon, and today we continue our in-depth look at the EXFILES project. This European 2020 endeavor focuses on these cases where law enforcement officials need to extract data from mobile telephones to conduct an investigation, and for the record, they're pretty much on their own. That's why EXFILES is so important. In EXFILES federal government, local law enforcement and intelligence agencies, as well as cybersecurity experts, come together to create methods and tools to collect the evidence they need from locked devices. Today, we speak with Nicholas from the National Forensic Lab for the French Gendarmerie. Let's have a listen. Welcome, Nicholas, and thanks for coming on today.

Yes, thank you to host this podcast.

Yes, thank you to host this podcast.

My pleasure. The first and presumably most obvious question is why can't the phone manufacturers help with the decryption in these extreme cases?

My pleasure. The first and presumably most obvious question is why can't the phone manufacturers help with the decryption in these extreme cases?

In my opinion, they could help , but they don't want to. It is in their best interest to show that they don't collaborate with law enforcement agencies. If we think about it for a few minutes, I think it's almost like a free advertising, like if they say we manufacture value your privacy more than helping the police.

In my opinion, they could help , but they don't want to. It is in their best interest to show that they don't collaborate with law enforcement agencies. If we think about it for a few minutes, I think it's almost like a free advertising, like if they say we manufacture value your privacy more than helping the police.

OK, so you're saying this is almost like a selling point, maybe that, you know, we honor your security. And for us, this is of the highest importance.

OK, so you're saying this is almost like a selling point, maybe that, you know, we honor your security. And for us, this is of the highest importance.

Yeah, I think that's their line of defense. If i may say so.

Yeah, I think that's their line of defense. If i may say so.

OK. Well, that seems that seems fair. And I I think there's some truth to that. And in EXFILES, as I mentioned in the introduction, yeah, it's about getting data off of phones which have been locked. And this, of course, is a very technological process. And what what I wonder about is what about changes in security? I mean, what happens when you've expended a considerable amount of time to circumvent current security measures and then new measures are implemented? Is it like starting over again?

OK. Well, that seems that seems fair. And I I think there's some truth to that. And in EXFILES, as I mentioned in the introduction, yeah, it's about getting data off of phones which have been locked. And this, of course, is a very technological process. And what what I wonder about is what about changes in security? I mean, what happens when you've expended a considerable amount of time to circumvent current security measures and then new measures are implemented? Is it like starting over again?

Yeah, it's a real issue for us, but luckily, most of the time we don't have to restart all of our work. We just have to adjust our solution in order to deal with the new security measures. But yeah, on the other end, unfortunately, sometimes we do have to start all over, and I admit it's a bit disappointing.

Yeah, it's a real issue for us, but luckily, most of the time we don't have to restart all of our work. We just have to adjust our solution in order to deal with the new security measures. But yeah, on the other end, unfortunately, sometimes we do have to start all over, and I admit it's a bit disappointing.

And I would imagine also that you really have no idea when changes are coming. Is that is that fair to say?

And I would imagine also that you really have no idea when changes are coming. Is that is that fair to say?

Yeah, we don't have any idea like all the consumer, we see the differences using the devices.

Yeah, we don't have any idea like all the consumer, we see the differences using the devices.

So in looking at the EXFILES project, a big focus is not only addressing what to do now, but how to prepare the next generation of forensic evidence gatherers. What efforts are being made in EXFILES so that you could see this through?

So in looking at the EXFILES project, a big focus is not only addressing what to do now, but how to prepare the next generation of forensic evidence gatherers. What efforts are being made in EXFILES so that you could see this through?

Yeah, so one of the main points of this project is to distribute the knowledge and the tool development. We even have a work package dedicated to that -6- if I'm correct. Its objective is to train forensics examiners with the tools resulting of the project, and those examiners will come from the country involved on the project, but also from other European countries not involved originally.

Yeah, so one of the main points of this project is to distribute the knowledge and the tool development. We even have a work package dedicated to that -6- if I'm correct. Its objective is to train forensics examiners with the tools resulting of the project, and those examiners will come from the country involved on the project, but also from other European countries not involved originally.

OK, so this is actually a really good way to ensure that what you're doing today is really helpful for future generations.

OK, so this is actually a really good way to ensure that what you're doing today is really helpful for future generations.

Yeah, I truly think so.

Yeah, I truly think so.

Now, EXFILES, this is a unique project, which I'm sure has certainly encountered some unique challenges. Can you speak to some of these challenges or hurdles that you've had to overcome so far in EXFILES?

Now, EXFILES, this is a unique project, which I'm sure has certainly encountered some unique challenges. Can you speak to some of these challenges or hurdles that you've had to overcome so far in EXFILES?

In my opinion, the biggest challenge until now is the sanitary situation. In fact, due to COVID, we were not able to get there physically, and it's quite challenging to work and exchange results without physical meeting. But like all of the European citizens, we have to deal with this situation by gathering online via meetups, or confcalls .

In my opinion, the biggest challenge until now is the sanitary situation. In fact, due to COVID, we were not able to get there physically, and it's quite challenging to work and exchange results without physical meeting. But like all of the European citizens, we have to deal with this situation by gathering online via meetups, or confcalls .

And I guess that's all you could do at this point until you can actually get back to face to face contact, which I would imagine in EXFILES, this is really an important component of the project. Is this collaboration this face to face this lab work environment?

And I guess that's all you could do at this point until you can actually get back to face to face contact, which I would imagine in EXFILES, this is really an important component of the project. Is this collaboration this face to face this lab work environment?

Yes, we truly hope that the sanitary situation will change and that we could organize physical meetings with face to face work, particularly on the hardware aspect of the project.

Yes, we truly hope that the sanitary situation will change and that we could organize physical meetings with face to face work, particularly on the hardware aspect of the project.

Exactly. And this EXFILES consortium, this is a special group of people because it's composed of so many different kinds of individuals or concerns and what what fields are represented here?

Exactly. And this EXFILES consortium, this is a special group of people because it's composed of so many different kinds of individuals or concerns and what what fields are represented here?

Yes, there are a lot of different fields involved in the project and in fact, we truly believes that is one of her best assets. For example, we have law enforcement agencies, both local and national intelligence services, as well as cybersecurity experts and even academics researchers. So I think with this kind of different people, we are able to cover most of the of the aspects that we have to deal with.

Yes, there are a lot of different fields involved in the project and in fact, we truly believes that is one of her best assets. For example, we have law enforcement agencies, both local and national intelligence services, as well as cybersecurity experts and even academics researchers. So I think with this kind of different people, we are able to cover most of the of the aspects that we have to deal with.

And when I look at a project, I like to look at it and in the framework of how will this impact the general citizen in the EU? So let's look at EXFILES . I mean, what kind of benefit do you think this project could have on the average person here in Europe?

And when I look at a project, I like to look at it and in the framework of how will this impact the general citizen in the EU? So let's look at EXFILES . I mean, what kind of benefit do you think this project could have on the average person here in Europe?

I think that this project will enhance the capabilities of law enforcement agencies to deal with encrypted phones. Therefore, it should be easier to fight against drug traffic and criminal activities in general. So in my opinion, it's in the best interest of the general public in the EU.

I think that this project will enhance the capabilities of law enforcement agencies to deal with encrypted phones. Therefore, it should be easier to fight against drug traffic and criminal activities in general. So in my opinion, it's in the best interest of the general public in the EU.

OK, and it sounds like this just goes to sort of overall security, especially in the computer and the cybersecurity field.

OK, and it sounds like this just goes to sort of overall security, especially in the computer and the cybersecurity field.

Yeah.

Yeah.

So in EXFILES, you represent a law enforcement agency, so what is the role of your organization within EXFILES, specifically,

So in EXFILES, you represent a law enforcement agency, so what is the role of your organization within EXFILES, specifically,

The role of the french gendarmerie's cyberspace commands on this project is we work on the reverse engineering part and both on hardware and software approach. And as a member of a law enforcement agency, we are on the general meetings trying to discuss what target we'll have to deal with in order to enhance our capabilities in the best way possible for the general public.

The role of the french gendarmerie's cyberspace commands on this project is we work on the reverse engineering part and both on hardware and software approach. And as a member of a law enforcement agency, we are on the general meetings trying to discuss what target we'll have to deal with in order to enhance our capabilities in the best way possible for the general public.

So it sounds like this is this is a big job to be done, but it also sounds like there are a lot of resources that have been dedicated to getting this done. So thank you for sharing a little bit about your side of EXFILES today, and we wish you much success in the future of the project.

So it sounds like this is this is a big job to be done, but it also sounds like there are a lot of resources that have been dedicated to getting this done. So thank you for sharing a little bit about your side of EXFILES today, and we wish you much success in the future of the project.

Yeah, thank you.

Yeah, thank you.

For more information about EXFILES, go to exfiles.eu . This podcast has been brought to you by Technikon. The EXFILES project has received funding from the European Union's Horizon H2020 research and innovation program under grant agreement number 883156 .

For more information about EXFILES, go to exfiles.eu . This podcast has been brought to you by Technikon. The EXFILES project has received funding from the European Union's Horizon H2020 research and innovation program under grant agreement number 883156 .