Easier is Better (by Paul W. Smith)
LMTV Sharkfest | Maximizing Security and Monitoring Investments in an Uncertain World (with Don Shin)

When did you give up? (by Casey Mullis)

How far did you go before you said “I quit!”? At what point do you call it quits? When you quit, did you obtain the goal you were looking for? When we give up or quit, who else are we letting down? If you think you are only letting yourself down, you are wrong. Who else depends on you to meet that goal or objective? So many things to ponder before saying “I quit!” or “I give up!”. Take the time to think about this before you surrender. You may find your solution is right around the corner. No one knows it all but many of us together know a lot. Each one of us is like a memory bank and can only store so much. So when we need more, we add more but as humans we let so many things stand in the way.

Images

Did you know the data you were asked to recover, was a cure for a disease or code that was going to change the world? Well maybe not the whole world but someone’s world. What if it were your data? What would you want done? In this case, it was a co-workers USB thumb drive. Not to down play it in anyway shape or form as the data may not have been a major case or code to a nuke; but it was her data and important to her.

So what to do? Does she give up after being told it was dead, No! She asked until she found a person who could give it a shot. This was a shot as we had to step outside the box to give it a shot. We did a write up on boxes and why we humans do not fit. So when we take it apart we can see a brown in color goo that does not belong.

20150530_134519-2-1

Through our knowledge, training, and experience; we know that a capacitor can do this but also it will just bubble the end when it goes bad like so…

Bulging_capacitors

So knowing what you are looking at helps to make a diagnosis or trouble shooting options. So now what? We need to do one of two things. Find a replacement capacitor at a local Radio Shack but they are all closing. Hobby shops? Nah too much trouble. What then? Let’s see if we have a same make and model USB drive that we do not care about. We can always rob Peter to pay Paul here. Just so happens we had the same make and model drive.

20150530_134519-3-1

Make note of what the good and the bad one looks like here as this is knowledge, training, and experience you get to refer back to later. You may be asked how you knew it was the capacitor and you can refer back to this article.

 

So now we have to take a soldering iron and remove the two capacitors from the boards. Get a magnifying glass so you can see what you are doing. We suggest the soldering kit from SparkFun “Hakko FX888D Soldering Station“. You will need a third hand as I learned with this data recovery project. No worries as SparkFun have you covered “Third Hand”. While you are getting your stuff ordered, you may as well get your Solder also. Make sure to keep your solder tip clean with “Solder Tip Tinner and Cleaner

1662-1

Now that you have everything you need to get the job done, don’t forget the chip off method as well. Not every case requires the chip off method as you see in this case. So we challenge each of you to research your case and make sure you truly need the method you are about to use. We mention the chip off method because it is a valuable method that should not be ignored.

As you see in the image above, the dead drive is now working with the red light on. Before we replaced the capacitor, it would not come on at all. See image below for what the USB looked like after the capacitor was replaced.

20150530_154059-1

We know it is not pretty and may not be the way some would do it. What we want to point out is no matter what it looks like, it worked. The job does not always need to be pretty; it just needs to get the job done.

Never give up, never surrender! All things are possible, maybe not in just one of us but many of us can achieve many things. When I was a child and I told my dad “I can’t!” he responded “Can’t never could do anything!” I never understood it as a child and always thought my dad was crazy. Now as a father myself, I completely understand what he was talking about.

Thank you for stopping by and we hope this helps someone out here to get the job done. Please let us know your thoughts and opinions as this will help us make things better next time.

 

Casey

Author - Emory Mullis has been in Law Enforcement for roughly 19 years including military and civilian law enforcement. He started learning about computers back when Gateway 266 MHz was the top of the line and cost about $2000.00.Right out the box, I was compelled to take my new found 266 apart. Why I have no idea other than pure curiosity. Once I had the computer out the box and on the floor in pieces, my wife walked in. Trust me people; this was not a good thing! Either way I got a good understanding at this point on how a computer is put together and / or the components inside. This was my starting point with computers and I still hear my wife in the back ground “It better work when you put it back together!” That was my humble beginnings as a Cyber Investigator. Now with many Cyber cases under my belt, I have learned that you must question, challenge and test almost daily to keep up with all the new tools, software, computers and cell phone formats to be able to forensically acquire evidence and it is a real challenge. I enjoy the challenge and look forward to learning more every day!

Comments