dfm covers
 
 

In This Issue

Written by DFMag


Issue 14 - Out now!

Here's a quick review of some of the main articles within Issue 14


Issue 14 of Digital Forensics Magazine brings new techniques and ideas to the industry. Subscribe today to ensure you get digital access, or if you want, subscribe to the print edition. Find out more at our subscriptions pages.

Here's just a few of the fantastic articles inside Issue 14...


The Criminal Connection
The past decade has seen a complete transformation in human communications. The notion of carrying around a handset to connect you to people on the other side of the world would have been dismissed as ridiculous 100 years ago. But nowadays people rely on mobile phones to communicate.

The ever-increasing media that is available poses a number of problems for investigators who have to deal with criminals that are using their mobiles to mastermind operations and carry out illegal activities. The ‘mobile explosion’ that has occurred over the last decade has meant that investigators have had to keep up with the advances in technology to stay one step ahead of the tech-savvy criminal.


CUDA & GPU For Security & Forensics
This article must hold the world record for the longest time taken to write. Let me explain, in 2008, flushed with success; I had just designed/innovated a cyber security probe that had been incredibly successful. It had out performed anything on the market at that time because it used special custom hardware in conjunction with a normal Intel based CPU, the special sauce in this combination was a cooperative processing model where the Pentium CPU worked in parallel with the FPGA custom hardware. The CPU instructed the FPGA to make certain calculations and apply certain fi lters not statically according to some arcane policy but dynamically as processing continued. I won’t be as bold to suggest it was AI, it certainly wasn’t but it could do very necessary things that other products still struggle to do.


Fuzzing Risks for Rich HTML Applications
A recent research project showed that it was possible to shift money from bank accounts to multiple others in other banks by simply tampering the form scanner parameters on one account. The exploitation demonstrated the vulnerability of online banking sites when rich html applications are used to enhance the customer experience and insuffi cient care is taken to harden the site. The attack is commonly known as a cross-site scripting (XSS) attack and relies on session hijacking between the client side technologies and the server side services. The break is exploited in various ways to change the instructions and to circumvent a number of security features including one-time passwords (OTP).


Blackberry File Deletion and Thumbnail Caches
BlackBerry devices are not typically welcome arrivals within a forensic lab; their robust security often making examination difficult. In this article we will look at some interesting aspects of the FAT implementation used in BlackBerry devices, and how thumbnail caches can provide a valuable source of evidence.


In situations where access to data within a BlackBerry handset itself is not immediately available (for example, due to an active device password), the recovery of live and deleted data from the memory card becomes even more important. There is nothing too surprising about how Research In Motion (or RIM as the BlackBerry manufacturer is more commonly referred to) has provided removable storage within modern BlackBerry handsets. A microSD card is used, formatted using Microsoft’s FAT fi le system; a solution which is ubiquitous within the industry due to the widespread compatibility of FAT. Naturally the first step is to create (and hash) a forensic image of the card such that analysis and evidence recovery can take place.


Tarantula Uncovered
In the May/June 2012 issue of Digital Forensics, we discussed the inherent challenges posed by Chinese mobile device chipsets to forensic professionals. We also introduced Tarantula, an advanced mobile forensics system, including hardware and software, which is specifi cally designed to analyse devices with these chips. In this article, we take a closer look at Tarantula and explain the analysis process. We will also present some features of Tarantula’s latest release.


Phones with Chinese chips inside of them have traditionally been known as “white-box” phones or clone phones, but the world of “Chinese phones” is changing rapidly, no longer being defi ned by white-box phones. Currently, 30% of cell phones worldwide are based on chipsets designed and manufactured in China. Western manufacturers such as Motorola are using Chinese chipsets in their phones as a way to cut costs and serve the lower end of the market. Manufacturers like Lenovo are now producing Android phones based on Chinese chipsets, which is a giant evolutionary leap in the industry. This trend is expected to increase to over 50% going forward into 2012 and beyond, as Chinese mobile device production topped 800 million units in China in 2011 with half of those devices being exported internationally.



Plus all the regular features, news, Robservations, our legal section and Apple Autopsy...


Login to read online or Subscribe today!



 
 

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Cyber Attack, Cyber Crime, Cyber Warfare - Cyber Complacency

Mark Osbourne's latest book covers all things Cyber. All proceeds from the book go to charity.

Meet the Authors

Mark Osborne

Mark Osborne is the author of 'How To Cheat at Managing Information Security'

 

Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 19 on sale from May 2014:


Big Data
Andrew Pimlott and his team at EY take a look at Big Bata risk, the creation of compliance data analytics dashboards, predictability fraud models that help predict fraud, cybercrime analytics and financial services analytics. Read More »

The Roboto Project
Jonathan Rajewski continues his look at Google Glass and the Forensic Analysis of this exciting new technology. The potential uses for this technology are significant and as such will have a plethora of artefacts for potential evidential purposes. Read More »

Subscribe today


Dental Biometrics
Aqsa Ajaz takes a look at Dental biometrics and investigates how it is is used in forensic odontology to identify individuals based on their dental characteristics. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue