In this issue
Issue 10 - Out now!
Here's a quick review of some of the main articles within Issue 10
If you have anything to do with digital forensics, issue 10 is
something that you will want. Subscribe today to ensure you get digital
access, or if you want, subscribe to the print edition. Find out more at
our subscriptions pages.
Here's just a few of the things inside issue 10...
Potential legal hurdles in mobile phone forensics
In this Intermediate level article, the team take a look at the
legal hurdles when investigating mobile devices, written by Scott
Zimmerman.
As the capabilities of mobile phones have improved, the niche of mobile phone forensics has grown to become a legitimately discrete industry. This was a necessity: mobile phones are similar to desktop and laptop computers in a number of ways, they have CPUs, RAM, local data storage, and connectivity; but they differ enough that traditional forensics tools for PCs are no longer suitable. As with many new industries, the field is subject to a mix of old rules, new rules, and grey areas in which not all of the rules have been established. Topics like evidentiary requirements and evidence handling, for example, will remain largely the same but the technical nuances are impressively different. In issue 10 we’re going to look at two areas that are a mix of old, new, and grey.
Mobile Phone Challenges
The Nokia 5110, released in 1998, became one of the first mobile
phones supporting data exchange with a computer. Rather than using a
standard AT+ protocol for the data exchange it offered a special Nokia
proprietary protocol. The device had no internal memory for storing user
data and allowed retrieval of a list of SIM contacts, SMS messages and a
call log. Extracting data from the phone could take less than a minute.
Modern devices equipped with 64 gigabytes of internal memory now pose
an entirely different challenge to forensic practitioners.
This intermediate level feature article is all about how the fast growth of number and variety of mobile phones demands new skills from the digital forensic examiner, by Oleg Davydov.
Circumventing & Cracking the Android 3Ps - Patterns, PINs and Passwords.
If you’ve even begun the journey into mobile device
forensics, you’ve already likely encountered the dreaded “lock screen”
on a device secured by a pattern, PIN or password. This article provides
background on how Android implements the lock screens and techniques
for circumventing
and cracking them. Like many forensic techniques, this information
could be used for nefarious purposes; however, our intentions are to
empower practitioners who use forensics for legal purposes. Andrew Hoog
& Thomas Cannon combined on this advanced level article.
Traceback
Unwanted spam mail slips through the best-prepared filters
to snare unwary recipients. Websites and servers are often bombed with
denial of service (DOS and DDOS) attacks leaving owners with costs and
damages. These scenarios beg the question: Why can’t we catch the
offenders? Often the attention goes to the security actions of filtering
email and preventing the impact of an attack, often at great cost to
the system services. The ability to trace back AND to collect evidence
is very much in the “too hard” basket. In part the Internet is seen as
open ended and extending beyond the reach of jurisdictional boundaries
with the implication that costs and complexities are prohibitive.
Perceptions also drive expectations that attack and fraud are inevitable
consequences of openness and the capability of global communications.
So what can be done? And what are the real barriers to holding offenders
to account? Find out in Issue 10.
Plus all the regular features, news, Robservations, our legal section and Apple Autopsy...
Login to read online or Subscribe today!