Difference between pages "File Systems" and "Cell phones"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Conventional File Systems)
 
(Tools)
 
Line 1: Line 1:
= Conventional File Systems =
+
'''Cell phones''' or '''mobile phones''' are an important target for [[forensic investigator]]s.
  
; [[ext2]], [[ext3]]
+
== Technologies ==
: ext2 was introduced with [[Linux]]. ext3 is a journaled version of ext2 which allows for speedy disk recovery after a crash.
+
 +
* [[CDMA]]
 +
* [[TDMA]]
 +
* [[GSM]]
 +
* [[iDEN]]
 +
* [[EDGE]]
 +
* [[GPRS]]
  
; [[FAT]]
+
== Hardware ==
: Originally used by [[MS-DOS]]. Includes [[FAT12]] (for floppy disks), [[FAT16]] and [[FAT32]].
+
  
; [[ffs]]
+
* [[RIM BlackBerry]]
: The '''Fast File System''' used by some BSD versions of [[UNIX]] and from which [[UFS]] was derived supporting faster disk access and [[symbolic link]]s like ffs.
+
* [[T-Mobile Sidekick  ]]
 +
* [[SIM Cards]]
  
; [[HFS]]
+
== Operating Systems ==
: Used by [[Apple]] systems, it has been succeed by [[HFS Plus|HFS+]].
+
  
; [[JFS]]
+
* [[Microsoft PocketPC]]
: IBM's Journaled File System introduced with their flavor of UNIX (AIX)
+
* [[Microsoft Windows Mobile]]
 +
* [[Palm]]
 +
* [[RIM BlackBerry]]
 +
* [[Symbian]]
 +
* [[Linux]]
  
; [[NTFS]]
+
== Forensics ==
: The '''New Technology File System''', introduced by [[Microsoft]] with [[Windows NT]] 4.0. Now used on [[Windows XP]].
+
  
; [[reiserfs]]
+
'''Procedures'''
: A journaling filesystem for Linux.
+
  
; [[UFS]]
+
* [[Cell Phone Forensics]]
: The '''Unix File System''', introduced with [[UNIX]].
+
* [[SIM Card Forensics]]
 +
* [[External Memory Card Forensics]]
  
; [[XFS]]
+
== Tools ==
: [[SGI]]’s high performance journaling filesystem that originated on their [[IRIX]] (flavor of [[UNIX]]) platform. XFS supports variable blocking sizes, is extent based, and makes extensive use of [[Btree]]s to facilitate both performance and scalability. Additionally, support is also provided for real-time environments.
+
  
= Cryptographic File Systems =
+
'''Hardware'''
 +
* [[ Azimuth RadioProof™ Enclosures]]
 +
* [[Radio Frequency (RF) Jammers]]
 +
* [[Network Security Solutions Secure Tents]]
 +
* [[Network Security Solutions Seizure Bags for Cell Phones/PDAs/Laptops]]
 +
* [[Paraben StrongHold Bag]]
 +
* [[Paraben StrongHold Tent]]
  
'''Cryptographic file systems''' encrypt information before it is stored on the media. Some of these file systems store encrypted files directly. Others are better thought of as device drivers, which are then used to store some of the file systems discussed above.
+
'''Software'''
 
+
* [[BitPIM]]
; [[File Vault]]
+
* [[DataPilot Secure View]]
: A clever user interface to [[Apple]]'s encrypted disk images. Uses the ".sparseimage" extension on disk files.
+
* [[FloAt's Mobile Agent]]
 
+
* [[ForensicMobile]]
; [[CFS]]
+
* [[ForensicSIM]]
: Matt Blaze's '''Cryptographic File System''' for [[Unix]].
+
* [[LogiCube CellDEK]]
: http://www.crypto.com/papers/cfskey.pdf Key Management in an Encrypting File System], Matt Blaze, USENIX Summer 1994 Technical Conference, Boston, MA, June 1994.
+
* [[MicroSystemation .XRY]]
: http://www.crypto.com/papers/cfs.pdf A Cryptographic File System for Unix], Matt Blaze, Proceedings of the First ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993.
+
* [[MOBILedit!]]
 
+
* [[Oxygen PM II]]
; [[NCryptfs]]
+
* [[Paraben Device Seizure]]
: http://www.fsl.cs.sunysb.edu/docs/ncryptfs/ncryptfs.pdf NCryptfs: A Secure and Convenient Cryptographic File System], Charles P. Wright, Michael C. Martino, and Erez Zadok, Stony Brook University ,USENIX 2003 Annual Technical Conference.
+
* [[Paraben SIM Seizure]]
 
+
* [[Phone-Forensics.com CLiVE]]
; [[TCFS]]
+
* [[Quantaq USIMdetective]]
: '''Transparent Cryptographic File System'''.
+
* [[Quantaq USIMcommander]]
: http://www.tcfs.it/
+
* [[Quantaq USIMdetective]]
: http://www.tcfs.it/docs/tcfs.ps
+
* [[Quantaq USIMexplorer]]
 
+
* [[Quantaq USIMprofiler]]
; [[SFS]]
+
* [[Quantaq USIMregistrar]]
: '''Secure File System'''.
+
* [[SIMCon]]
: http://atrey.karlin.mff.cuni.cz/~rebel/sfs/
+
* [[TULP2G]]
 
+
See also [[Full Disk Encryption]], which are disk- or applicance-based cryptographic file systems.
+
 
+
= External Links =
+
 
+
* http://en.wikipedia.org/wiki/File_system
+
* http://en.wikipedia.org/wiki/List_of_file_systems
+
* http://en.wikipedia.org/wiki/Comparison_of_file_systems
+

Revision as of 22:45, 9 October 2006

Cell phones or mobile phones are an important target for forensic investigators.

Technologies

Hardware

Operating Systems

Forensics

Procedures

Tools

Hardware

Software