Difference between pages "Ovie Carroll" and "JTAG Forensics"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
 
Line 1: Line 1:
'[[File:OLC.jpg|200px|thumb|right|Ovie Carroll]]''Ovie Carroll''' is the Director for the Cybercrime Lab at the [[Department of Justice, Computer Crime and Intellectual Property Section]] (CCIPS). He also co-hosts the [[Cyberspeak podcast]] with [[Bret Padres]]. Mr. Carroll's career includes more than 27 years in law enforcement. Mr. Carroll is also a certified [[SANS]] Instructor and co-author of SANS [[Forensic 408-Windows in Depth]] course and has been an adjunct professor at [[George Washington University]] in the Masters of Forensic Science program.  He teaches Internet Investigations and Interview & Interrogation.
+
== Definition ==
 +
=== From Wikipedia ([http://en.wikipedia.org/wiki/Joint_Test_Action_Group http://en.wikipedia.org/wiki/Joint_Test_Action_Group ]): ===
  
Prior to joining the Department of Justice, Mr. Carroll was the Special Agent in Charge of the Computer Crimes Unit at the United States Postal Service, Office of Inspector General (OIG), responsible for all computer intrusion investigations within the USPS network infrastructure and for providing all computer forensic analysis in support of OIG investigations and audits as well as the deployment, installation and monitoring of technical computer surveillance equipment in support of criminal investigations.  
+
Joint Test Action Group (JTAG) is the common name for what was later standardized as the IEEE 1149.1 Standard Test Access Port and Boundary-Scan Architecture. It was initially devised for testing printed circuit boards using boundary scan and is still widely used for this application. Today JTAG is also widely used for IC debug ports. In the embedded processor market, essentially all modern processors support JTAG when they have enough pins. Embedded systems development relies on debuggers talking to chips with JTAG to perform operations like single stepping and breakpointing. Digital electronics products such as cell phones or a wireless access point generally have no other debug or test interfaces.
  
Mr. Carroll has also served as the Chief, Computer Investigations and Operations Branch, [[Air Force Office of Special Investigations]], Washington Field Office where he was responsible for coordinating all national level computer intrusions occurring within the United States Air Force.  He has extensive field experience applying his training to a broad variety of investigations and operations. 
+
=== Forensic Application ===
  
In addition to his career fighting computer crime, Mr. Carroll has led and assisted in the planning and conduct of counterintelligence inquiries, conducted investigations into a variety of offenses including murder, fraud, bribery, theft, gangs and narcotics.
+
JTAG forensics is an acquisition procedure which involves connecting to the Standard Test Access Port (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. Jtagging supported phones can be an extremely effective technique to extract a full physical image from devices that cannot be acquired by other means.
  
 +
== Tools and Equipment ==
  
[[Category:People]]
+
* [[JTAG and Chip-Off Tools and Equipment]]
 +
 
 +
== Procedures ==
 +
 
 +
* [[JTAG HTC Wildfire S]]
 +
* [[JTAG LG P930]]
 +
* [[JTAG Samsung Galaxy S4 (SGH-I337)]]

Revision as of 23:23, 17 August 2013

Definition

From Wikipedia (http://en.wikipedia.org/wiki/Joint_Test_Action_Group ):

Joint Test Action Group (JTAG) is the common name for what was later standardized as the IEEE 1149.1 Standard Test Access Port and Boundary-Scan Architecture. It was initially devised for testing printed circuit boards using boundary scan and is still widely used for this application. Today JTAG is also widely used for IC debug ports. In the embedded processor market, essentially all modern processors support JTAG when they have enough pins. Embedded systems development relies on debuggers talking to chips with JTAG to perform operations like single stepping and breakpointing. Digital electronics products such as cell phones or a wireless access point generally have no other debug or test interfaces.

Forensic Application

JTAG forensics is an acquisition procedure which involves connecting to the Standard Test Access Port (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. Jtagging supported phones can be an extremely effective technique to extract a full physical image from devices that cannot be acquired by other means.

Tools and Equipment

Procedures