Difference between pages "Oxygen PM II" and "Mac OS X"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
m ({{Wikify}})
 
(External Links)
 
Line 1: Line 1:
{{Wikify}}
+
{{Expand}}
  
===Oxygen Phone Manager II for Symbian OS Smartphones===
+
Apple Inc.'s Macintosh OS X (pronounced "'''OS Ten'''") is the operating system distributed with Apple computers. It includes heavily used several programs by default, including [[Apple Mail]], a web browser called [[Apple Safari | Safari]], and an [[Apple Address Book]], and [[iCal]].
  
Oxygen Phone Manager II for Symbian OS smartphones v2.7.6 is an extended forensic mode of data access which is compatible with Windows and supports a wide range of phone-connectivity options, including Bluetooth. While users gain total access to the content of Symbian-powered phones, they leave data untouched with no noticeable changes.
+
== Quarantine event database ==
 +
See [http://menial.co.uk/blog/2011/06/16/mac-quarantine-event-database/]
  
The program reads the content of a phone and stores it as an image on the hard drive. This relieves users from running synchronization and ensures faster data access with more efficient processing. Oxygen Phone Manager II consists of options to access and edit contacts, calendar items, to-do tasks, messages and multimedia content. The data can also be exported to other standard applications, such as MS Outlook and Address Book etc. The image saved to the hard drive also serves as a backup copy. It protects you against accidental loss of valuable forensic evidence. It ensures fast migration between phones of different models and producers. At the same time, Oxygen Phone Manager II allows a full-scale interactive access to phone content. You can use PC to edit and send out messages, create or import contacts, access and modify multimedia content. The program is a go-between that immediately translates content changes between two operating systems. They can access contacts, calendar, to-dos and the gallery from a tree of expandable folders. There is a details panel in the phone browser that shows the file size and other attributes. It also shows the overall size and number of images, melodies and video clips, and their drive in which they are present (local, flash card or ROM).  
+
Snow Leopard and earlier
 +
<pre>
 +
/Users/$USER/Library/Preferences/com.apple.LaunchServices.QuarantineEvents
 +
</pre>
  
Separate windows show contacts, calendar items and to-dos. The fields accessible from menus and submenus in Symbian media appear in one grid and are easy to revise. It has an Outlook-style interface provides access to Unicode SMS, MMS, e-mail and other messages. It offers many options that you have in an email service such as file attachment support, a reply with the original message included, a one-click attachment playback, and others.
+
<pre>
 +
SELECT datetime(LSQuarantineTimeStamp + 978307200, "unixepoch") as LSQuarantineTimeStamp, LSQuarantineAgentName, LSQuarantineOriginURLString, LSQuarantineDataURLString from LSQuarantineEvent;
 +
</pre>
  
Oxygen Phone Manager II Forensic Edition Features at a Glance –
+
Lion and later
+
<pre>
* No data can be loaded into the program
+
/Users/$USER/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2
* No changes can be written to the phone
+
</pre>
* Support for Symbian-powered smartphones (Nokia, Sony Ericsson, Motorola, BenQ, Panasonic, Vodafone, etc.)
+
* Support for cable and wireless connectivity (IrDA, Bluetooth)
+
* Interactive access to contacts, calendar items, to-dos, messages, and multimedia content
+
* Ability to save phone contents to a hard drive and flash drives
+
* Support for Unicode SMS, MMS, e-mail, BIO and other message formats
+
* Ad-hoc data editing in separate edit windows
+
* Data export and import capabilities to PST, WAB, CSV, XML and other formats
+
* Support for RNG, MID, WAV, AMR, AWB, MP3, AU, and XMF multimedia formats
+
* Contact editing from both phonebook and vCard window
+
* Easy management of meetings, reminders, anniversary, and other calendar items
+
* Add-ons for Arabic, Croatian, Dutch, French, German, Hungarian, Italian, Polish, Russian, Slovak, Spanish, Turkish languages
+
  
===Oxygen Phone Manager II for Nokia, Samsung, Mobiado Cell Phones===
+
== Package Files (.PKG) ==
 +
Package Files (.PKG) are XAR archives [http://en.wikipedia.org/wiki/Xar_(archiver)] that contain a cpio archive and metadata [http://s.sudre.free.fr/Stuff/Ivanhoe/FLAT.html].
  
===Links===
+
== Also see ==
[http://www.opm-2.com/Forensic/ Oxygen Phone Manager II Forensic Edition]
+
* [[MacOS Process Monitoring]]
 +
* [[Acquiring a MacOS System with Target Disk Mode]]
 +
 
 +
== External Links ==
 +
 
 +
* [http://www.apple.com/macosx/ Official website]
 +
* [http://en.wikipedia.org/wiki/OS_X Wikipedia entry on OS X]
 +
* [http://menial.co.uk/blog/2011/06/16/mac-quarantine-event-database/ Quarantine event database]
 +
* [http://www2.tech.purdue.edu/cit/Courses/cit556/readings/MacForensicsCraiger.pdf Mac Forensics: Mac OS X and the HFS+ File System]
 +
 
 +
=== Apple Examiner ===
 +
* [http://www.appleexaminer.com/ The Apple Examiner]
 +
* [http://www.appleexaminer.com/MacsAndOS/Analysis/USBOSX/USBOSX.html USB Entries on OS X]
 +
* [http://www.appleexaminer.com/Downloads/MacForensics.pdf Macintosh Forensics - A Guide for the Forensically Sound Examination of a Macintosh Computer] by Ryan R. Kubasiak
 +
 
 +
[[Category:Mac OS X]]
 +
[[Category:Operating systems]]

Revision as of 13:33, 20 June 2012

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

Apple Inc.'s Macintosh OS X (pronounced "OS Ten") is the operating system distributed with Apple computers. It includes heavily used several programs by default, including Apple Mail, a web browser called Safari, and an Apple Address Book, and iCal.

Contents

Quarantine event database

See [1]

Snow Leopard and earlier 

/Users/$USER/Library/Preferences/com.apple.LaunchServices.QuarantineEvents

SELECT datetime(LSQuarantineTimeStamp + 978307200, "unixepoch") as LSQuarantineTimeStamp, LSQuarantineAgentName, LSQuarantineOriginURLString, LSQuarantineDataURLString from LSQuarantineEvent;

Lion and later 

/Users/$USER/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2

Package Files (.PKG)

Package Files (.PKG) are XAR archives [2] that contain a cpio archive and metadata [3].

Also see

External Links

Apple Examiner

Retrieved from "http://www.forensicswiki.org/w/index.php?title=Oxygen_PM_II&oldid=6444"
Personal tools
Namespaces

Variants
Actions
Navigation:
About forensicswiki.org:
Toolbox