Difference between pages "User:Helixgroup" and "Palm"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(some thoughts/comments on the updated outline)
 
 
Line 1: Line 1:
''The danger in using a wiki as a collaboration tool is that other people will edit it.
+
__TOC__
  
Information on cryptographic file system was moved to [[File Systems#Cryptographic File Systems]]
+
=Overview=
  
 +
A "Palm" is a commonly referred to as a small-scale (hand-held) computer that runs Palm's PalmOS software.
  
 +
The Palm OS platform is an open architecture that provides a basis for third-party developers and original equipment manufacturers (OEMs) to create mobile computing solutions. The platform consists of five components:<br><br>
 +
* The reference hardware design<br>
 +
* The device operating system called the Palm OS software<br>
 +
* The HotSync conduit data synchronization technology<br>
 +
* The platform component tools including an applications programming interface (API) that enables developers to write applications<br>
 +
* The software interface capabilities to support hardware add-ons<br>
  
=== Vendor's product overview: ===
+
(http://www.palm.com/us/company/pr/2000/092000.html, 2000)
Seagate FDE: http://www.seagate.com/docs/pdf/marketing/PO-Momentus-FDE.pdf
+
  
Network Appliance: http://www.netapp.com/ftp/decru-fileshredding.pdf
 
  
NetApps DataFort: http://www.decru.com/products/pdf/dsEseries.pdf
+
== History ==
  
Decru Lifetime Key Management: http://www.decru.com/products/ltkm.htm
+
Palm Computing was founded by Jeff Hawkins, Donna Dubinsky and Ed Colligan. The original purpose of the company was to create handwriting recognition software for other devices (Graffiti). The initial idea for the devices came from Hawkins' habit of carrying a block of wood in his pocket.
  
Decru Whitepaper: http://www.forensicswiki.org/images/6/6f/Securing_Storage_White_Paper.pdf
+
The initial Palm device released in 1996 was called the Pilot. Because Pilot Pen Corporation brought forth a trademark infrigement case, the second generation device released in 1997 was named the PalmPilot.
  
Price for Decru DataFort E510 1.6 for NAS: http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss346_art680,00.html
+
The Palm was not the original PDA device released, but benefited from the failure of Apple's Newton.
  
DecruDataFort E440: http://www.computerworld.com/hardwaretopics/storage/story/0,10801,78766,00.html
+
The Palm OS initially featured personal information management (PIM) tools such as Calendar, Contacts, Memo Pad, Expense and Tasks. As later versions were released, more features were added.  Here is a list of various Palm OS releases:
  
[[User:Lenageraghty|Lenageraghty]] 22:08, 7 November 2005 (EST)
+
*  Version 3.1, 3.3, 3.5
 +
Added support for color, multiple expansion ports, new processors, etc.
  
=== SAM Useful TCFS site: ===
+
*  Version 4.0
 +
Added a standard interface for external FS access
  
Transparent CryptoGraphical file system: http://www.tcfs.it/index.php?pc=2
+
*  Version 5.0
 +
First version to support Acorn Risc Machine (ARM) devices. Later versions which included OS 5.2, featured Graffiti 2. It began the separation of Palm OS and Palm One.
  
TCFS intro: http://www.linuxjournal.com/article/2174
+
Presently, version 6.1 of the Palm OS is under development (Cobalt).  Cobalt features a Linux-based kernel.  There are presently no devices released using Palm OS 6.
  
--[[User:Samlam|Samlam]] 19:56, 13 November 2005 (EST)
+
=Features=
 +
<table>
 +
<tr>
 +
<td>'''Address Book''': Allows the user to keep track of their contacts.  Synchronized via HotSync manager</td>
 +
</tr>
 +
<tr>
 +
<td>'''Calculator''': Basic 4 function calculator</td>
 +
</tr>
 +
<tr>
 +
<td>'''Datebook''': Track appointments, birthdates and other important times during the year.  Synchronized via HotSync manager</td>
 +
</tr>
 +
<tr>
 +
<td>'''Expenses''': Keep track of your spending habits.</td>
 +
</tr>
 +
<tr>
 +
<td>'''HotSync''': Application that ran on your desktop or portable PC or Mac to allow for calendars and contacts to easily be synchronized with Palm device.</td>
 +
</tr>
 +
<tr>
 +
<td>'''Memo Pad''': Write short notes.</td>
 +
</tr>
 +
<tr>
 +
<td>'''Note Pad''': Scribble notes in your natural writing language.</td>
 +
</tr>
 +
<tr>
 +
<td>'''To Do List''': Create a check list of items to accomplish.  Synchronized via HotSync manager.</td>
 +
</tr>
 +
<tr>
 +
<td>'''Palm Photos''': Photo manager that allows sharing of photos between multiple palm devices.</td>
 +
</tr>
 +
</table>
  
=== ERIC Seagate new offerings: ===
+
==Palm Pilot==
Full Disk Encryption: http://www.eweek.com/article2/0,1759,1825740,00.asp
+
  
Seagate product specification: http://www.seagate.com/content/docs/pdf/marketing/PO-Momentus-FDE.pdf
+
==3Com Audrey==
  
 +
The 3Com Audrey was created to be a kitchen computer in 2000-2001.  It was a mainly a used to access the Internet.  Cisco then bought out 3Com and the Audrey was no more.  One noticeable aspect of the Audrey is how people can hack it.  They have turned it into anything from a web server to a chatting client.  It runs QNX with PalmOS extensions.  This allows it to be hacked extremely easily.
  
[[User:Samlam|Samlam]] 12:10, 13 November 2005 (EST)
+
It runs on the Intel-compatible Cyrix-MediaGX processor. It uses Palm's HotSync technology to update the address book and date book with up to two Palms simultaneously.  It uses a USB Ethernet controller to connect to the Internet.  It also has built-in stereo speakers to play digital and streaming music.  You can either use the clear pen to input data, or pull out the wireless keyboard.  No graffiti is used. 
  
=== Cryptographcial File Systems: ===
+
It was discontinued on March 21, 2001However, there is still an Audrey frenzy going on today.
[[File Systems#Cryptographic File Systems]] Readings on crytographical file systems.
+
=== Some Questions / Notes from BJ===
+
I added to the existing outline belowWe only get 15 pages max, so we might have to limit ourselves to 2 pages (3 tops) per EFS, so there might be too many items for each EFS listed, but I think it would be good for us to be consistent and have the same items in each EFS.
+
  
I think we should start filling out what we can in the outline during this week, so that we can "refine as we go". 
+
==Fossil==
  
Please make sure and add your citations, also.  Do not worry about format; we will do that later; but make sure all the information is there.
+
==Garmin==
  
=== Suggestion of outline : ===
+
==Kyocera==
*Introduction (BJ)
+
**Definition of an Encrypting File System
+
**Purpose/Goal of an EFS
+
***Purpose: to add an additional layer of security, controlled by the user, over that user's data
+
***Goal: to allow users to feel confident the data placed in the EFS cannot be compromised.
+
**Overview of General Workings
+
***(description of common functionality and common processes to all or most EFS)
+
***You have data in memory, you want to save it to disk, you only want "authorized" people to see it; not even system administrators and/or backup operators
+
***You control access by "owning" the key
+
***Key is generated (somehow)
+
***There is overhead in the process of encrypting/decrypting (unavoidable)
+
**Overview of Common Usage
+
***Maybe some categories of users and what they are looking for:
+
***"business critical applications" like databases, etc. where business relies on data being available and secure
+
***"business users" like managers who want to secure employee reviews, HR people wanting to secure salary information, etc.
+
***"casual users" people who just want to make sure their data is secure.
+
**The currently available systems (market share?)
+
**Why we choose CFS TCFS and Network Applicances
+
*Study of 4 systems in depth, including why this system is selected for study.
+
**CFS (LENA)
+
***Overview
+
****When Developed
+
****Platform(s)
+
****Current Version
+
***Key Management
+
***Ease of Use for End Users
+
***Legal Issues
+
***Failure Modes
+
***Challenges in Installation/Use by System Administrator
+
***Performance
+
***Cost
+
***Conclusion (?? what would that be??)
+
**TCFS (SAM)
+
***Overview
+
****When Developed
+
****Platform(s)
+
****Current Version
+
***Key Management
+
***Ease of Use for End Users
+
***Legal Issues
+
***Failure Modes
+
***Challenges in Installation/Use by System Administrator
+
***Performance
+
***Cost
+
***Conclusion (?? what would that be??)
+
**Network Appliance DataForte and Seagate (ERIC)
+
***Overview
+
****When Developed
+
****Platform(s)
+
****Current Version
+
***Key Management
+
***Ease of Use for End Users
+
***Legal Issues
+
***Failure Modes
+
***Challenges in Installation/Use by System Administrator
+
***Performance
+
***Cost
+
***Conclusion (?? what would that be??)
+
**Windows EFS (BJ)
+
***Overview
+
****When Developed
+
****Platform(s)
+
****Current Version
+
***Key Management
+
***Ease of Use for End Users
+
***Legal Issues
+
***Failure Modes
+
***Challenges in Installation/Use by System Administrator
+
***Performance
+
***Cost
+
***Conclusion (?? what would that be??)
+
*Common Issues/Problems (ALL)
+
**Impact on computer forensics
+
**Impact on end-users (i.e. what if you are away on a business trip and you have to go to the hospital and all of your files are encrypted on your laptop?) (or even worse, what if you die and all your financial information is encrypted?)
+
**Impact on business owners (e.g. what if an employee quits and all that person's data files, contact info, etc. are encrypted)
+
*Future (ALL)
+
**What would be useful to add or remove
+
**How we would accomplish the changes we suggest
+
*Conclusion. (ALL)
+
  
[[User:Bjl170|Bjl170]] 20:23, 14 November 2005 (EST)
+
Kyocera acquired QUALCOMM Incorporated's Code Division Multiple Access (CDMA) wireless phone business in February 2000 and incorporates QUALCOMM's CDMA technology in the development and manufacture of wireless phones. An agreement with Palm Inc. to license the Palm OS platform was reached by Kyocera and Palm after QUALCOMM's acquisition. It is the foundation for a suite of smartphones.
  
[[User:Lenageraghty|Lenageraghty]] 08:36, 11 November 2005 (EST)
+
==QualComm==
  
 +
In September 1998, QUALCOMM introduced the pdQ smartphone which was the first CDMA digital wireless phone to integrate the Palm OS software. QUALCOMM’s CDMA handset business was later bought by Kyocera in February 2000.
  
===== some thoughts/comments on the updated outline =====
+
==Samsung==
  
* We are examining 3 cyptographical file system - why do we choose the 3 we choose ?
+
==Sony Cli&Egrave;==
** Freeware is popular CFS, TCFS is free.
+
** CFS is quite often referenced.  It is one of the early most widely used system.
+
** Net Applicance is a commercial system. Possibly an end-to-end solution (?)
+
** Scope of this project: multi-user file systems, as oppose to a single disk drive system.
+
** What are some of the existing system ?
+
  
* Betty, it was previously agreed that there are 3 EFS.  Sam prefers 3 EFS to 4.
+
==Symbol==
** Is there any reason why you choose Windows ?  I will write up why we choose the 3 that I know of.  I am not sure why Windows.  I probably write up a snippet for the 3, and you can add the reason for choosing Windows.
+
  
[[User:Lenageraghty|Lenageraghty]] 23:32, 14 November 2005 (EST)
+
==TapWave==
  
=== Questions : ===
+
==TRG==
* What systems are currently available ?
+
  
[[User:Lenageraghty|Lenageraghty]] 08:48, 11 November 2005 (EST)
+
==Handspring Visor==
  
=== Suggestions/Questions/Outline ?: ===
+
The original creators of the PalmPilot, Jeff Hawkins, Donna Dubinsky, and Ed Colligan, left Palm Computing after desputes with the parent company 3com. As a result, the trio founded Handspring in 1998. The first product released in 1999 was called the Handspring Visor, a clone of the original PalmPilot with minor additions, that used the newly created Palm OS. One of it's most prominent features was USB support and an expansion slot for memory cards, both of which were not yet popular at the time.
* Solutions from other storage vendors.
+
* Desirable features for a cryptographical file system.
+
* cost
+
** performance
+
** total solution for end-users
+
** Key management for cryptographical file system
+
** Ease of use by end-users
+
** Failure modes
+
** Challenges in using/installing
+
  
[[User:Lenageraghty|Lenageraghty]] 22:48, 7 November 2005 (EST)
+
The Visor line includes:
 +
<ul>
 +
<li>Visor and Visor Deluxe</li>
 +
<li>Visor Prism</li>
 +
<li>Visor Platinum</li>
 +
<li>Visor Edge</li>
 +
<li>Visor Neo</li>
 +
<li>Visor Pro</li>
 +
</ul>
  
===== comment from TA (Joe)  =====
+
==Treo==
That looks like some of the right inroadsRemember that the paper is
+
Treo manufacturers a variety of devices, including the LifeDrive, Treo 650 and 700w, Palm Z22 and Tx, and the Tungsten E2Each of these devices is marketed at a different segment of the market.  For example, the LifeDrive contains a 4GB integrated hard drive and is advertised as a portable multimedia device that plays videos and MP3sThe LifeDrive Also includes integrated WiFi and Bluetooth capabilities.  The Treo 650 and 700w are the company's Smartphones.  The Treo 650 runs Palm OS, while the 700w runs on Windows Mobile.  The Z22, Tx, and Tungsten E2 are primarily designed to be personal organizers.
not very long, so you may want to focus on the three systems and do a
+
deep analysisCertainly some things to think about:
+
      Simson's lecture where he talked about it
+
      Failure modes of such systems
+
      Challenges in using/installing
+
  
''comment from teacher:'' Please remember that this Wiki is publically accessible on the Internet. It's great if you can improve the resource for everbody. But do try to do that, rather than just creating your own space...
+
=Forensics=
 +
Forensics for Palm devices is a nascent field. There are several tools available for the image acquisition and analysis of Palm devices.
  
===== Uploading pieces of our writeup =====
+
==EnCase==
 +
EnCase, published by Guidance Software, is a complete cyber forensics software package that handles all steps of the investigative process, from the acquisition to the report creation.  The software includes built-in capabilities for performing MD5 hashing, data carving, deleted file recovery, and many other functions.
  
[[Image:HelixCFS.doc]] Lena's writeup on CFS
+
Although traditionally relegated to the realm of desktop computer forensics investigations, EnCase does support the acquisition and analysis of a limited number of Palm devices.  
Devaition from outline: 
+
* Did not mention current release, which is not really relevant. (It is 1.4.1 if anyone is interested)
+
* Describe the security provided by CFS.
+
* No legal issue.
+
* Not sure what is meant by failure mode: I assume lost of key ?
+
  In any case, we can use backup/restore. Failure is generally taken
+
  care of by the system administrator, so failure mode is
+
  part of "ease of user" for the system administrator.
+
  
 +
=Paraben=
 +
Paraben has a software application that is specifically designed for PDA forensics,PDA Seizure.  This comprehensive tool allows PDA data to be acquired, viewed, and reported on, all within a Windows environment.  The software comes equiped with quite a few key features.  These features include the ability to encrypt saved case files, Blackberry OS support, built-in recovery of Palm passwords, enhanced viewing on file data, complete physical and logical acquisition for Palm PDA devices, and many more.  It has a few draw backs, in that some of the material acquired from the PDAs is hard to interpret by a person that is not computer savi. Although, on the other hand it has features like a search portion that allows you to enter a search term and PDA Seizure will bring up all files that have that term in them.  This allows the investigator to look for case specific information easily and quickly. 
 +
 +
=References=
 +
http://www.answers.com/topic/palm-os
  
[[User:Lenageraghty|Lenageraghty]] 23:35, 14 November 2005 (EST)
+
http://www.palm.com/us/
 +
 
 +
http://www.encase.com
 +
 
 +
http://www.paraben.com

Revision as of 18:50, 23 February 2006

Overview

A "Palm" is a commonly referred to as a small-scale (hand-held) computer that runs Palm's PalmOS software.

The Palm OS platform is an open architecture that provides a basis for third-party developers and original equipment manufacturers (OEMs) to create mobile computing solutions. The platform consists of five components:

  • The reference hardware design
  • The device operating system called the Palm OS software
  • The HotSync conduit data synchronization technology
  • The platform component tools including an applications programming interface (API) that enables developers to write applications
  • The software interface capabilities to support hardware add-ons

(http://www.palm.com/us/company/pr/2000/092000.html, 2000)


History

Palm Computing was founded by Jeff Hawkins, Donna Dubinsky and Ed Colligan. The original purpose of the company was to create handwriting recognition software for other devices (Graffiti). The initial idea for the devices came from Hawkins' habit of carrying a block of wood in his pocket.

The initial Palm device released in 1996 was called the Pilot. Because Pilot Pen Corporation brought forth a trademark infrigement case, the second generation device released in 1997 was named the PalmPilot.

The Palm was not the original PDA device released, but benefited from the failure of Apple's Newton.

The Palm OS initially featured personal information management (PIM) tools such as Calendar, Contacts, Memo Pad, Expense and Tasks. As later versions were released, more features were added. Here is a list of various Palm OS releases:

  • Version 3.1, 3.3, 3.5

Added support for color, multiple expansion ports, new processors, etc.

  • Version 4.0

Added a standard interface for external FS access

  • Version 5.0

First version to support Acorn Risc Machine (ARM) devices. Later versions which included OS 5.2, featured Graffiti 2. It began the separation of Palm OS and Palm One.

Presently, version 6.1 of the Palm OS is under development (Cobalt). Cobalt features a Linux-based kernel. There are presently no devices released using Palm OS 6.

Features

Address Book: Allows the user to keep track of their contacts. Synchronized via HotSync manager
Calculator: Basic 4 function calculator
Datebook: Track appointments, birthdates and other important times during the year. Synchronized via HotSync manager
Expenses: Keep track of your spending habits.
HotSync: Application that ran on your desktop or portable PC or Mac to allow for calendars and contacts to easily be synchronized with Palm device.
Memo Pad: Write short notes.
Note Pad: Scribble notes in your natural writing language.
To Do List: Create a check list of items to accomplish. Synchronized via HotSync manager.
Palm Photos: Photo manager that allows sharing of photos between multiple palm devices.

Palm Pilot

3Com Audrey

The 3Com Audrey was created to be a kitchen computer in 2000-2001. It was a mainly a used to access the Internet. Cisco then bought out 3Com and the Audrey was no more. One noticeable aspect of the Audrey is how people can hack it. They have turned it into anything from a web server to a chatting client. It runs QNX with PalmOS extensions. This allows it to be hacked extremely easily.

It runs on the Intel-compatible Cyrix-MediaGX processor. It uses Palm's HotSync technology to update the address book and date book with up to two Palms simultaneously. It uses a USB Ethernet controller to connect to the Internet. It also has built-in stereo speakers to play digital and streaming music. You can either use the clear pen to input data, or pull out the wireless keyboard. No graffiti is used.

It was discontinued on March 21, 2001. However, there is still an Audrey frenzy going on today.

Fossil

Garmin

Kyocera

Kyocera acquired QUALCOMM Incorporated's Code Division Multiple Access (CDMA) wireless phone business in February 2000 and incorporates QUALCOMM's CDMA technology in the development and manufacture of wireless phones. An agreement with Palm Inc. to license the Palm OS platform was reached by Kyocera and Palm after QUALCOMM's acquisition. It is the foundation for a suite of smartphones.

QualComm

In September 1998, QUALCOMM introduced the pdQ smartphone which was the first CDMA digital wireless phone to integrate the Palm OS software. QUALCOMM’s CDMA handset business was later bought by Kyocera in February 2000.

Samsung

Sony CliÈ

Symbol

TapWave

TRG

Handspring Visor

The original creators of the PalmPilot, Jeff Hawkins, Donna Dubinsky, and Ed Colligan, left Palm Computing after desputes with the parent company 3com. As a result, the trio founded Handspring in 1998. The first product released in 1999 was called the Handspring Visor, a clone of the original PalmPilot with minor additions, that used the newly created Palm OS. One of it's most prominent features was USB support and an expansion slot for memory cards, both of which were not yet popular at the time.

The Visor line includes:

  • Visor and Visor Deluxe
  • Visor Prism
  • Visor Platinum
  • Visor Edge
  • Visor Neo
  • Visor Pro

Treo

Treo manufacturers a variety of devices, including the LifeDrive, Treo 650 and 700w, Palm Z22 and Tx, and the Tungsten E2. Each of these devices is marketed at a different segment of the market. For example, the LifeDrive contains a 4GB integrated hard drive and is advertised as a portable multimedia device that plays videos and MP3s. The LifeDrive Also includes integrated WiFi and Bluetooth capabilities. The Treo 650 and 700w are the company's Smartphones. The Treo 650 runs Palm OS, while the 700w runs on Windows Mobile. The Z22, Tx, and Tungsten E2 are primarily designed to be personal organizers.

Forensics

Forensics for Palm devices is a nascent field. There are several tools available for the image acquisition and analysis of Palm devices.

EnCase

EnCase, published by Guidance Software, is a complete cyber forensics software package that handles all steps of the investigative process, from the acquisition to the report creation. The software includes built-in capabilities for performing MD5 hashing, data carving, deleted file recovery, and many other functions.

Although traditionally relegated to the realm of desktop computer forensics investigations, EnCase does support the acquisition and analysis of a limited number of Palm devices.

Paraben

Paraben has a software application that is specifically designed for PDA forensics,PDA Seizure. This comprehensive tool allows PDA data to be acquired, viewed, and reported on, all within a Windows environment. The software comes equiped with quite a few key features. These features include the ability to encrypt saved case files, Blackberry OS support, built-in recovery of Palm passwords, enhanced viewing on file data, complete physical and logical acquisition for Palm PDA devices, and many more. It has a few draw backs, in that some of the material acquired from the PDAs is hard to interpret by a person that is not computer savi. Although, on the other hand it has features like a search portion that allows you to enter a search term and PDA Seizure will bring up all files that have that term in them. This allows the investigator to look for case specific information easily and quickly.

References

http://www.answers.com/topic/palm-os

http://www.palm.com/us/

http://www.encase.com

http://www.paraben.com