Difference between pages "Eraser" and "Apple iPhone"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(External Links)
 
Line 1: Line 1:
{{Expand}}
+
The '''iPhone''' is a smartphone made by [[Apple Inc.]] and sold with service through AT&T. It can be used to send/receive [[email]] (see [[IPhone Mail Header Format]]), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as [[Oxygen Forensic Suite 2010]].
{{Infobox_Software |
+
  name = eraser |
+
  maintainer = [[Heidi Computers]] |
+
  os = {{Windows}} |
+
  genre = {{Anti-forensics tools}} |
+
  license = {{GPL}} |
+
  website = [http://heidi.ie/eraser/ heidi.ie/eraser] |
+
}}
+
  
== About ==
+
In December 2009, Nicolas Seriot presented ([http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf PDF]) a harvesting application, [http://github.com/nst/spyphone SpyPhone].  This application grabs data as sensitive as location data and a cache of keyboard words.  It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).
  
Eraser is a Windows tool that allows you to securely remove files from your computers hard drive and securely wipe free space so as to remove remnants of previously deleted files by overwriting with specially selected wiping paterns.
+
== Tools ==
 +
* [Cellebrite UFED http://www.cellebrite.com/forensic-solutions/ios-forensics.html]
 +
* [http://code.google.com/p/iphone-dataprotection/ iphone Data Protection] is a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
 +
* [http://www.iosresearch.org Jonathan Zdziarski] has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
 +
* [http://www.libimobiledevice.org/ libimobiledevice] is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools.  They are available in the Debian-testing packages '''libimobiledevice''' and '''libimobiledevice-utils'''.
 +
* [[Nuix Desktop]] and [[Proof Finder]] can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.
  
Eraser currently works with Windows 95, 98, ME, NT, 2000, XP, Windows 2003 Server and DOS and supports FAT and NTFS formatted IDE/SATA/SCSI hard drives. Support for Vista was introduced in 5.83beta.
+
== Publications ==
 +
* Gómez-Miralles, Arnedo-Moreno. [http://openaccess.uoc.edu/webapps/o2/bitstream/10609/11862/1/iPadForensics.pdf Versatile iPad forensic acquisition using the Apple Camera Connection Kit.] Computers And Mathematics With Applications, Volume 63, Issue 2, 2012, pp.544-553.
  
== Methodology ==
+
== External Links ==
Eraser overwrites the filename for each deleted file with zeros up to the maximum filename length.
+
* [http://www.apple.com/iphone/ Official web site]
 
+
* [http://en.wikipedia.org/wiki/IPhone Wikipedia: iPhone]
== External Links ==  
+
* [http://en.wikipedia.org/wiki/IOS_jailbreaking Wikipedia: IOS jailbraking]
* [http://www.heidi.ie/eraser/ Official website]
+
* [http://github.com/nst/spyphone SpyPhone].  Noted on [http://it.slashdot.org/story/09/12/04/0413235/Malware-Could-Grab-Data-From-Stock-iPhones?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29 Slashdot].
* [http://bbs.heidi.ie/index.php Eraser Support Forums]
+
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2012. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.
 
+
[[Category:Anti-forensics tools]]
+

Revision as of 02:49, 28 February 2013

The iPhone is a smartphone made by Apple Inc. and sold with service through AT&T. It can be used to send/receive email (see IPhone Mail Header Format), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as Oxygen Forensic Suite 2010.

In December 2009, Nicolas Seriot presented (PDF) a harvesting application, SpyPhone. This application grabs data as sensitive as location data and a cache of keyboard words. It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).

Tools

  • [Cellebrite UFED http://www.cellebrite.com/forensic-solutions/ios-forensics.html]
  • iphone Data Protection is a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
  • Jonathan Zdziarski has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
  • libimobiledevice is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools. They are available in the Debian-testing packages libimobiledevice and libimobiledevice-utils.
  • Nuix Desktop and Proof Finder can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.

Publications

External Links