Difference between revisions of "Apple iPhone"
From Forensics Wiki
Joachim Metz (Talk | contribs) (→External Links) |
Joachim Metz (Talk | contribs) (→External Links) |
||
| Line 33: | Line 33: | ||
* [http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf Apple iOS Privacy], [http://seriot.ch/resources/talks_papers/ios_privacy_hashdays.pdf slides hash days presentation], by [[Nicolas Seriot]], in November 2010. | * [http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf Apple iOS Privacy], [http://seriot.ch/resources/talks_papers/ios_privacy_hashdays.pdf slides hash days presentation], by [[Nicolas Seriot]], in November 2010. | ||
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2010. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G. | * [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2010. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G. | ||
| + | * [http://www.sans.org/reading_room/whitepapers/forensics/forensic-analysis-ios-devices_34092 Forensic Analysis on iOS Devices], by [[Tim Proffitt]], November 5, 2012 | ||
Revision as of 02:30, 28 February 2013
The iPhone is a smartphone made by Apple Inc. and sold with service through AT&T. It can be used to send/receive email (see IPhone Mail Header Format), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, see Tools section.
In December 2009, Nicolas Seriot presented a paper [1] in combination with a harvesting application named SpyPhone. This application grabs data as sensitive as location data and a cache of keyboard words. It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).
Tools
- Black Bag Technology Mobilyze
- Cellebrite UFED
- EnCase Neutrino
- FTS iXAM
- iPhone Analyzer
- iphone-dataprotection; a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
- iOS Forensic Research. Jonathan Zdziarski has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
- Katana Forensics Lantern
- libimobiledevice is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools. They are available in the Debian-testing packages libimobiledevice and libimobiledevice-utils.
- Logicube CellDEK
- MacLock Pick
- Micro Systemation .XRY
- Mobile Sync Browser
- Nuix Desktop and Proof Finder can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.
- Oxygen Forensic Suite 2010
- Paraben Device Seizure
- SpyPhone
Publications
- Gómez-Miralles, Arnedo-Moreno. Versatile iPad forensic acquisition using the Apple Camera Connection Kit. Computers And Mathematics With Applications, Volume 63, Issue 2, 2012, pp.544-553.
External Links
- Official web site
- Wikipedia: iPhone
- Wikipedia: IOS jailbraking
- The iPhone Wiki
- Slashdot: Malware Could Grab Data From Stock iPhones
- Apple iOS Privacy, slides hash days presentation, by Nicolas Seriot, in November 2010.
- iPhone Forensics, by Andrew Hoog, Katie Strzempka, in November 2010. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.
- Forensic Analysis on iOS Devices, by Tim Proffitt, November 5, 2012
