iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets

Overview

"This book is a must for anyone attempting to examine the iPhone. The level of forensic detail is excellent. If only all guides to forensics were written with this clarity!"-Andrew Sheldon, Director of Evidence Talks, computer forensics experts

With iPhone use increasing in business networks, IT and security professionals face a serious challenge: these devices store an enormous amount of information. If your staff conducts business with an iPhone, you need to know how to recover, analyze, and securely destroy ...

See more details below
Other sellers (Paperback)
  • All (13) from $4.47   
  • New (7) from $10.95   
  • Used (6) from $4.47   
iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$17.99
BN.com price
(Save 43%)$31.99 List Price

Overview

"This book is a must for anyone attempting to examine the iPhone. The level of forensic detail is excellent. If only all guides to forensics were written with this clarity!"-Andrew Sheldon, Director of Evidence Talks, computer forensics experts

With iPhone use increasing in business networks, IT and security professionals face a serious challenge: these devices store an enormous amount of information. If your staff conducts business with an iPhone, you need to know how to recover, analyze, and securely destroy sensitive data. iPhone Forensics supplies the knowledge necessary to conduct complete and highly specialized forensic analysis of the iPhone, iPhone 3G, and iPod Touch. This book helps you:

  • Determine what type of data is stored on the device
  • Break v1.x and v2.x passcode-protected iPhones to gain access to the device
  • Build a custom recovery toolkit for the iPhone
  • Interrupt iPhone 3G's "secure wipe" process
  • Conduct data recovery of a v1.x and v2.x iPhone user disk partition, and preserve and recover the entire raw user disk partition
  • Recover deleted voicemail, images, email, and other personal data, using data carving techniques
  • Recover geotagged metadata from camera photos
  • Discover Google map lookups, typing cache, and other data stored on the live file system
  • Extract contact information from the iPhone's database
  • Use different recovery strategies based on case needs

And more. iPhone Forensics includes techniques used by more than 200 law enforcement agencies worldwide, and is a must-have for any corporate compliance and disaster recovery plan.

Read More Show Less

Product Details

  • ISBN-13: 9780596153588
  • Publisher: O'Reilly Media, Incorporated
  • Publication date: 9/28/2008
  • Edition number: 1
  • Pages: 144
  • Sales rank: 1,313,764
  • Product dimensions: 5.90 (w) x 8.80 (h) x 0.40 (d)

Meet the Author

Jonathan Zdziarski is better known as the hacker "NerveGas" in the iPhone development community. His work in cracking the iPhone helped lead the effort to port the first open source applications, and his book, iPhone Open Application Development, taught developers how to write applications for the popular device long before Apple introduced its own SDK. Prior to the release of iPhone Forensics, Jonathan wrote and supported an iPhone forensics manual distributed exclusively to law enforcement. Jonathan frequently consults law enforcement agencies and assists forensic examiners in their investigations. He teaches an iPhone forensics workshop in his spare time to train forensic examiners and corporate security personnel.

Jonathan is also a full-time research scientist specializing in machine learning technology to combat online fraud and spam, an effort that led him to develop networking products capable of learning how to protect customers. He is founder of the DSPAM project, a high-profile, next-generation spam filter that was acquired in 2006 by Sensory Networks, Inc. He lectures widely on the topic of spam and is a foremost researcher in the fields of machine-learning and algorithmic theory.

Jonathan's website is zdziarski.com.

Read More Show Less

Table of Contents

Dedication;
Foreword;
Preface;
Audience of This Book;
Acknowledgments;
Organization of the Material;
Conventions Used in This Book;
Using Code Examples;
Legal Disclaimer;
Safari® Books Online;
We’d Like to Hear from You;
Chapter 1: Introduction to Computer Forensics;
1.1 Making Your Search Legal;
1.2 Rules of Evidence;
1.3 Good Forensic Practices;
1.4 Technical Processes;
Chapter 2: Understanding the iPhone;
2.1 What’s Stored;
2.2 Equipment You’ll Need;
2.3 Determining the Firmware Version;
2.4 Disk Layout;
2.5 Communication;
2.6 Upgrading the iPhone Firmware;
2.7 Restore Mode and Integrity of Evidence;
2.8 Cross-Contamination and Syncing;
Chapter 3: Accessing the iPhone;
3.1 Installing the Recovery Toolkit (Firmware v1.0.2–1.1.4);
3.2 Circumventing Passcode Protection (Firmware v1.0.2–1.1.4);
3.3 Installing the Recovery Toolkit (Firmware v2.x);
3.4 Removing the Forensic Recovery Toolkit;
Chapter 4: Forensic Recovery;
4.1 Configuring Wi-Fi and SSH;
4.2 Recovering the Media Partition;
4.3 Data Carving Using Foremost/Scalpel;
4.4 Validating Images with ImageMagick;
4.5 Strings Dump;
4.6 The Takeaway;
Chapter 5: Electronic Discovery;
5.1 Converting Timestamps;
5.2 Mounting the Disk Image;
5.3 Graphical File Navigation;
5.4 Extracting Image Geotags with Exifprobe;
5.5 SQLite Databases;
5.6 Important Database Files;
5.7 Property Lists;
5.8 Other Important Files;
Chapter 6: Desktop Trace;
6.1 Proving Trusted Pairing Relationships;
6.2 Serial Number Records;
6.3 Device Backups;
6.4 Activation Records;
Chapter 7: Case Help;
7.1 Employee Suspected of Inappropriate Communication;
7.2 Employee Destroyed Important Data;
7.3 Seized iPhone: Whose Is It and Where Is He?;
Disclosures and Source Code;
Power-On Device Modifications (Disclosure);
Installation Record (Disclosure);
Technical Procedure;
Colophon;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Posted May 7, 2012

    Out of date information proved worthless

    This would have been a great purchase three years ago. However, the information, hyperlinks, and support for this book are outdated and worthless if you are looking to explore any part of the newer generation iOS devices. Even the toolkit(s) and methods mentioned within the book are nearly impossible to perform because the community support simply does not exist for the current iteration of Apple products. Do not buy this book.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)