Forensic software can make your life as an investigator much simpler but is limited in scope when it comes to extracting all the evidence from an Android phone. We will cover the various Android file systems and dive low-level into NAND memory and how data is being manipulated behind the scenes. We will also demonstrate some of the powerful capabilities of viaExtract, our Android logical tool.
Without knowledge of what is possible, it is very difficult to propose solutions that have real impact. Therefore, we must also take into account that attackers will not use more sophisticated techniques than are necessary to win.
Mobile phones are increasingly targeted by attackers and can be a powerful tool to gain entry to your company and exfiltrate your intellectual property. We will examine how the ability of the mobile device to operate on either side of corporate boundaries exposes the company to risk.
How effective is mobile encryption? This session will review five different types of mobile encryption, demonstrate strengths and weakness in each and provide steps that can be taken to improve mobile encryption.
The following presentation was delivered by Andrew Hoog at The Sleuth-Kit and Open-Source Digital Forensics Conference on October 3, 2012.