SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, August 14, 2011

Impressions: iPhone and iOS Forensics

Posted on 2:36 PM by Unknown
The third forensics book in this batch is iPhone and iOS Forensics (IAIF) by Andrew Hoog and Katie Strzempka. This book is similar to iOS Forensic Analysis: for iPhone, iPad, and iPod touch by Sean Morrissey, in the sense that neither book is as strong as I might have hoped. Oddly enough, the aspects of Morrissey's book that were most compelling (like his overview of the various i-devices and attention to each of them) are weaker in IAIF.



I found IAIF to be a little confusing in its approach, with lack of rigor around discussing iPhone vs other platforms. I felt the authors should have either focused on one platform or given all of them equal attention. I also disliked mixing of what seemed to be jailbroken and non-jailbroken content. I prefer for forensics books to avoid using jailbreak techniques where possible, but it would have been helpful for the authors to be very clear where and why they use such methods.



Chapter 4 was supposed to cover security, but it was overall very disappointing. Chapter 6 probably has the core data of interest to a forensic investigator, namely where to find certain types of evidence (email, Web history, etc.) and how to get it. This is the sort of data missing from the Xbox book I just addressed.



I liked the material on downgrading iOS on a phone, but didn't like reading about basic Linux information in chapter 1. That should have been in an appendix.



Tweet
Email ThisBlogThis!Share to XShare to Facebook
Posted in impressions | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Feedback from Network Security Monitoring 101 Classes
    At Black Hat in Las Vegas I taught two Network Security Monitoring 101 (NSM101) classes. This is a new class that I developed this year, a...
  • A Book for the Korean Cyber Armies
    I've got a book for the Korean cyber armies, North and South. That's right, it's my first book , The Tao of Network Security Mo...
  • What is Cloud?
    The slide at left was one of my favorites from Craig Balding's Cloud Security Ghost Story talk from Black Hat EU earlier this year. I ...
  • SQL Injection Challenge and Time-Based Security
    Thanks to this Tweet by @ryancbarnett, I learned of the lessons learned of the Level II component of the ModSecurity SQL Injection Challen...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • BeyondTrust Report on Removing Administrator: Correct?
    Last week BeyondTrust published a report titled BeyondTrust 2009 Microsoft Vulnerability Analysis . The report offers several interesting ...
  • President Obama Is Right On US-China Hacking
    I strongly recommend watching the excerpt on the Charlie Rose show titled Obama: Blunt Conversation With China on Hacking . I reproduced the...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ▼  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ▼  August (18)
      • TaoSecurity Security Effectiveness Model
      • TCP/IP Weapons School 3.0 in McLean, VA 26-27 Oct
      • Jaime Metzl Describes "China's Threat to World Order"
      • Expect to Hear "IDS Is Dead" (Again)
      • Bejtlich Leading Session at IANS
      • Check Out MANDIANT Job Postings
      • Tao of NSM Errata and Possible Book Plans
      • Bejtlich Webinar for Dark Reading and InformationWeek
      • Bejtlich Keynote at Hawaiian Telcom Conference
      • Feedback from Latest TCP/IP Weapons School 3.0 Class
      • Impressions: Android Forensics
      • Impressions: iPhone and iOS Forensics
      • Impressions: XBox 360 Forensics
      • Impressions: Digital Forensics with Open Source Tools
      • Impressions: The Shellcoder's Handbook, 2nd Ed
      • Impressions: Reversing: Secrets of Reverse Enginee...
      • Impressions: The IDA Pro Book, 2nd Ed
      • Book Reviews vs Impressions
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile