We all face the problem of growing amounts of evidence on a regular basis. Improving raw acquisition speed is one way to limit the impact of this, and Evimetry has been consistently delivering the fastest acquisition speeds bar none since we launched two years ago. Yet we aren’t the only solution claiming to be the “fastest” or have “unparalleled” speeds. Led by a practitioner and forensic scientist, it is in Evimetry’s DNA to value substantiation.
Mobile phone forensic analysis–analysis of JTAG and Chip Off images of Android YAFFS Flash
On 18 October 2012 I presented, at the Breakpoint 2012conference, some preliminary results of research I have been undertaking in the area of forensic acquisition and analysis of mobile phones. Specifically I have been focusing on Android phones using NAND flash memory and the YAFFS2 file system. The seminar principally addressed methods of acquisition (JTAG and Chip Off) and the fundamental challenges of reconstructing YAFFS2 file systems from said acquisitions. The slides from the presentation can be found here.
Android forensic analysis lecture at Breakpoint2012 (AU)
I will be presenting a lecture on Android forensics, focusing on flash acquisition and YAFFS2 filesystem analysis at the Breakpoint 2012 conference in Melbourne, Australia, this October 18. The speaker lineup is looking fascinating, with leaders in the area of mobile security (both IOS and Android), hardware reverse engineering and Windows internals being on my list of lectures to attend.