2009 stats for new mobile phones shipped, including breakdowns for smart phones, vendors, etc.  They’re everywhere, including the forensics labs now!

For all of 2009, vendors shipped 174 million smartphones, up 15% from the 151 million in 2008. All told, smartphones accounted for 15% of all mobile phones shipped in 2009, up from 12.7% in 2008, IDC said.

via Smartphone Sales Score Record – PCWorld.

“ANDROID ON THE LOOSE; Andrew Hoog unveils Google’s new mobile operation system, showings us exactly what’s important for forensic investigators.”

Digital Forensics Magazine | supporting the professional computer security industry.

There has been a lot of interest in Android Forensics and one important component is an open source framework to provide such an application.  If sufficient interest and development is generated, it will be an extremely value tool to forensic investigators.  Now, we just need some forensic geeks with Java experience to join.  The project is hosted on Google Code.

A sign of things to come…Android is going to be significant.  If you need tools and techniques for the forensic analysis of these phone, please visit our Android Forensics page which has links to training, out mailing list and information on how to subscribe to our AFWiki.

As of December 2009, the research firm's survey shows that 4% of all smartphone owners now use a phone running some version of the Android OS. That's an increase of 200% since the previous survey released in September.

via Android Usage Increased 200% Over Past 3 Months.

Ahhh, nothing like the weekly Adobe zero-day exploit.

This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild (CVE-2009-4324). We are currently investigating this issue and assessing the risk to our customers. We will provide an update as soon as we have more information. Please continue monitoring the Adobe PSIRT blog for the latest information.

via New Adobe Reader and Acrobat Vulnerability – Adobe Product Security Incident Response Team (PSIRT).

The Nook from B&N runs Android.  The folks over at nookDevs has taken the device apart, figured out how to get root (I wish it was that easy on Android phones!) and is deep into it now.  We’ve long told folks that listen that Android is much more than a mobile phone OS.  From a law enforcement/forensics standpoint, you can’t ignore that illegal information may exist on an Android book reader, set top box or whatever the next device will be.  So you have to understand Android from the ground up.  Oh, and as for the last sentence the in quote below, I might just fit the bill!

If you tear open a Nook (which the team has done) you’ll find that the Android operating system is contained on a microSD card (separate from the microSD expansion slot). From here, it’s a simple matter of using a card reader to mount this card on your computer and changing a single word in the init.rc file (the file that’s in charge of which services are begun at startup, similar to a Linux boot).

This single hack will let you plug the Nook into your computer (once you have reassembled it) and access the OS, using the freely available Google Android developers kit. Right now you’ll have to be a hardcore nerd to make much use of this…<snip>

via Nook Torn Open, Hacked, Rooted | Gadget Lab | Wired.com.

Well, it’s nice to see Adobe at the top of the list given all the 0-day exploits.  Bit9 seems to do great work but the white paper is behind a registration firewall (they should just release it, trust me, it’s better that way).  Here’s the results from the press release:

This year Adobe applications top the list with four applications identified in the U.S. National Institute of Standards and Technology&apos;s (NIST) official vulnerability database:

• Adobe Acrobat
• Flash Player
• Reader
• Shockwave

had vulnerabilities that were rated “High” including ones that allowed remote attackers to execute arbitrary code, trigger memory corruption, denial of services or application crashing.

Other vulnerable applications on the list include:

* Apple Quicktime

* Mozilla Firefox

* Opera

* RealPlayer

* Sun Java

* Trillian

The applications on the list meet the following criteria:

* Runs on Microsoft Windows

* Is well-known in the consumer space and frequently downloaded by individuals

* Is not classified as malicious by enterprise IT organizations or security vendors

* Contains at least one critical vulnerability that was:

o First reported in January 2009 or after

o Registered in the U.S. National Institute of Standards and Technology&apos;s (NIST) official vulnerability database at http://nvd.nist.gov, and given a severity rating of high (between 7.0-10.0) on the Common Vulnerability Scoring System (CVSS)

o Relies on the end user, rather than a central IT administrator, to manually patch or upgrade the software to eliminate the vulnerability, if such a patch exists

o The application cannot be automatically and centrally updated via Enterprise tools such as Microsoft SMS & WSUS.

via Bit9 Releases Annual Report on Top Vulnerable Applications in 2009.