Owners of the iPhone will be able to legally unlock their devices so they can run software applications that haven’t been approved by Apple Inc., according to new government rules announced Monday.

The decision to allow the practice commonly known as “jailbreaking” [...]]]>

We don’t jailbreak iPhones, but this might be important update for those that do.

Owners of the iPhone will be able to legally unlock their devices so they can run software applications that haven’t been approved by Apple Inc., according to new government rules announced Monday.

The decision to allow the practice commonly known as “jailbreaking” is one of a handful of new exemptions from a 1998 federal law that prohibits people from bypassing technical measures that companies put on their products to prevent unauthorized use of copyright-protected material. The Library of Congress, which oversees the Copyright Office, reviews and authorizes exemptions every three years to ensure that the law does not prevent certain non-infringing uses of copyright-protected works.

For iPhone jailbreakers, the new rules effectively legitimize a practice that has been operating in a legal gray area by exempting it from liability. Apple claims that jailbreaking is an unauthorized modification of its software.

via New gov’t rules allow unapproved iPhone apps – Yahoo! News.

The iPhone is obviously a major focus in terms of forensic work, given its popularity, but similar vulnerabilities exist with the growing number of Android-based phones on the market, such as the Motorola Droid X, according to [...]]]>

viaForensics’ CIO makes it into the news again. This time discussing the security vulnerabilities of smartphones and mobile devices.

The iPhone is obviously a major focus in terms of forensic work, given its popularity, but similar vulnerabilities exist with the growing number of Android-based phones on the market, such as the Motorola Droid X, according to Andrew Hoog, chief investigative officer, at viaForensics.

“Many [Android] apps are being rushed to market, and they can have substantial holes,” Hoog told FoxNews.com.

Furthermore, some passwords end up being stored as plain text on phones, including corporate e-mail and eBay passwords. “It’s practically impossible for an end user to completely wipe a phone clean,” says Hoog.

So if you’re not planning to commit a crime, should you worry? Maybe.

Smart phones are rapidly replacing desktop computers as the repository for a wealth of personal information, including banking passwords, personal contact information, text messages, and social-networking pages. Give someone access to your phone and you’re giving them access to your life.

via FOXNews.com – Why Smart Crooks Don’t Use Smartphones.

What is your view on the convergence of computing devices such as PC’s & Mobile phones, the wider integration of IP devices and the possible implications for the Digital Forensic Investigator?

I believe convergence of the computer, phone [...]]]>

viaForensics CIO, Andrew Hoog, has been profiled in Digital Forensics Magazine‘s feature “Meet the Professionals.” Here’s a brief excerpt:

What is your view on the convergence of computing devices such as PC’s & Mobile phones, the wider integration of IP devices and the possible implications for the Digital Forensic Investigator?

I believe convergence of the computer, phone and other devices will have a significant impact on digital forensics. One issue, which we must grapple and ultimately deal with, is that typically mobile phones (or any device without a traditional hard drive) cannot be imaged with a write blocker. This inevitably leads to a bit of a “religious war” in the forensics community over what is forensically sound. I think common sense will play a large role in ultimately putting this issue to rest. Convergence also means significantly more R&D, not just the latest OS from Microsoft but new file systems (take YAFFS2 found in Android devices), new types of flash/ssd memory and much more.

A great example for this convergence impacting companies today is the use of smart phones to circumvent IT security. When I present to corporations, I will typically use my Android phone to connect to the Internet. Usually during the presentation, the security folks will tell us that their systems are secure and they have little to worry about. I then hold up my phone and inform them that I completely circumvented all of the IT security controls with my phone… the tone of the conversation typically changes quite quickly.

An astute reader stumbled upon an interesting bug with the HTC Incredible. The Incredible, with Sense UI, will periodically store screenshots of the contents of your web browser. The screen captures are a function of the HTC Sense UI bookmark widget and are not the main [...]]]>

Slashdot shared this news posted on the Boy Genius Report:

An astute reader stumbled upon an interesting bug with the HTC Incredible. The Incredible, with Sense UI, will periodically store screenshots of the contents of your web browser. The screen captures are a function of the HTC Sense UI bookmark widget and are not the main issue; temporary screen grabs are understandable. The problem is these JPEG files are extremely hard to get rid of. They remain when the current browser session is closed, they remain after you clear the browser history, and they remain after a full factory reset. … To be honest, seeing a screenshot of our logged-in banking session after a reset was a bit unnerving. Any DROID Incredible owners out there seeing the same thing?

via Browser privacy issue with DROID Incredible and HTC Sense UI widget? « Boy Genius Report.

… eBay introduced two new iPhone applications, designed to make sellers’ lives easier when it comes to listing items on the giant online marketplace from their Apple phones. …

The company [...]]]>

Opportunities for theft over mobile devices continues to increase. viaForensics is set to position itself as the mobile device security experts. Join in on the discussion.

… eBay introduced two new iPhone applications, designed to make sellers’ lives easier when it comes to listing items on the giant online marketplace from their Apple phones. …

The company claims its primary iPhone app, which is available in more than 190 countries and eight languages, has been downloaded 8 million times to date, and that 1 item is purchased using eBay mobile every 2 seconds. …

Since last February, there’s also a mobile eBay app for the Android platform.

via eBay Expects To Sell $1.5 Billion Worth Of Goods Through Mobile Devices In 2010.

The increasing use [...]]]>

Mobile phones these days are essentially computers and are increasingly a magnet for criminal activity. Corporations and individuals need take seriously the threat against these devices. And e-forensic investigators need to learn new techniques and devise tools to combat this threat. (Hint: Take a look at viaForensics’ work on iPhone and Android forensics).

The increasing use of mobile devices for banking, money transfer, and payment is increasing the risk that criminals will target these devices for financial gain.

More banks are providing customers with the ability to access their accounts using mobile devices. In a number of cases, criminals have gained access to bank accounts by tricking cell phone providers into issuing SIM cards associated with the customer’s account…

In addition, fraudulent mobile banking applications have emerged for Android devices that attempt to steal personal financial information…

These risks will continue to grow in the coming years as more mobile devices are used to execute financial transactions…

via Identity Theft Coming to a Mobile Device Near You.

Contact: Andrew Hoog Chief Investigative Officer viaForensics Phone: +1 312-283-0551 http://viaforensics.com/contact-us

viaForensics’ CIO, Andrew Hoog, earns Certified Computer Examiner designation

Chief Investigative Officer of viaForencis, Andrew Hoog, recently obtained his (CCE)® certification from the International Society of Forensic Computer Examiners

Chicago, Feb 19, 2010 –  The CIO of the computer/mobile forensic and e-discovery firm viaForensics, Andrew Hoog, has earned [...]]]>

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaForensics
Phone: +1 312-283-0551
http://viaforensics.com/contact-us

viaForensics’ CIO, Andrew Hoog, earns Certified Computer Examiner designation

Chief Investigative Officer of viaForencis, Andrew Hoog, recently obtained his (CCE)® certification from the International Society of Forensic Computer Examiners

Chicago, Feb 19, 2010 –  The CIO of the computer/mobile forensic and e-discovery firm viaForensics, Andrew Hoog, has earned the Certified Computer Examiner (CCE) designation awarded by the International Society of Forensic Computer Examiners, an internationally recognized professional organization dedicated to upholding standards in the computer forensics community.

CCE certification is awarded to individuals who demonstrate knowledge and proficiency of skills related to the practice of digital forensics. Applicants for certification must complete an approved amount of training or professional experience and pass a four-part test.

Mr. Hoog adds this recognition to his list of credentials which includes the Global Information Assurance Certified Forensic Analyst (GCFA) designation and membership in the International High Technology Crime Investigation Association (HTCIA).

About viaForensics

viaForensics is an innovative computer/mobile forensic and e-discovery firm focusing on providing proactive services to corporations, law enforcement and law firms. Andrew Hoog is a computer scientist, computer/forensics researcher and Chief Investigative Officer at viaForensics.

# # #

Contact: Andrew Hoog Chief Investigative Officer viaForensics Phone: +1 312-283-0551 http://viaforensics.com/contact-us

viaForensics CIO speaks on iPhone and Android Forensics at The Midwest HTCIA Chapter meeting

CIO of viaForensics, Andrew Hoog, spoke about the challenges of digital forensics on the iPhone and Android platforms

Chicago, Feb 17, 2010 –  Andrew Hoog, CIO of viaForensics, spoke last week on the challenges [...]]]>

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaForensics
Phone: +1 312-283-0551
http://viaforensics.com/contact-us

viaForensics CIO speaks on iPhone and Android Forensics at The Midwest HTCIA Chapter meeting

CIO of viaForensics, Andrew Hoog, spoke about the challenges of digital forensics on the iPhone and Android platforms

Chicago, Feb 17, 2010 –  Andrew Hoog, CIO of viaForensics, spoke last week on the challenges of performing digital forensics on mobile devices. He spoke to an audience at the meeting of the Midwest Chapter of the High Technology Crime Investigator’s Association (HTCIA). His talk focused specifically on the challenges presented by iPhone’s platform and touched briefly on the new Android platform.

Andrew Hoog is the author of a groundbreaking white paper on iPhone forensics that has gained recognition throughout the industry. In the paper, Hoog reveals the vast amount of personal information stored on Apple’s iPhone and reviews six specific products and techniques for retrieving this information.

The HTCIA is a non-profit professional organization focused on the prevention, investigation and prosecution of crimes involving advanced technology. The Midwest HTCIA Chapter holds bi-monthly meetings and hosts presentations of relevant topics.

About viaForensics

viaForensics is an innovative computer/mobile forensic and e-discovery firm focusing on providing proactive services to corporations, law enforcement and law firms. Andrew Hoog is a computer scientist, computer/forensics researcher and Chief Investigative Officer at viaForensics.

###

Apple iPhone owners in Australia have reported that their smartphones have been infected by a worm that has changed their wallpaper to [...]]]>

With 10′s of millions of iPhone, rife with personal data and always connected to the Internet, it will be (is) an irresistible target for malware, spyware, identity thieves and more (you get the idea):

Apple iPhone owners in Australia have reported that their smartphones have been infected by a worm that has changed their wallpaper to an image of 1980s pop crooner Rick Astley.

via First iPhone worm discovered – ikee changes wallpaper to Rick Astley photo | Graham Cluley’s blog.