News

A sign of things to come…Android is going to be significant.  If you need tools and techniques for the forensic analysis of these phone, please visit our Android Forensics page which has links to training, out mailing list and information on how to subscribe to our AFWiki.

As of December 2009, the research firm's survey shows that 4% of all smartphone owners now use a phone running some version of the Android OS. That's an increase of 200% since the previous survey released in September.

via Android Usage Increased 200% Over Past 3 Months.

Latest tests of 16 anti-virus programs on the removal of 10 known malware packages were not terribly inspiring.  Security hardware and software is not enough to protect corporations which is why we offer several innovative, proactive services leveraging forensics:

“None of the products performed “very good” in malware removal or removal of leftovers, based on those 10 samples. eScan, Symantec and Microsoft (MSE) were the only products to be good in removal of malware AND removal of leftovers”, says the report. “Some products do not remove all registry entries on purpose (as long as they do not have any visible side effect for the user), e.g. if that helps to prevent reinfection by the same malware. Furthermore, in some cases it is not possible to know if the registry values (or the hosts file) were modified by the malware or by the user itself (or third-party utilities used by the user).”

via Battle of the anti-virus: What is the best software?.

This is an important development.  Once Google entered the scene and open sourced Android, it significantly altered the marketplace.  For folks in mobile forensics research, this is great news but represents yet another platform that much be analyzed and kept up to date on.

I also believe Nokia has quite a bit more code releasing to do before Symbian should be considered open source.  I big question on my mind is what is Blackberry/RIM (and other mobile companies for that matter) going to do in this regards?  They lack the developer interest to create the market places users now demand.  Will we see RIM open source parts of the Blackberry OS?  I’ve said for years now they are in position where the run a significant risk of being marginalized despite their large market share.

Today, though, as EETimes notes, Symbian has released its platform microkernel, and software development kit (SDK), as open source under the Eclipse Public License. The Symbian Foundation claims that it is moving quickly toward an open source model, which is questionable, but the release of the EKA2 kernel is a signal that Symbian still means business about adopting an open source model.

via Symbian Releases Microkernel As Open Source, Finally.

I’ve long said the Microsoft’s attempt to force the Windows UI onto a phone would not meet with approving users.  It appears the most recent update (6.5) is still in that category and will likely continue to decline in market share and relevance.  Given Microsoft’s strategic alliance with Nokia/Symbian over ActiveSync, it seems to signal Microsoft is aware they are fighting a losing battle.  On to the review:

The interface improvements are welcome – and long overdue – but the changes are mere window dressing. It’s simply not good enough to overthrow Android or the iPhone

via Windows Phone review / Windows Mobile 6.5 review | Software | Reviews | PC Pro.

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaForensics
Phone: +1 312-283-0551
http://viaforensics.com/contact-us

Groundbreaking research on Android Forensics discussed this week by Andrew Hoog as guest on Talk Forensics

Andrew Hoog, CIO of viaForensics, Computer Scientist and Forensic Analyst Discusses His Latest Groundbreaking Research on Android Forensics On Talk Forensics Radio Show, Sunday September 27th at 4pm eastern.

Chicago, September 25, 20009 – Talk Forensics, a highly popular talk radio show hosted by Larry Daniel of Guardian Digital Forensics, is proud to announce that Andrew Hoog, CIO of viaForensics, Computer Scientist and Forensics Analyst will be the guest on Talk Forensics for the September 27th Episode. Andrew Hoog, chief investigative officer of viaForensics, is a recognized computer scientist and forensic analyst and former chief information officer of a $750 million multinational corporation. He has led investigations, contributed to policy development and lectured at corporations, attorneys’ associations and law enforcement agencies about the computer forensic discipline. He maintains a computer forensics and e-discovery glossary, authors computer/mobile forensic how-to guides and is now writing a book about Android forensics. He is the author of a groundbreaking white paper on iPhone forensics that has gained recognition throughout the industry.

Join host Larry Daniel and Computer Scientist Andrew Hoog as they discuss Andrew’s latest research and development in Android Forensics.

About the Show:

The purpose of our show is to educate and entertain the public on the various fields of forensic science, crime scene investigation, missing person searches and various aspects of the legal system as it relates to forensic science.

You can call (646) 727-3674 and ask questions of our Expert Guest during the live show.

About our host:

The host of our show is Larry E. Daniel. Larry is the primary expert for Guardian Digital Forensics. Larry is well known for his work on capital cases and is an expert in computer forensics. Larry also writes a popular internet blog on forensics at www.exforensis.blogspot.com

About viaForensics:

viaForensics is an innovative computer/mobile forensic and e-discovery company providing expert consulting services to corporations, law firms, law enforcement and government agencies. Beyond servicing our clients immediate needs, the company focuses on groundbreaking research in areas such as mobile forensics, SQLite forensics, data visualization and general education on forensics by regularly posting HOWTOs, glossary terms and the results of our research, accessible at viaforensics.com.

###

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaFORENSICS
Phone: +1 773-539-7909
http://viaforensics.com/contact-us

Free iPhone Forensics White Paper Released by viaFORENSICS

iPhone forensics white paper targets forensic analysts and consumers who want to understand what personal information is stored on the iPhone and how to recover it.

Chicago, March 2, 20009 – viaFORENSICS released a free white paper on iPhone Forensics at viaforensics.com that reveals the vast amount of personal information stored on Apple’s iPhone and reviews techniques and software for retrieving this information. Consumers and corporations have a legitimate concern over confidential information and its unauthorized release or use. This paper educates readers on what information is stored and reviews six specific products and techniques for recovering it.

The testing was performed on a 3G iPhone with less than six months of use. Yet one technique recovered more than 30,000 files, including text messages, contacts, GPS locations, website history and Facebook images. The testing also recovered highly sensitive information including online banking credentials. Most consumers and corporations are unaware of how much information modern smart phones store. As a result some sell used iPhones without securely deleting data, resulting in complete exposure of all information stored on their devices.

The white paper is available for download at http://viaforensics.com/iphone-forensic-software/iphone-forensic-white-paper.html by registering with your email address. Notification of future updates will be provided as well as information on an upcoming white paper on Android Forensics.

About viaFORENSICS

viaFORENSICS is an e-discovery and computer/mobile forensic company providing expert consulting services for law firms and corporations. The company also focuses on industry and general education and maintains a computer forensic and e-discovery glossary and technical how-to guides on their website, viaforensics.com.

# # #

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaFORENSICS
Phone: +1 773-539-7909

http://viaforensics.com/contact-us

Andrew Hoog to present Android Forensics research and moderate iPhone Forensics Panel at Mobile Forensics World 2009

Andrew Hoog will present his research on Android Forensics as well as moderate a panel of iPhone forensic experts at Mobile Forensics World 2009 in Chicago, IL on May 28th and 29th, 2009.

Chicago, March 1, 20009 – Andrew Hoog, viaFORENSICS Chief Investigative Officer, will present the findings of his Android forensics research at Mobile Forensics World 2009. Since the release of the mobile device platform Android, a welcomed change has begun. Android is open source, based on a Linux 2.6 kernel and is managed by the Open Handset Alliance, a group of major mobile device, hardware and software vendors. Since the release of T-Mobile’s G1 and with dozens more imminent, this mobile device platform is poised to make significant inroads into the market. The presentation will provide an overview of the Android platform, present significant areas of focus for the forensic examiner and demonstrate forensic techniques you can use today.

Mr. Hoog will also moderate a forum of iPhone forensics experts from the New York State Police, the DoD Cyber Crimes Center and McAfee, Inc. Mr. Hoog’s expertise in mobile forensics will allow him to facilitate an informative discussion for the audience of law enforcement and forensic professionals.

About viaFORENSICS

viaFORENSICS is an e-discovery and computer/mobile forensic company providing expert consulting services for law firms and corporations. The company also focuses on industry and general education and maintains a computer forensic and e-discovery glossary and technical how-to guides on their website, viaforensics.com.

# # #

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaFORENSICS
Phone: +1 773-539-7909

http://viaforensics.com/contact-us

Andrew Hoog to present to St. Louis University’s Math and Computer Science Department

Chicago, November 19, 2008 – Andrew Hoog, Chief Investigative Officer at viaFORENSICS, will present an introduction to computer forensics to the Math and Computer Science Department at St. Louis University to students and professors.

The presentation will include a general introduction to computer forensics and will provide a live demonstration using open source tools such as The Sleuth Kit and the Autopsy Forensic Browser. The materials from this presentation will be posted below.

Materials

• Computer Forensic Primer

About viaFORENSICS

viaFORENSICS is an e-discovery and computer/mobile forensic company providing expert consulting services for law firms and corporations. The company also focuses on industry and general education and maintains a computer forensic and e-discovery glossary and technical how-to guides on their website, viaforensics.com.

# # #

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaFORENSICS
Phone: +1 773-539-7909

http://viaforensics.com/contact-us

Andrew Hoog to write iPhone forensic white paper for SANS Institute

Chicago, November 17, 2008 – Andrew Hoog, Chief Investigative Officer at viaFORENSICS, will author a white paper entitled “iPhone Forensics – 2009″ for the SANS Institute. This white paper will provide an additional level of certification to Mr. Hoog’s GIAC Certified Forensics Analyst status. The white paper is targeted for release on May 17, 2009. Please see below for abstract and additional materials as they become available.

Abstract
The iPhone was introduced in January 2007 and within twenty months surpassed Research In Motion (Blackberry) as the second largest supplier of smart phones. Regardless if this sales trend is sustainable, the Apple iPhone already has a significant footprint and will now frequently appear in computer forensic cases. The iPhone has a very active hacking community and this has yielded research and tools which can support forensic investigation. Several commercial software packages now offer iPhone support and in September 2008, O’Reilly released “iPhone Forensics, 1st Edition” by Jonathan Zdziarski. This paper will investigate the various options available for forensic analysis of the iPhone as well as a detailed forensic investigation of an iPhone.

About viaFORENSICS

viaFORENSICS is an e-discovery and computer/mobile forensic company providing expert consulting services for law firms and corporations. The company also focuses on industry and general education and maintains a computer forensic and e-discovery glossary and technical how-to guides on their website, viaforensics.com.

# # #