Book Details
Android use is growing exponentially, with more than 200,000 devices activated daily and more than 190 million Android phones in use around the world. With multiple manufacturers, thousands of apps, and the largest mobile operating system market share, it has become a prominent platform and a major source of digital forensic investigation and analysis.
Get the most up-to-date resource for Android forensics and mobile security including information on:
- Android architecture and file system
- Android device hardware
- Forensic acquisition – logical and physical
- Forensic investigation of Android devices, including Motorola Droid
- Mobile security issues in Android apps
Stay current on the fastest-growing OS in the world, now on 25% of all smart phones. This book is an essential resource for any forensic investigator or digital security professional.
“If you want to truly understand and perform forensics on Android this is the book. There is no other reference that goes to this level of detail on the Android operating systems idiosyncrasies and quirks. Android Forensics is a must have for the mobile device examiner’s bookshelf.” -Jim Steele, Director of Digital Forensics , a Tier 1 Wireless Carrier
Kindle users: We are aware that when the book was converted to the Kindle format, the images are nearly impossible to view. We apologize for the issue. Please visit the download page below where you can download all images from the book.
Software and image downloads for the book
Errata
| Page | Date | Credit | Problem |
| 5 | 10/24/2011 | n/a | HTC DREA100 should read HTC DREAM |
| 6 | 10/24/2011 | n/a | See http://www.openhandsetalliance.com/oha_members.html for an up-to-date listing of OHA Members |
| 9 | 09/29/2011 | n/a | Nexus One only has two microphones, not three |
| 13 | 07/05/2011 | n/a | The URL for downloading the ISO from Ubuntu changed. Correct URL as of 08/07/2011 is http://releases.ubuntu.com/10.10/ubuntu-10.10-desktop-amd64.iso |
| 14 | 07/05/2011 | n/a | If you have problems installing sleuthkit, trying running sudo apt-get update first to account for changes in the apt repository. |
| 19 | 07/05/2011 | n/a | The command “tree” is not included as standard in the Ubuntu distro. Install with: sudo apt-get install tree |
| 22 | 09/23/2011 | Dave Childs, Computer Forensic Lab Manager | Stated the command would run md5sum but used sha256sum command in the example. Said the output was redirect to a text file called md5.txt and but in the example it outputs to sha256sum.txt |
| 24 | 09/24/2011 | Dave Childs, Computer Forensic Lab Manager | First grep example does not have the -i and will thus search for “Forensics” not “forensics” as inidicated |
| 25 | 09/23/2011 | Dave Childs, Computer Forensic Lab Manager | Redirection example references “book.txt” and “newdocument.txt” but should be “ch1.xml” and “~/Desktop/new-ch1.xml” |
| 30 | 09/05/2011 | n/a | Curl command refers to an obsolete website. Please use the following command.curl https://dl-ssl.google.com/dl/googlesource/git-repo/repo > ~/bin/repo |
| 31 | 10/11/2011 | n/a | In the following sentence, ADV should be AVD (Android Virtual Device) “The same feature of the ADV is available on the physical Android devices as well” |
| 43, others | 10/11/2011 | n/a | Wi-Fi.com is a result of a find and replace that went horribly wrong. All referneces to Wi-Fi.com should simply be Wi-Fi referring to 802.11 wireless networks |
| 75 | 07/05/2011 | n/a | In the .bashrc update, the username is hard-coded to ahoog and much be changed to account for the username you setup. In the example below, replace USER with the username you created when setting up the Linux VM: |
| 123 | 01/13/2012 | Inaae Kim | adb shell dumpsysshould read adb shell dumpstate |
| 191 | 08/07/2011 | Al Holt, Towson University | MD5 was incorrectly identified as an encryption algorithm. MD5 is a one-way cryptographic hash algorithm. |
