2009 stats for new mobile phones shipped, including breakdowns for smart phones, vendors, etc.  They’re everywhere, including the forensics labs now!

For all of 2009, vendors shipped 174 million smartphones, up 15% from the 151 million in 2008. All told, smartphones accounted for 15% of all mobile phones shipped in 2009, up from 12.7% in 2008, IDC said.

via Smartphone Sales Score Record – PCWorld.

“ANDROID ON THE LOOSE; Andrew Hoog unveils Google’s new mobile operation system, showings us exactly what’s important for forensic investigators.”

Digital Forensics Magazine | supporting the professional computer security industry.

There has been a lot of interest in Android Forensics and one important component is an open source framework to provide such an application.  If sufficient interest and development is generated, it will be an extremely value tool to forensic investigators.  Now, we just need some forensic geeks with Java experience to join.  The project is hosted on Google Code.

A sign of things to come…Android is going to be significant.  If you need tools and techniques for the forensic analysis of these phone, please visit our Android Forensics page which has links to training, out mailing list and information on how to subscribe to our AFWiki.

As of December 2009, the research firm's survey shows that 4% of all smartphone owners now use a phone running some version of the Android OS. That's an increase of 200% since the previous survey released in September.

via Android Usage Increased 200% Over Past 3 Months.

Ahhh, nothing like the weekly Adobe zero-day exploit.

This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild (CVE-2009-4324). We are currently investigating this issue and assessing the risk to our customers. We will provide an update as soon as we have more information. Please continue monitoring the Adobe PSIRT blog for the latest information.

via New Adobe Reader and Acrobat Vulnerability – Adobe Product Security Incident Response Team (PSIRT).

The Nook from B&N runs Android.  The folks over at nookDevs has taken the device apart, figured out how to get root (I wish it was that easy on Android phones!) and is deep into it now.  We’ve long told folks that listen that Android is much more than a mobile phone OS.  From a law enforcement/forensics standpoint, you can’t ignore that illegal information may exist on an Android book reader, set top box or whatever the next device will be.  So you have to understand Android from the ground up.  Oh, and as for the last sentence the in quote below, I might just fit the bill!

If you tear open a Nook (which the team has done) you’ll find that the Android operating system is contained on a microSD card (separate from the microSD expansion slot). From here, it’s a simple matter of using a card reader to mount this card on your computer and changing a single word in the init.rc file (the file that’s in charge of which services are begun at startup, similar to a Linux boot).

This single hack will let you plug the Nook into your computer (once you have reassembled it) and access the OS, using the freely available Google Android developers kit. Right now you’ll have to be a hardcore nerd to make much use of this…<snip>

via Nook Torn Open, Hacked, Rooted | Gadget Lab | Wired.com.

Well, it’s nice to see Adobe at the top of the list given all the 0-day exploits.  Bit9 seems to do great work but the white paper is behind a registration firewall (they should just release it, trust me, it’s better that way).  Here’s the results from the press release:

This year Adobe applications top the list with four applications identified in the U.S. National Institute of Standards and Technology&apos;s (NIST) official vulnerability database:

• Adobe Acrobat
• Flash Player
• Reader
• Shockwave

had vulnerabilities that were rated “High” including ones that allowed remote attackers to execute arbitrary code, trigger memory corruption, denial of services or application crashing.

Other vulnerable applications on the list include:

* Apple Quicktime

* Mozilla Firefox

* Opera

* RealPlayer

* Sun Java

* Trillian

The applications on the list meet the following criteria:

* Runs on Microsoft Windows

* Is well-known in the consumer space and frequently downloaded by individuals

* Is not classified as malicious by enterprise IT organizations or security vendors

* Contains at least one critical vulnerability that was:

o First reported in January 2009 or after

o Registered in the U.S. National Institute of Standards and Technology&apos;s (NIST) official vulnerability database at http://nvd.nist.gov, and given a severity rating of high (between 7.0-10.0) on the Common Vulnerability Scoring System (CVSS)

o Relies on the end user, rather than a central IT administrator, to manually patch or upgrade the software to eliminate the vulnerability, if such a patch exists

o The application cannot be automatically and centrally updated via Enterprise tools such as Microsoft SMS & WSUS.

via Bit9 Releases Annual Report on Top Vulnerable Applications in 2009.

Kristinn Gudjonsson has really done some great work.  He’s the author of the log2timeline script and posts forensics updates regularly.  It’s hard work detailing the steps you took, writing it up and such.  So hats off to Kristinn and the always good SANS computer forensics blog.

I decided to do some malware analysis as a part of some presentation I had to do. And since I went through the process, I decided to post it here if anyone is interested.

via PDF malware analysis.

A great blog by Charlie Stross on what he sees Google’s ultimate goal in the mobile world…and I like it.  Wouldn’t it be great to end the years of being worked over by the likes of AT&T and other carriers?  2010 is going to be interesting…T-Mobile has long been on a path exploring the use of WiFi as a compliment to their service and could provide the avenue needed to turn this market upside down, again.

This is where the Nexus One announced last week may be significant. If the rumours are true — that they’re pushing it at a low or subsidized price, and have strong-armed T-Mobile (the weakest of the US cellcos) into providing a cheap data-only mobile tariff for it, and more significantly access to VoIP and cheap international data roaming — then they&apos;ve got a Trojan horse into the mobile telephony industry.

I think Google are pursuing a grand strategic vision of destroying the cellco’s entire business model — of positioning themselves as value-added gatekeepers providing metered access to content — and their second-string model of locking users in by selling them premium handsets (such as the iPhone) on a rolling contract.

They intend to turn 3G data service (and subsequently, LTE) into a commodity, like wifi hotspot service only more widespread and cheaper to get at. They want to get consumers to buy unlocked SIM-free handsets and pick cheap data SIMs. They’d love to move everyone to cheap data SIMs rather than the hideously convoluted legacy voice stacks maintained by the telcos; then they could piggyback Google Voice on it, and ultimately do the Google thing to all your voice messages as well as your email and web access.

via Charlie’s Diary: Gadget Patrol: 21st century phone.

Gizmodo’s John Herrman has an interesting write up on the reasons behind fragmentation in Android version.  I thought the parallel to the iPhone model was insightful and certainly the concern is there.  Perhaps the Nexus One is Google’s response to the fragmentation.

The problem is in the model. Android updates seed out through carriers, over the air or with special installers. This is because the updates are their responsibility: once handset manufacturers (and carriers, through handset manufacturers) have built their own version of Android, they’ve effectively taken it out of the development stream. Updating it is their responsibility, which they have to choose to uphold. Or not! Who cares? The phones are already sold. And there&apos;s very little to motivate a carrier or handset manufacturer to update their Android phones, because the consequences tend to fall on Google: If Android fragments, the App Market doesn&apos;t work. The public sours. Android starts to suck. This is where the Nexus One comes in.

via How Carriers and Phone Makers Are Strangling Android (And How Google Could Save It) – google phone – Gizmodo.