Tag Archives: MFI

Request to Write

Posted on December 14, 2010 by Lee Reiber

I was requested to answer some questions on cellphone forensics in regards to processing, seizure and more about a month back. I thought I would put my responses “as they were” so to speak just in case they did not … Continue reading

Posted in Training | Tagged , , , , , , , | Leave a comment

Are You Protected?

Posted on December 6, 2010 by Lee Reiber

Greetings fellow cellphone examiners, forensic specialists and anathema to some. We are going to have a few discussions while I am on my 18 hour air journey I suppose. I hope blogs and/or twitter is allowed at my destination, ugh … Continue reading

Posted in Training | Tagged , , , , , , , , , , | Leave a comment

COM Envy

Posted on December 3, 2010 by Lee Reiber

Have you ever used a piece of software to conduct an examination on a mobile phone to find out that even if it is listed as supported an error occurs while trying to extract the data? What could be the … Continue reading

Posted in Training | Tagged , , , , , , , , , | Leave a comment

Yes I said it “Cellphone Forensics”

Posted on November 17, 2010 by Lee Reiber

As promised to all the examiners out there I say, “cellphone (mobile) forensics”. This roll comes early since we are in a wonderful holding pattern while deciding to land (I love winter). I thought I would just do another promised … Continue reading

Posted in Rant | Tagged , , , , , , , , | 1 Comment

Cellular Forensics

Posted on November 16, 2010 by Lee Reiber

Of course coming from the skies somewhere above the United States I am going to talk about the beginning of my quest in cellphone forensics and where we are today. And for those that cringe every time I say “forensics” … Continue reading

Posted in Rant | Tagged , , , , , , , , | 2 Comments

FTK 3.2 and cellphones

Posted on October 12, 2010 by Lee Reiber

A little bit of a layoff on the blog due to some crazy class schedules, but hey I am here again at 30,000 feet so what the heck. Lets talk about AccessData’s FTK.  I have been messing with AccessData’s new … Continue reading

Posted in Products | Tagged , , , , , , , , , , , | 4 Comments

They are doing what???

Posted on September 14, 2010 by Lee Reiber

I frequently have prior students, blog readers, forum followers and Twitter twerps contact me screaming, “Hey someone is using your curriculum” or “they are passing off ideas as their own.” via twitter, blogs or in their own classes. First off, … Continue reading

Posted in Rant | Tagged , , , , , , | Leave a comment

File 0000000000000001.db? If that’s a file where would you look?

Posted on August 31, 2010 by Lee Reiber

When processing an Apple device, check the files located in /private/var/mobile/Library WebKit/Databases. The Databases.db file is a SQLite Database file that contains a listing of databases.  This file can include (https) Google Mail and Yahoo Mail.  The corresponding file name … Continue reading

Posted in Rant | Tagged , , , , , , | 4 Comments

MFI Training Series vol 1 -Processing

Posted on August 24, 2010 by Lee Reiber

Ok, so we left off talking about the examiners process and now are going to move onto the actual processing of the device it’s self. I will generically talk about some key points I like to cover in my courses. … Continue reading

Posted in Training | Tagged , , , , , , , , , | Leave a comment

When is a picture more than just a picture?

Posted on August 13, 2010 by Lee Reiber

An iPhone 3G was received for analysis. The owner had reportedly taken video of an assault and subsequently deleted the video. The device was user jailbroken and had the “Cycorder” app installed. This app uses the onboard still camera with … Continue reading

Posted in Training | Tagged , , , , | 1 Comment