iPhone Forensics Demonstration
Date: This event took place live on April 17 2008
Presented by: Jonathan Zdziarski
Duration: Approximately 60 minutes.
With the iPhone quickly becoming the market leader in mobile devices, the need for law enforcement personnel to perform forensic analysis of these devices is beginning to surface. Unlike most other smart phones, the iPhone incorporates desktop-like features in an easy-to-use mobile package. As a result of its high level of technology and available features, many are likely to use it as a primary device for various forms of data and communication. While some of a suspect's data can be viewed using the direct GUI interfaces in the iPhone's software, much hidden and deleted data is available as well, which may provide for more thorough evidence gathering.
Existing commercial forensic tools are sadly lacking their ability to perform deep raw disk level recovery, and so Jonathan will demonstrate how to install his custom forensics toolkit on any existing model iPhone and send a raw disk image to a desktop machine. He will also show you how to recover files specific to the iPhone including deleted keyboard caches, photos, web objects, and much more.
Jonathan's custom forensics toolkit and his accompanying forensic manual will be available free to forensic investigators in law enforcement.
About Jonathan Zdziarski
Jonathan Zdziarski is better known as the hacker "NerveGas" in the iPhone development community. He is well known for his work in cracking the iPhone and lead the effort to port the first open source applications. Hailed on many geek news sites for his accomplishments, Jonathan is best known for the first application to illustrate and take full advantage of the major iPhone APIs: NES.app, a portable Nintendo Entertainment System emulator.
Jonathan is also a full-time research scientist and longtime mobile hacker. Prior to the iPhone, Jonathan was well known for uncovering vulnerabilities in Verizon's online systems and hacking popular Verizon phones to restore functionality once crippled by the communications behemoth.
Jonathan is also a full-time research scientist and longtime spam-fighter. He is founder of the DSPAM project, a high profile, next-generation spam filter that was acquired in 2006 by a company designing software accelerators. He lectures widely on the topic of spam and is a foremost researcher in the fields of machine-learning and algorithmic theory.
Questions? Please send email to