SlideShare a Scribd company logo

There's an App for That: Digital Forensic Realities for Mobile App Evidence, Security and Privacy

Cellebrite
Cellebrite

Attorneys are often shocked at how much deeply probative evidence, both live and deleted, can be data mined from today’s smart phones and tablets. With the surging adoption of mobile apps for communications, commerce, navigation, and other capabilities, new issues with data security and privacy are developing. This session will explore new evidence modalities, relevance, admissibility, and topical issues with mobile apps that impact investigations and litigation.

Technology
1 of 58
Download to read offline
Mobile  Forensics  World     June  3,  2013   John  J.  Carney,  Esq.   There’s  an  App  for  That       Digital  Forensic  Reali6es  for  Mobile  App  Evidence,   Security  and  Privacy  
www.youtube.com/watch?v=cdWmIoeLyfc  
Generations of App Computing When Generation Companies Languages 1960s Mainframes IBM, Cray Cobol/Fortran 1970s Minicomputers DEC, Wang PL/I, C 1980s Personal Computers Microsoft, Apple C++, VB 1995 Internet Computing Google, Yahoo Java, C#, PHP 2005 Mobile Computing Apple, Google Obj-C, Ruby
Mobile App Evidence Realities ■  “There’s An App for That” ■  App Platforms ■  App Families ■  App Privacy ■  App Data Security ■  App Plug-in Development ■  App Futures
“There’s An App for That” “Apps are nuggets of magic”
“There’s An App for That”
“There’s An App for That” ■  Small, downloadable chunks of software ■  Access to info in neatly packaged format ■  Simplicity, cheapness, instant gratification ■  Intuitive because rely on phone’s sensors ■  Accelerometers, gyroscopes, inbuilt GPS ■  Don’t need constant connection to Internet ■  Launch faster than PC software ■  Top ten are 43% of usage; top fifty are 61%
Mobile App Platforms
Mobile App Platforms
Mobile App Families
Mobile Apps – Families to Watch ■  Mobile Messaging ■  Mobile Messaging (Retention / Expiration) ■  Personal Navigation (GPS) ■  Payment ■  Social Media ■  Photo Sharing ■  Document Creation ■  Web Mail ■  Productivity ■  Storage/Backup ■  Spyware
Social Media Apps
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Document Creation Apps
Productivity Apps
Smart Phone Apps & App Data
iPhone Personal Navigation Apps ■  Garmin StreetPilot Onboard ■  Magellan RoadMate ■  TomTom App ■  NAVIGON MobileNavigator ■  Google Maps ■  Nokia Maps ■  CoPilot Live ■  MotionX GPS Drive ■  MapQuest Navigator ■  TeleNav ■  AT&T Navigator
Android Personal Navigation Apps ■  Google Maps ■  Nokia Maps ■  NAVIGON MobileNavigator ■  CoPilot Live ■  MapQuest Android Nav App ■  TeleNav ■  Waze – Social GPS ■  Sygic GPS Navigation ■  iGO My Way
Web Mail Apps
Smart Phone Apps & App Data
Mobile Messaging Apps
Mobile Messaging Apps •  Make  That  20  Billion  Messages   •  Popular  “SMS  Killers”   •  Use  Internet  and  App  Servers   •  Text  Free  from  Costs  &  Quotas   •  Mul6-­‐plaPorm  for  Many  Devices   •  Global  to  Bypass  Country  Limits  
Mobile Messaging Apps •  Evidence  Recovery  Challenging   •  Unaware  of  Exploding  Use  in  US   •  Subpoena  or  Court  Order  Issues   •  Not  Easily  Data  Mined  by  Expert   •  Advanced  Decoding  &  Tools  Required  to  Recover  &  Produce  
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Smart Phone Apps & App Data
Mobile Messaging Apps Expiration / Retention
Mobile Messaging Apps Expiration / Retention
Picture Sharing Apps
Payment Apps
App Privacy “Get It Right From The Start” ■  Privacy Recommendations from the FTC ■  Build Privacy into Apps ■  Practice “Privacy by Design” ■  Limit Information Collected ■  Securely Store What Held ■  Safely Dispose of Information ■  Use App Defaults Users Expect ■  Do Mobile Apps Get It Right?
App Privacy PiOS: Detecting Privacy Leaks in iOS Apps ■  Academics Published Study Using Novel Analysis Tool ■  Tested 1,400 iPhone Apps for Privacy Threats ■  825 Free Apps Vetted by Apple and Available through AppStore ■  582 Jailbroken Apps from Cydia (not associated with Apple) ■  Sensitive Information Sources Giving Rise to Privacy Leaks:
App Privacy PiOS: Detecting Privacy Leaks in iOS Apps ■  Did the 1,400 iOS Apps Get It Right? ■  Most Leaks Supply Access to Unique DeviceID Allows Hackers to Create Detailed Profiles of Users’ App Preferences and Usage Patterns
App Data Security Critical Role of Mobile Apps Data Security Protection Required: ■  Personally Identifiable Information (PII) ■  Personal Health Information (PHI) - HIPAA ■  Consumer Personal Nonpublic Information – GLBA ■  Student Records – FERPA ■  Security Credentials ■  Trade Secrets ■  Confidential Information ■  Personal Identity and Reputation “68%  of  mobile  device  owners  who  have  not   adopted      financial  apps  are  holding  back  due   to  security  fears.”  –  Mobile  Banking,  Consumer   Security  PracIces  and  the  Growing  Risks  to        Banks,  Research  Report,  Metaforic,  2012  
App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  100 Popular Consumer Apps Tested ■  iPhone and Android Platforms ■  Finance, Social Media, Productivity, Retail Apps Segments ■  Download, Install, Populate Apps with Marked Data ■  Username, Password, Private App Data ■  Analyze Mobile Device Forensically for Data Exposure ■  Rate Results on Pass/Warn/Fail System ■  Expert Judgments Based On: ■  Security Best Practices, Likely User Expectations, Quantity and Specific Nature of Data Exposed
App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  Overall Only 17% of Apps Pass
App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  44% of Financial Apps Pass and Are Most Secure ■  74% of Social Media Apps Fail and Are Least Secure ■  No Social Media Apps Pass App Data Test ■  4 Social Media Apps Stored Device Passwords in Clear Text ■  Only 3 Productivity Apps Pass ■  11 Productivity Apps Failing are E-mail Apps ■  No Retail Apps Pass ■  Overall Results:
App Plug-in Development Challenge: Exponential Growth in App Installs
App Plug-in Development Challenge: High Growth in Apps Available Pure Oxygen Labs, LLC
App Plug-in Development Solution: Examiner Developers in the Field
App Plug-in Development Case Study in App Forensics Development •  App Chosen Is “Burner” – Disposable Phone Numbers •  Family: Mobile Messaging App – Retention / Expiration •  By Ad Hoc Labs, Inc. •  TIME Magazine’s Top 10 Apps of 2012 •  Featured in Wired and Engadget
Plug-in Development Environment •  Goals •  Least Intrusive (Phone Handset Experimentation) •  Portable •  Standard •  Cost Effective •  Windows7 VMware Virtual Machine •  Android SDK Emulator Creates Virtual Test Phones •  Supports SMS, Voice, Voice Messages, VOIP •  APK App Downloader for Chrome to Download Apps from Google Play Store •  Android Debug Bridge (ADB) to Install Apps •  IDE – Vim, Eclipse, Notepad++
Plug-in Decoding and Development •  App Decoding Using •  UFED Physical Analyzer •  UFED Plug-ins – YAFFS2, Android Content, SmartFat, ExtX •  Viewers – SQLite, XML Preference Files, Text •  Diff •  Plug-in Development Using •  Iron Python Shell •  Method Auto-completion •  Browse Loaded Objects •  Iron Python Libraries for Scripting •  UFED Plug-in Packager •  Converts Python Script into Plug-in
Plug-in Execution UFED Physical Analyzer •  Physical Memory Acquisition •  File System Reconstruction •  Plug-in Chain Management •  Automated Plug-in Execution •  App Parsing and Object Loading •  Reporting, Analytics, Exports
Plug-in Results •  Only Passwords Are Encrypted •  App Data Stored in SQLite Database Openly & Unprotected •  Until Phone Number Expires and App Data Wiped Lessons •  Examiners Can Decode Apps •  Examiners Can Author App Plug-ins
Mobile App Futures ■ Wearables ■  Smart Watches ■ Sony SmartWatch – >200 Android Apps Available ■ Pebble Watch – Apps Platform ■ i’m Watch – Android Apps ■ MetaWatch STRATA and FRAME – iOS Apps ■ WIMM One – Android Apps ■ Apple iWatch – iOS Apps (presumably)
Mobile App Futures ■  Wearables ■  Google Glass – Apps Platform is “Glassware” ■ Facebook ■ Twitter ■ Tumblr ■ Evernote ■ Elle Magazine ■ CNN ■ Ice Breaker
Mobile App Futures ■  Quantified Self ■  Uses ■  Fitness – Exercise / Calories / Weight ■  Diagnostics – Sleep / Ultrasound / Heart ■  Devices ■  Smart Phones – Apps like RunKeeper, Endomondo My Fitness Pro ■  Fitbit ■  Nike+ FuelBand ■  Jawbone UP ■  Zeo, SleepBot – Sleep ■  Polar WearLink – Heart ■  Mobisante, Fraunhofer – Ultrasound
Mobile App Futures It’s All About the Apps – New Vendor Metric? # Device Profiles Supported # Mobile Apps Supported
Questions & Answers Carney Forensics Cell Phones / Smart Phones Smart Tablets Computer Forensics GPS Devices Social Media / Email Mobile App Litigation Readiness Sign up for our Newsletter!! www.carneyforensics.com

Recommended

Trends in Mobile Device Data and Artifacts
Trends in Mobile Device Data and ArtifactsTrends in Mobile Device Data and Artifacts
Trends in Mobile Device Data and ArtifactsCellebrite
 
Reduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsReduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsCellebrite
 
Verification and Validation of Findings
Verification and Validation of FindingsVerification and Validation of Findings
Verification and Validation of FindingsCellebrite
 
Shelton mobile forensics
Shelton mobile forensicsShelton mobile forensics
Shelton mobile forensicsi4box Anon
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 

Recommended

Trends in Mobile Device Data and Artifacts
Trends in Mobile Device Data and ArtifactsTrends in Mobile Device Data and Artifacts
Trends in Mobile Device Data and ArtifactsCellebrite
 
Reduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsReduce Lab Backlog with Mobile Data Forensic Previews
Reduce Lab Backlog with Mobile Data Forensic PreviewsCellebrite
 
Verification and Validation of Findings
Verification and Validation of FindingsVerification and Validation of Findings
Verification and Validation of FindingsCellebrite
 
Shelton mobile forensics
Shelton mobile forensicsShelton mobile forensics
Shelton mobile forensicsi4box Anon
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsFORnSECSolutions
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingVi Tính Hoàng Nam
 
Lect 1 computer forensics
Lect 1 computer forensicsLect 1 computer forensics
Lect 1 computer forensicsKabul Education University
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010Tiago Henriques
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics pptRoshiniVijayakumar1
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsAnyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.guestcf6f5b
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsShreya Singireddy
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools Jyothishmathi Institute of Technology and Science Karimnagar
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensicsKabul Education University
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 
With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...Cellebrite
 
Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015Cellebrite
 

More Related Content

What's hot

Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsFORnSECSolutions
 
computer forensics
computer forensicscomputer forensics
computer forensicsshivi123456
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingVi Tính Hoàng Nam
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Muzzammil Wani
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.guestcf6f5b
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsNeilg42
 

What's hot (20)

Best Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec SolutionsBest Cyber Crime Investigation Service Provider | Fornsec Solutions
Best Cyber Crime Investigation Service Provider | Fornsec Solutions
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Ce hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handlingCe hv6 module 57 computer forensics and incident handling
Ce hv6 module 57 computer forensics and incident handling
 
Lect 1 computer forensics
Lect 1 computer forensicsLect 1 computer forensics
Lect 1 computer forensics
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
 
Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014Cyber forensics 02 mit-2014
Cyber forensics 02 mit-2014
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics ppt
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
 
Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.Digital Forensic Tools - Application Specific.
Digital Forensic Tools - Application Specific.
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hide
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools
 
Lect 6 computer forensics
Lect 6 computer forensicsLect 6 computer forensics
Lect 6 computer forensics
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 

Viewers also liked

With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...Cellebrite
 
Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015Cellebrite
 
Preparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device EvidencePreparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device EvidenceCellebrite
 
Interview Techniques for a Mobile Crime World
Interview Techniques for a Mobile Crime WorldInterview Techniques for a Mobile Crime World
Interview Techniques for a Mobile Crime WorldCellebrite
 
Acromobile Presentation Deck for Visa FinTech Asia 2014
Acromobile Presentation Deck for Visa FinTech Asia 2014Acromobile Presentation Deck for Visa FinTech Asia 2014
Acromobile Presentation Deck for Visa FinTech Asia 2014Acromobile
 
How to avoid becoming the next victim of ransomware
How to avoid becoming the next victim of ransomwareHow to avoid becoming the next victim of ransomware
How to avoid becoming the next victim of ransomwareIISPEastMids
 
Ransomware - Mark Chimely
Ransomware - Mark ChimelyRansomware - Mark Chimely
Ransomware - Mark ChimelyIISPEastMids
 

Viewers also liked (7)

With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...With UFED Physical Analyzer, investigative team helps prove a case for capita...
With UFED Physical Analyzer, investigative team helps prove a case for capita...
 
Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015Cellebrite Predictions Survey 2015
Cellebrite Predictions Survey 2015
 
Preparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device EvidencePreparing to Testify About Mobile Device Evidence
Preparing to Testify About Mobile Device Evidence
 
Interview Techniques for a Mobile Crime World
Interview Techniques for a Mobile Crime WorldInterview Techniques for a Mobile Crime World
Interview Techniques for a Mobile Crime World
 
Acromobile Presentation Deck for Visa FinTech Asia 2014
Acromobile Presentation Deck for Visa FinTech Asia 2014Acromobile Presentation Deck for Visa FinTech Asia 2014
Acromobile Presentation Deck for Visa FinTech Asia 2014
 
How to avoid becoming the next victim of ransomware
How to avoid becoming the next victim of ransomwareHow to avoid becoming the next victim of ransomware
How to avoid becoming the next victim of ransomware
 
Ransomware - Mark Chimely
Ransomware - Mark ChimelyRansomware - Mark Chimely
Ransomware - Mark Chimely
 

Similar to There's an App for That: Digital Forensic Realities for Mobile App Evidence, Security and Privacy

Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Advanced monitoring
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A ReviewUmang Singh
 
Pentesting iPhone applications
Pentesting iPhone applicationsPentesting iPhone applications
Pentesting iPhone applicationsSatish b
 
Andrew Jaquith SOURCE Boston 2011
Andrew Jaquith SOURCE Boston 2011Andrew Jaquith SOURCE Boston 2011
Andrew Jaquith SOURCE Boston 2011Source Conference
 
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)Vince Verbeke
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on androidRavishankar Kumar
 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Blueinfy Solutions
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012Tjylen Veselyj
 
18-mobile-malware.pptx
18-mobile-malware.pptx18-mobile-malware.pptx
18-mobile-malware.pptxsundar110567
 
CNIT 128 8: Mobile development security
CNIT 128 8: Mobile development securityCNIT 128 8: Mobile development security
CNIT 128 8: Mobile development securitySam Bowne
 
Building a Mobile Security Program
Building a Mobile Security ProgramBuilding a Mobile Security Program
Building a Mobile Security ProgramDenim Group
 
GlitterLabs-Product-Portfolio.pptx (1)
GlitterLabs-Product-Portfolio.pptx (1)GlitterLabs-Product-Portfolio.pptx (1)
GlitterLabs-Product-Portfolio.pptx (1)glitterlabs
 
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)Giles Greenway
 
Mobile application development4
Mobile application development4Mobile application development4
Mobile application development4Appin Kulti Branch
 
Mobile application development
Mobile application developmentMobile application development
Mobile application developmentAppin Hisar
 
Mobile application development2
Mobile application development2Mobile application development2
Mobile application development2Appin Ara
 
Mobile application development2
Mobile application development2Mobile application development2
Mobile application development2Appin Vijayanagar
 
Secured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSSecured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSAppin Delhi
 

Similar to There's an App for That: Digital Forensic Realities for Mobile App Evidence, Security and Privacy (20)

Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
Юрий Чемёркин (Yury Chemerkin) Owasp russia 2016
 
Mobile App Security: A Review
Mobile App Security: A ReviewMobile App Security: A Review
Mobile App Security: A Review
 
Pentesting iPhone applications
Pentesting iPhone applicationsPentesting iPhone applications
Pentesting iPhone applications
 
Andrew Jaquith SOURCE Boston 2011
Andrew Jaquith SOURCE Boston 2011Andrew Jaquith SOURCE Boston 2011
Andrew Jaquith SOURCE Boston 2011
 
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
 
OptimusMobility Overview
OptimusMobility OverviewOptimusMobility Overview
OptimusMobility Overview
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 
18-mobile-malware.pptx
18-mobile-malware.pptx18-mobile-malware.pptx
18-mobile-malware.pptx
 
CNIT 128 8: Mobile development security
CNIT 128 8: Mobile development securityCNIT 128 8: Mobile development security
CNIT 128 8: Mobile development security
 
Building a Mobile Security Program
Building a Mobile Security ProgramBuilding a Mobile Security Program
Building a Mobile Security Program
 
GlitterLabs-Product-Portfolio.pptx (1)
GlitterLabs-Product-Portfolio.pptx (1)GlitterLabs-Product-Portfolio.pptx (1)
GlitterLabs-Product-Portfolio.pptx (1)
 
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)
Our Data, Ourselves: The Data Democracy Deficit (EMF CAmp 2014)
 
Mobile application development4
Mobile application development4Mobile application development4
Mobile application development4
 
Mobile application development
Mobile application developmentMobile application development
Mobile application development
 
Mobile application development2
Mobile application development2Mobile application development2
Mobile application development2
 
Mobile application development2
Mobile application development2Mobile application development2
Mobile application development2
 
Secured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSSecured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOS
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

There's an App for That: Digital Forensic Realities for Mobile App Evidence, Security and Privacy

  • 1. Mobile  Forensics  World     June  3,  2013   John  J.  Carney,  Esq.   There’s  an  App  for  That       Digital  Forensic  Reali6es  for  Mobile  App  Evidence,   Security  and  Privacy  
  • 3. Generations of App Computing When Generation Companies Languages 1960s Mainframes IBM, Cray Cobol/Fortran 1970s Minicomputers DEC, Wang PL/I, C 1980s Personal Computers Microsoft, Apple C++, VB 1995 Internet Computing Google, Yahoo Java, C#, PHP 2005 Mobile Computing Apple, Google Obj-C, Ruby
  • 4. Mobile App Evidence Realities ■  “There’s An App for That” ■  App Platforms ■  App Families ■  App Privacy ■  App Data Security ■  App Plug-in Development ■  App Futures
  • 5. “There’s An App for That” “Apps are nuggets of magic”
  • 6. “There’s An App for That”
  • 7. “There’s An App for That” ■  Small, downloadable chunks of software ■  Access to info in neatly packaged format ■  Simplicity, cheapness, instant gratification ■  Intuitive because rely on phone’s sensors ■  Accelerometers, gyroscopes, inbuilt GPS ■  Don’t need constant connection to Internet ■  Launch faster than PC software ■  Top ten are 43% of usage; top fifty are 61%
  • 11. Mobile Apps – Families to Watch ■  Mobile Messaging ■  Mobile Messaging (Retention / Expiration) ■  Personal Navigation (GPS) ■  Payment ■  Social Media ■  Photo Sharing ■  Document Creation ■  Web Mail ■  Productivity ■  Storage/Backup ■  Spyware
  • 13. Smart Phone Apps & App Data
  • 14. Smart Phone Apps & App Data
  • 17. Smart Phone Apps & App Data
  • 18. iPhone Personal Navigation Apps ■  Garmin StreetPilot Onboard ■  Magellan RoadMate ■  TomTom App ■  NAVIGON MobileNavigator ■  Google Maps ■  Nokia Maps ■  CoPilot Live ■  MotionX GPS Drive ■  MapQuest Navigator ■  TeleNav ■  AT&T Navigator
  • 19. Android Personal Navigation Apps ■  Google Maps ■  Nokia Maps ■  NAVIGON MobileNavigator ■  CoPilot Live ■  MapQuest Android Nav App ■  TeleNav ■  Waze – Social GPS ■  Sygic GPS Navigation ■  iGO My Way
  • 21. Smart Phone Apps & App Data
  • 23. Mobile Messaging Apps •  Make  That  20  Billion  Messages   •  Popular  “SMS  Killers”   •  Use  Internet  and  App  Servers   •  Text  Free  from  Costs  &  Quotas   •  Mul6-­‐plaPorm  for  Many  Devices   •  Global  to  Bypass  Country  Limits  
  • 24. Mobile Messaging Apps •  Evidence  Recovery  Challenging   •  Unaware  of  Exploding  Use  in  US   •  Subpoena  or  Court  Order  Issues   •  Not  Easily  Data  Mined  by  Expert   •  Advanced  Decoding  &  Tools  Required  to  Recover  &  Produce  
  • 25. Smart Phone Apps & App Data
  • 26. Smart Phone Apps & App Data
  • 27. Smart Phone Apps & App Data
  • 28. Smart Phone Apps & App Data
  • 29. Smart Phone Apps & App Data
  • 30. Smart Phone Apps & App Data
  • 31. Smart Phone Apps & App Data
  • 32.
  • 37. App Privacy “Get It Right From The Start” ■  Privacy Recommendations from the FTC ■  Build Privacy into Apps ■  Practice “Privacy by Design” ■  Limit Information Collected ■  Securely Store What Held ■  Safely Dispose of Information ■  Use App Defaults Users Expect ■  Do Mobile Apps Get It Right?
  • 38. App Privacy PiOS: Detecting Privacy Leaks in iOS Apps ■  Academics Published Study Using Novel Analysis Tool ■  Tested 1,400 iPhone Apps for Privacy Threats ■  825 Free Apps Vetted by Apple and Available through AppStore ■  582 Jailbroken Apps from Cydia (not associated with Apple) ■  Sensitive Information Sources Giving Rise to Privacy Leaks:
  • 39. App Privacy PiOS: Detecting Privacy Leaks in iOS Apps ■  Did the 1,400 iOS Apps Get It Right? ■  Most Leaks Supply Access to Unique DeviceID Allows Hackers to Create Detailed Profiles of Users’ App Preferences and Usage Patterns
  • 40. App Data Security Critical Role of Mobile Apps Data Security Protection Required: ■  Personally Identifiable Information (PII) ■  Personal Health Information (PHI) - HIPAA ■  Consumer Personal Nonpublic Information – GLBA ■  Student Records – FERPA ■  Security Credentials ■  Trade Secrets ■  Confidential Information ■  Personal Identity and Reputation “68%  of  mobile  device  owners  who  have  not   adopted      financial  apps  are  holding  back  due   to  security  fears.”  –  Mobile  Banking,  Consumer   Security  PracIces  and  the  Growing  Risks  to        Banks,  Research  Report,  Metaforic,  2012  
  • 41. App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  100 Popular Consumer Apps Tested ■  iPhone and Android Platforms ■  Finance, Social Media, Productivity, Retail Apps Segments ■  Download, Install, Populate Apps with Marked Data ■  Username, Password, Private App Data ■  Analyze Mobile Device Forensically for Data Exposure ■  Rate Results on Pass/Warn/Fail System ■  Expert Judgments Based On: ■  Security Best Practices, Likely User Expectations, Quantity and Specific Nature of Data Exposed
  • 42. App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  Overall Only 17% of Apps Pass
  • 43. App Data Security Study and Findings: Sensitive User Data Stored on Mobile Devices ■  44% of Financial Apps Pass and Are Most Secure ■  74% of Social Media Apps Fail and Are Least Secure ■  No Social Media Apps Pass App Data Test ■  4 Social Media Apps Stored Device Passwords in Clear Text ■  Only 3 Productivity Apps Pass ■  11 Productivity Apps Failing are E-mail Apps ■  No Retail Apps Pass ■  Overall Results:
  • 44. App Plug-in Development Challenge: Exponential Growth in App Installs
  • 45. App Plug-in Development Challenge: High Growth in Apps Available Pure Oxygen Labs, LLC
  • 46. App Plug-in Development Solution: Examiner Developers in the Field
  • 47. App Plug-in Development Case Study in App Forensics Development •  App Chosen Is “Burner” – Disposable Phone Numbers •  Family: Mobile Messaging App – Retention / Expiration •  By Ad Hoc Labs, Inc. •  TIME Magazine’s Top 10 Apps of 2012 •  Featured in Wired and Engadget
  • 48. Plug-in Development Environment •  Goals •  Least Intrusive (Phone Handset Experimentation) •  Portable •  Standard •  Cost Effective •  Windows7 VMware Virtual Machine •  Android SDK Emulator Creates Virtual Test Phones •  Supports SMS, Voice, Voice Messages, VOIP •  APK App Downloader for Chrome to Download Apps from Google Play Store •  Android Debug Bridge (ADB) to Install Apps •  IDE – Vim, Eclipse, Notepad++
  • 49. Plug-in Decoding and Development •  App Decoding Using •  UFED Physical Analyzer •  UFED Plug-ins – YAFFS2, Android Content, SmartFat, ExtX •  Viewers – SQLite, XML Preference Files, Text •  Diff •  Plug-in Development Using •  Iron Python Shell •  Method Auto-completion •  Browse Loaded Objects •  Iron Python Libraries for Scripting •  UFED Plug-in Packager •  Converts Python Script into Plug-in
  • 50. Plug-in Execution UFED Physical Analyzer •  Physical Memory Acquisition •  File System Reconstruction •  Plug-in Chain Management •  Automated Plug-in Execution •  App Parsing and Object Loading •  Reporting, Analytics, Exports
  • 51. Plug-in Results •  Only Passwords Are Encrypted •  App Data Stored in SQLite Database Openly & Unprotected •  Until Phone Number Expires and App Data Wiped Lessons •  Examiners Can Decode Apps •  Examiners Can Author App Plug-ins
  • 52.
  • 53. Mobile App Futures ■ Wearables ■  Smart Watches ■ Sony SmartWatch – >200 Android Apps Available ■ Pebble Watch – Apps Platform ■ i’m Watch – Android Apps ■ MetaWatch STRATA and FRAME – iOS Apps ■ WIMM One – Android Apps ■ Apple iWatch – iOS Apps (presumably)
  • 54. Mobile App Futures ■  Wearables ■  Google Glass – Apps Platform is “Glassware” ■ Facebook ■ Twitter ■ Tumblr ■ Evernote ■ Elle Magazine ■ CNN ■ Ice Breaker
  • 55. Mobile App Futures ■  Quantified Self ■  Uses ■  Fitness – Exercise / Calories / Weight ■  Diagnostics – Sleep / Ultrasound / Heart ■  Devices ■  Smart Phones – Apps like RunKeeper, Endomondo My Fitness Pro ■  Fitbit ■  Nike+ FuelBand ■  Jawbone UP ■  Zeo, SleepBot – Sleep ■  Polar WearLink – Heart ■  Mobisante, Fraunhofer – Ultrasound
  • 56.
  • 57. Mobile App Futures It’s All About the Apps – New Vendor Metric? # Device Profiles Supported # Mobile Apps Supported
  • 58. Questions & Answers Carney Forensics Cell Phones / Smart Phones Smart Tablets Computer Forensics GPS Devices Social Media / Email Mobile App Litigation Readiness Sign up for our Newsletter!! www.carneyforensics.com