You are currently browsing the category archive for the 'Publications' category.
A presentation and paper on Reverse engineering JTAG at the 26th Chaos Communication Congress is now available to download here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/3670.en.html
Other Hacking and reverse engineering papers and talks from the conference can be found here:
http://events.ccc.de/congress/2009/Fahrplan/index.en.html
The hacking track is here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/index.en.html
This report concerns the theoretical and practical issues with automatically populating mobile devices with reference test data for use as reference materials in validation of forensic tools.
It describes an application and data set developed to populate identity modules and highlights subtleties involved in the process. Intriguing results attained by recent versions of commonly-used forensic tools when used to recover the populated data are also discussed. The results indicate that reference materials can be used to identify a variety of inaccuracies that exist in present-day forensic tools.
The Paper can be downloaded in PDF format from here:
http://csrc.nist.gov/publications/nistir/ir7617/nistir-7617.pdf
More on the paper here:
http://www.testandmeasurement.com/article.mvc/NIST-Develops-Experimental-Validation-Tool-0001?VNETCOOKIE=NO
The tool itself can be downloaded from here:
http://csrc.nist.gov/groups/SNS/mobile_security/mobile_forensics_software.html
According to a survey by the Australian Communications and Media Authority, about 75% of Australians are either “very satisfied” or “somewhat satisfied” with their telecommunications services. I was surprised to see that there wasn’t a massive difference between metropolitan and rural areas, despite rural areas having a much less options and less bandwidth as metro areas. Those users who weren’t happy largely focused on price, customer service and poor mobile reception.
Read more here:
http://www.acma.gov.au/WEB/STANDARD/pc=PC_311777
The research team, which included Edith Cowan University of Australia and BT, revealed some early results yesterday in news reports by the BBC and British television affiliates.
To read more about the research go here:
http://news.bbc.co.uk/2/hi/uk_news/wales/8036324.stm
and here:
http://www.darkreading.com/security/storage/showArticle.jhtml?articleID=217400054&cid=nl_DR_DAILY_H
A forensics toolkit for the Xbox gaming console is described by US researchers in the International Journal of Electronic Security and Digital Forensics. The toolkit could allow law enforcement agencies to scour the inbuilt hard disk of such devices and find illicit hidden materials easily.
Link:
http://www.sciencedaily.com/releases/2009/04/090430101445.htm
Growth projection for the mobile sector does not look good 
Read More Here:
http://www.iphonestalk.com/new-survey-results-bring-good-and-bad-news-for-the-mobile-sector/
Modding Education for iPhone users AKA ModEdiPhone.com is a new website for all iPhone users who would like to jailbreak their iPhones or SIM unlock them whether they are using a first generation iPhone or the 3G iPhone. It provides guides and step-by-step videos and advice on how to do each hack or mod without any complications. It includes software, firmware, and hardware mods and hacks. It also contains the last five posts from the most popular iPhone blogs and news sites. It is a must visit and subscribe-to website so make sure you add it to your favourites 
Here is the link:
http://www.modediphone.com/
A good start is Google’s own documentation page:
http://code.google.com/android/documentation.html
Books are another good source for step-by-step development. One Andoid book that I read is:
ANDROID A PROGRAMMERS GUIDE (Paperback)
It guides you through installing Eclipse, Android SDK and all the different steps that lead you into developing a “Friend Finder” application.
Other books of interest that i found on Amazon include:
A new book with companion DVD by Jesse Varsalone. Expected retail price is AUD 79.00.
Key Features include:
- Companion DVD Contains Custom Materials That Can Be Used in a Real Digital Forensic Investigation
- Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else
- Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics
Sounds good? Then for more information go to:
http://www.elsevierdirect.com/product.jsp?isbn=9781597492973
The LayerOne 2008 talk by David Hulton titled: Intercepting Mobile Phone/GSM
Visit the GSM Hakcing WIKI at:
http://wiki.thc.org/gsm
The USRP is available at: http://www.ettus.com
Learn more about the GNU RADIO project at: http://www.gnu.org/software/gnuradio
David is the Chairman of Toorcon
An interesting news article about the work of BT (formerly British Telecom), Glamorgan University, Australia’s Edith Cowan University and Sim Lifecycle Services where researchers recovered data from handsets from mobile phone recycling companies:
Mobile phones can never be totally wiped clean of data
To get more information on the research at Edith Cowan University and its upcoming conferences please visit SECAU Security Research Centre’s website:
Here are some published refereed journal and conference papers to give you an idea of what to expect for the Edith Cowan University conferences in December:
- Valli, C. and A. Jones (2008). A study of 2nd Hand Blackberry for sale - World class security foiled by humans. Proceedings of the 2008 World Congress in Computer Science, Computer Engineering, and Applied Computing - SAM 2008 - The 2008 International Conference on Security & Management., Las Vegas, USA.
- Al-Zarouni, M. (2007, 3rd December, 2007). Introduction to Mobile Phone Flasher Devices and Considerations for their Use in Mobile Phone Forensics. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.
- Yap, L. F., & Jones, A. (2007, 3rd December, 2007). Profiling Through a Digital Mobile Device. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.
- Yap, L. F., & Jones, A. (2007). Deleted Mobile Device’s Evidence Recovery:. Paper presented at the Media and Information-War Conference 2007, Kaula Lumpur, Malaysia.
You can register to attend Edith Cowan University’s conferences here:
http://conferences.scis.ecu.edu.au/
Hope to see you there
PwnageTool 2.0 MACOSX version is released.
For more details, please visit:
rlslog.net
also see:
UPDATE: Don’t have a Mac? You can do it in Windows as well. For instractions, go here:
Step-by-Step Guide to Pwn first generation iPhone running firmware 2.0 using Windows
For dates, times and availability information on the workshops in UAE and Qatar visit link below:
http://www.oissg.org/certification-training-new-/index.php
http://www.oissg.org/certification-training-new-/index.php
Download the official brochure for the Dubai workshops here:
These certification workshops fund the Open Information Systems Security Group (OISSG) research and development of the ISSAF.
You can also download ISSAF for free! (9.59MB, 1264 pages)
Do you live in the United Arab Emirates? Are you a hacker? Then this site is made for you! Get the latest hacking news, exploits, links, pod casts and more through this easy to use website.
Feel like you want to contribute to the site? Then drop us a line at: (hackers) at {marwan} dot [com].
Download and read it! It is not small though about 8-10MB. News, articles, intreviews, book releases, software walk-throughs, and more.
If you don’t already have this one, please download and read this Computer Security Division NIST Interagency Report (IR). It was published in March 2007:
- http://csrc.nist.gov/publications/nistir/nistir-7387.pdf
- Zipped version of the pdf: http://csrc.nist.gov/publications/nistir/nistir-7387-pdf.zip
It is an update and complement to NIST Reports:
- Guidelines on Cell Phone Forensics (Special Publication 800-101):
- Cell Phone Forensic Tools: An Overview and Analysis (NISTIR 7250):
A very helpful pdf documents from SEARCH : The National Consortium for Justice Information and Statistics. It highlights some of the hardware and software solutions that can be added to the investigator’s arsenal along with how much each of them costs. The document can be found here:
http://www.search.org/files/pdf/CellphoneInvestToolkit-0806.pdf
The “Cryptography, Law Enforcement, and Mobile Communications ” article in IEEE’s Security and Privacy magazine sheds some light on the use of flashers in mobile forensics as well as the use of tools such as XRY. The article also mentions the use and importance of Faraday cages.
Here is a link to the full article:
Link.
Thanks to Mike for the following two part series of documents on working with flashers:
Part 1:
http://mobileforensics.files.wordpress.com/2007/04/hex-primer-pt-1.pdf
Part 2:
http://mobileforensics.files.wordpress.com/2007/04/hex-primer-pt-ii.pdf
Make sure that you visit his blog to learn more about advanced mobile device forensics:
http://mobileforensics.wordpress.com/
Read what Prof. Rick Mislan said about the use of Phone Flasher Technologies and their role in the acquisition stage of mobile phone forensics and their use by students in digital forensics courses at Purdue University in the US.
Matt’s Blog is not frequently updated but his site crypto.com is an excelent resource for all kinds of information. Make sure you check it out.
News, exploits, papers, views, and releases from information security enthusiasts. Has links to major hacker related security events as well. http://www.thc.org/
Just when you thought mobile phones, USB storage devices, wireless access, and ADSL modems were a threat to your corporate data, here comes a story to make you even more paranoid!
A researcher released a paper describing a way to hide malicious code (rootkits) on graphics and network cards. The paper basically shows how to use Advanced Configuration and Power Interface (ACPI) functions available on almost all motherboards to store and run a rootkit. Sceptical? read the full story and download the PDF here.
The guide was written by Karen Kent, Suzanne Chevalier, Tim Grance, and Hung Dang.
The guide presents forensics from an IT view, not a law enforcement view. It is written for incident response teams; forensic analysts; system, network, and security administrators; and computer security program managers who are responsible for performing forensics for investigative, incident response, or troubleshooting purposes.
It also has a wide array of resources for further reading. Highly recommended read and reference for IT professionals.
Download it here:
http://csrc.ncsl.nist.gov/publications/nistpubs/800-86/SP800-86.pdf
Read more about it in here:
http://www.cccure.org/modules.php?name=News&file=article&sid=1023
NIST also released the following four security related guides:
- Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist
- Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities
- Assessment of Access Control Systems
- Guide to Computer Security Log Management
Read more about them here:
http://www.govtech.net/magazine/channel_story.php/101708
Last but not least, it is worth mentioning that last month, NIST released a document about RFID. Read about it here:
http://www.fcw.com/article96300-10-03-06-Web
Thanks Clement
The US National Institute of Standards and Technology (NIST) released the draft version of “Guidelines on Cell Phone Forensics” on August 31st. I found out about it today! Here it is:
http://csrc.nist.gov/publications/drafts/Draft-SP800-101.pdf
National Vulnrabilities Database’s upcoming sister project, the National Checklist Program (NCP), will be offering a repository of security configuration guidance for popular software. These checklists will be provided in standards-based machine readable formats ingestible by compliant COTS vulnerability scanning tools as well as in English prose.
Link:
http://www.cccure.org/modules.php?name=News&file=article&sid=1004
This magazine has been published in seven different languages for a long time. Finally, an English version will be available through book stores in Spetember.
hakin9 is a bimonthly technical magazine about IT security and hacking. It offers an in-depth look at both attack and defence techniques and concentrates on difficult technical issues. hakin9 is useful for all of those interested in securing network infrastructure and systems - both professionals and hobbyists.
While searching for “Mobile Phone Forensics”, I came across the “Security & Forensics wiki” site. I was pleasantly surprised. It was inline with what I was already doing in my research. I was sad though at the fact that no site that I knew of linked to them! I know that Wiki is not considered by many as a good source for information but so aren’t blogs, are they… We still consider blogs as legitimate sources of information and always link to them. We even link to forum posts too, and ‘ahum… bugtraq posts’… so why not wikis? Links:
SecuriWiki Main Page:
http://polya.computing.dcu.ie/wiki/index.php/Main_Page
Mobile Phone Forensics Page:
http://polya.computing.dcu.ie/wiki/index.php?title=Mobile_Phone_Forensics
Email Analysis Page:
http://polya.computing.dcu.ie/wiki/index.php/Email_Analysis
Contains links to tools, websites and articles on the subject. To jump to articles click HERE.
Link: E-Evidence.info
Two new books has been released at CCRP:
- Understanding Command and Control by Dr. David S. Alberts and Dr. Richard E. Hayes
- Complexity, Networking, and Effects-Based Approaches to Operations by Dr. Edward A. Smith
- Understanding Command and Control by Dr. David S. Alberts and Dr. Richard E. Hayes
- Complexity, Networking, and Effects-Based Approaches to Operations by Dr. Edward A. Smith
Both are available in PDF, and can be downloaded from the CCRP website (http://www.dodccrp.org/).
