nbodykat May 01,2015 Good presentation on Santoku LINUX. Santoku was specifically written to analyze mobile apps. There are a lot of versions of LINUX though. Makes me wonder which is the best to learn. The presentation covered the three different ways you can capture date (logical, file system, and physical) and the differences between each. Then walked through Santoku analysis of iOS then the Android O/S. ViaForensics found a market where there was a gap in tools to analyze and started filling the gap. Mobile devices are a growing field, they're cheaper than computers in most cases and you can get a data package and wifi access and use it like a computer. On top of that you can carry your computer in your pocket where ever you go unless you bought an extremely big phone. I like the GUI for the Android system. Very interesting presentation, my knowledge of mobile technology isn't as robust as my knowledge of wired systems. I found this presentation improved my knowledge in the mobile area, still a lot more information to learn though.
BretBlakeGMat May 05,2015 This video describes the specific abilities of the Santoku-Linux client, but it is also a fascinating look into the latest capabilities in mobile forensics. The mobile market has grown to such a point that mobile forensics has become a necessary component in future investigations. The mobile market has been around for several years now and already we are seeing forensic capabilities being well developed. This video explains clearly, though aimed at a relatively experienced user, the actions that are already developed using the Santoku-Linux GUI.
djohns54at May 07,2015 It's innovative tools like this that is starting put companies like EnCase and AccessData behind in the realm of gaining acceptance in the forensic community. While EnCase and AccessData allow free limited use of their tools, open source tools like this and others, give investigators and analyst a much broad range of options to gather the information/evidence that they seek without having to pay (if anything) for it's use. And you can rest assure that these tools and others are highly supported and updated and have a dedicated community of developers who are always a blog post or phone call away to help you out if need be. I mean, who has the time to sit back and pay mounds of money for support when you can get it for free because of the passion for the cause it which they serve is enough.
marinomsat May 08,2015 Off of what Perry said I agree that this is the reason not to have MDM software. The importance of changing passwords and the complexity is seen is shown its true importance.
mrgodfrey3at May 30,2015 Great information for the mobile forensic community. Santoku will be my next mobile forensics tool I will be playing with. Many believe that Cellebrite UFED is the only game in town for mobile forensics case work. Be sure and validate any tool you will be using before implementing any forensic tool in a case. The video also shows that Linux is becoming the lead forensic base OS when analyzing data. The speaker discussed using Santoku to look at iOS devices, then Android. I found the discussion on mobile app security vulnerability very interesting. The weaknesses of nearly 1/5th of the available Apps for both iOS and Android for Man in the Middle attack is surprising. But what about Windows phones? Mobile security is difficult - with many players writing code and pushing apps to our mobile phones. Mistakes are made and vulnerabilities are present. Additionally, mobile devices are a main target for malware. This are is developing into a specialized sub-set of computer forensics expertise.