Neues Buch: Mobile Hacking

Mitte 2015 kam der dpunkt.verlag auf mich zu und fragte mich, ob ich nicht Lust hätte ein Buch zum Thema “hacking mobiler apps” zu schreiben. Die Idee, ein Buch über das Thema zu schreiben, mit dem ich große Teile meines täglichen Berufsleben zu tun habe, fand ich sehr interessant, gerade auch weil es dieses Mal auf Deutsch sein sollte (was, wie ich später herausfand, deutlich schwerer ist als auf Englisch).

Nach einigen Diskussionen mit dem Verlag und zahlreichen Reviewern, entstand eine recht umfangreiche Gliederung des Buches, die für alle Seiten akzeptabel war. Ein gutes Jahr – und hunderte Stunden – später (Mai 2016) ist das Buch fertig und steht nun zum Vorbestellen auf den Seiten von Amazon und dem dpunkt.verlag bereit.

Continue reading “Neues Buch: Mobile Hacking”

diploma thesis: published version

If you want to read the final version of my diploma thesis don’t hesitate to write an email.

diploma thesis

Because of data privacy the published version doesn’t contain Chapter 4 (the functionality as well as the applicability of the developed tool is tested on several mobile phones by analyzing extracted data in a forensic way).

diploma thesis: abstract

Although tools to extract such evidence already exist, there is a strong demand to develop more sound forensic procedures and tools in order to analyze data from a previously created dump as well as from the mobile phone itself. This aspect will be a major focus within this diploma thesis.

The developed tool should enable the process of loading a memory image which was previously created, with the help of Twister-Box. Those retrieved data, which are (dependent on the producer) available in coded form, will be subsequently converted into plain text to nally draw conclusions about the relevance of the content in the context of forensic analysis. Within all those operations it is tremendously important to not change data stored on the mobile phone or the dump, respectively. The reason for this lie in the fact that only unchanged data fulll the requirements of usability in a court of law. Within this part of the diploma thesis we will also address the issues of producer-specic codications of data and their store areas on mobile phones.

This diploma thesis will also include a chapter discussing the possibilities of securely deleting stored data directly from the mobile phone. Optionally, this thesis constitutes the forensic analysis of the SIM card, due to the fact that on the SIM card important data are stored (e.g. location information, which can play a vital role in resolving a crime). In order to conduct such an analysis successfully the PIN number is needed which implies an active commitment of the suspected person.