Beginning of 2015 PackPub came to Johann and me and ask us if we would like to write a book about Python-based forensic investigations. The idea of writing a book was really interesting for both of us, so we started to work on an agenda and outline. After several discussions with the publisher we created an outline that was acceptable for all of us and less than a year later (since October 2015) the book is available on Amazon and PackPub.
Breaking the Screenlock – A short Update
The posts about how to break the screen lock are very frequently visited. This is why I thought it’s time to give you a short update and provide you with a Python script, that can do most of the attack in an automated way.
Android for Work: Demystified
Android for Work has been announced by Google only some days ago and Google promises a secure but also usable way to combine sensitive company data and private data on a single device without increasing the risk of unintended leakage of company data.
“… Android for Work on supported Lollipop devices offers a dedicated Work Profile with security, management and application support built-in. … Android for Work creates a secure Work Profile to isolate and protect data and manage the flow of work information. …” (Android for Work website)
Today, we took a brief look at Android for Work to see how secure it really is and if it is a real alternative to the container solutions of AirWatch, MobileIron, Good, etc.
Android RAM Analysis @ IMF2014
Our paper Post-Mortem Memory Analysis of Cold-Booted Android Devices has been accepted at IMF’14 and was presented there last week.