Our paper for the SICHERHEIT 2010 in Berlin has been accepted. So we will give our presentation about the chances and obstacles of secure deletion on Symbian smartphones at the 6th of October.
See you all in Berlin!
The last days we worked on a paper for the Sicherheit 2010 conference. You can find the abstract of this paper here after.
Abstract: Nowadays, smartphones constitute one of the most commonly used electronic devices. Today’s smartphones combine a variety of different technologies: they offer in addition to excellent mobile availability and connectivity also high-speed data transfer for the user. Moreover, they are multimedia capable due to their integrated digital camera or music player, and offer a wide variety of communication services like e-mail, SMS or MMS. Consequently, they are used increasingly as a “mobile office”. In this paper, we outline the possibilities and obstacles of secure deletion, namely the problem of deleting sensitive data on a smartphone in such a way that this data cannot be restored during a later forensic investigation. In order to guarantee the complete deletion of data, it would be necessary to access the memory chip directly such that we can overwrite the address space of existing data with arbitrary data. However, this approach is not possible when dealing with smartphones due to several reasons. On the one hand, the user’s activities are restricted on the device, which implies that farreaching system interventions cannot be conducted easily. On the other hand, writing on a specific physical address is hindered due to the use of “wear leveling” algorithms on flash chips, which are intended to optimize durability. We discuss these problems in detail and introduce an approach to more securely delete data under certain constraints.
We are hoping that it will be accepted.
The last days I tried to get root access to a HTC Magic running Android OS. After reading lots of websites and blog postings I found this very good 3 step tutorial including videos to show the procedure. Thanks to theunlockr.com for this detailed work!
1st step: Going back to Android 1.5
2nd step: Rooting the HTC Magic
3rd step: Installing custom ROM with root access
Used custom ROM: Dwangs current custom ROM for 32B motherboards
If you want to read the final version of my diploma thesis don’t hesitate to write an email.
Because of data privacy the published version doesn’t contain Chapter 4 (the functionality as well as the applicability of the developed tool is tested on several mobile phones by analyzing extracted data in a forensic way).
Within the scope of this diploma thesis, a tool for forensic analysis of Twister Box dumps for Nokia smartphones has been developed. The tool contains sev- eral scripts which are written in Python. The various scripts correspond to modules which are responsible for certain telephone functions (address book, SMS, call history, etc.). Those are accessed via a global script. The global script runDecoding.py accepts the Twister Box dump file, the mobile phone type and the reporting type as an argument.
After starting the tool, data processing is initiated as shown in the figure above. Here we tryed to analyze a Nokia 6500.