Practical Mobile Forensics - Second Edition by Heather Mahalik & Rohit Tamma & Satish Bommisetty
Author:Heather Mahalik & Rohit Tamma & Satish Bommisetty [Mahalik, Heather]
Language: eng
Format: azw3
Publisher: Packt Publishing
Published: 2016-05-20T04:00:00+00:00
Here, you will find exact copies of files found on the iPhone. If the case relies upon determining what happened on the Apple Watch versus the iPhone, it may be impossible to solve. As of Watch 2.0, the files that are used by both the iPhone and the watch are exact copies of one another, and they do not contain status flags stating where the activity was initiated. This is one of the hardest topics to cover in all aspects of data synchronization. For example, if you examine my iPhone backup that contains my Apple Watch data, you will see map information in mobile /Library/DeviceRegistry/NanoMaps/GeoHistory.Mapsdata that occurs before the Apple Watch was released. This should be impossible, but it's simply because Apple is copying the iPhone maps database and placing a copy in the Apple Watch data location. The following is an example of what data in the GeoHistory.Mapsdata file looks like when being examined in UFED Physical Analyzer. While this tool is expensive, it is one of the best analytical platforms for manually carving and hunting artifacts that relate to your investigation. In this example, a keyword search was run for the term "current location" within the GeoHistory.Mapsdata file. From these results, we can ascertain that the user was at the address highlighted in the following screenshot when asking for or researching directions on the iPhone or the Watch. Remember, this is an exact copy of the same file, so we currently cannot say whether this location was stamped by the watch or the iPhone:
The GeoHistory.Mapsdata in Physical Analyzer
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7792)
Grails in Action by Glen Smith Peter Ledbrook(7705)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6660)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6651)
Running Windows Containers on AWS by Marcio Morales(6174)
Kotlin in Action by Dmitry Jemerov(5075)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4965)
Combating Crime on the Dark Web by Nearchos Nearchou(4556)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4435)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4425)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4219)
The Age of Surveillance Capitalism by Shoshana Zuboff(3964)
Python for Security and Networking - Third Edition by José Manuel Ortega(3791)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3515)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3459)
Mastering Python for Networking and Security by José Manuel Ortega(3359)
Learn Wireshark by Lisa Bock(3356)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
