The recent release of iOS6 has introduced improved security by strengthening the Kernel. This presentation demonstrates that, on the face of it, jailbreaking strategies appear to have been one of the prime targets. This could impact severely on data extraction and harvesting techniques and some of the reading devices out there used by examiners to gather and produce evidence.
Download here: A Hacker's Guide: iOS6 Kernel Security
Updated 31/10/12
Having posted the link to the above Hacker's Guide presentation I thought, perhaps wrongly, but I thought it anyway, that maybe the forensic community might have something to say on the subject. Perhaps to illustrate conflicts or contradictions in the marketplace, such as:
(a) the findings of the authors in that presentation compared with manufacturers out there that confirm their readers do work with iOS6 e.g.
- Oxygen Forensic Software http://www.forensicfocus.com/News/article/sid=1951/?
- UFED, XRY http://www.forensicfocus.com/Forums/viewtopic/t=9717/?
(b) how many have actually examined an iOS6 device and which reader was most useful?
(c) with an ever growing list of hacker presentations that expose exploits, vulnerabilities etc how many of those are used by the current iOS reading tools to extract and harvest data?
or maybe
(d) whether the published hacker exploits and perceived issues do not impact on the examiner community or the hacker presentations have no value at all?
No comments:
Post a Comment