Imaging Android with ADB, Root, Netcat and DD

Today we are going to acquire an android smartphone (Samsung Note II) using Android Debug Bridge (ADB), netcat and dd. The system I am using is Ubuntu linux. On the “forensic workstation” you will need ADB and netcat installed. I’m using the excellent instructions from here.

3 min read

[How To] Introduction to Autopsy for Digital Forensics

Autopsy is a free, open source digital forensic tool that supports a wide range of add-on modules. Available APIs allow an investigator to easily create their own modules using JAVA or Python. With Autopsy 4, there are a lot of new features - including ‘team collaboration’ - that make Autopsy extremely powerful.

2 min read

Switching to Jekyll

I’ve been on Blogger since 2008. It is very easy to use. Since 2008, nothing has really changed about it, save for an exciting -slight- editor UI change a few months ago. That’s good, and bad. Good because it stays simple to write a post and be done. Bad because it is stuck in 2008. Dynamic views are just strange, which means that you have to hack together a theme using their weird xml-ish language.

1 min read

[How to] GPG and Signing Data

GNU Privacy Guard (GPG) uses public and private keys to secure communications (public-key cryptography). Many people use it to encrypt their email or other documents. An email encrypted with a user's public key can then only be decrypted with the same user's private key. This provides end-to-end encryption of the message, meaning that it is impractical for anyone that is listening in on the conversation to get the message in transit.

This is, of course, good and bad. For example, Google and other email providers use email text to gain intelligence about the user, sell user information and do better ad targeting. This revenue stream keeps these services free, but users pay for it in terms of 'sold' privacy. Email using end-to-end encryption cannot be analyzed for useful marketing information. Because of this, these providers don't want to make it easy for mass encryption.

On the other hand, criminals also use Cloud-based email services. Making encryption somewhat difficult means that sloppy criminals are less likely to use encryption. If so, they may be easier to detect and catch.

Related Book: Lucas, Michael. PGP & GPG: Email for the Practical Paranoid. No Starch Press. 2006.

Whether you are paranoid and want all your emails encrypted (good luck), or you are trying to implement a personal or business data classification policy, GPG can help with encryption requirements.

Beyond encryption, GPG is useful for signing data. This is not exactly a signature that you would put on a document. Instead it is a signature that verifies that the data is correct. The video below describes how to sign data.

<div style="text-align: justify;">Signing data lets your contacts know that the data has not been modified from the time it left your possession. Signing is NOT encryption. Everyone could see the contents. Singing just allows your contact to know the data came from you, and it is in it’s original state.</div>

1 min read