Skip to main content

New phone tool to recover phone's information

A new tool to recover information stored in Smartphone’s volatile memory could give investigators important clues to solve a criminal case, say researchers.

With the new device, the researchers from Purdue University move the focus from a smart phone's hard drive, which holds information after the phone is shut down, to the device's RAM, which is volatile memory.

"We argue this is the frontier in cyber crime investigation in the sense that the volatile memory has the freshest information from the execution of all the apps," said lead researcher Dongyan Xu.

"Investigators are able to obtain more timely forensic information toward solving a crime or an attack," Xu noted.

Although the contents of volatile memory are gone as soon as the phone is shut down, it can reveal surprising amounts of forensic data if the device is up and running.

The team's early research resulted in work that could recover the last screen displayed by an Android application.

Building on that, Xu said, it was discovered that apps left a lot of data in the volatile memory long after that data was displayed.

RetroScope makes use of the common rendering framework used by Android to issue a redraw command and obtain as many previous screens as available in the volatile memory for any Android app.

The device requires no previous information about an app's internal data.
The screens recovered, beginning with the last screen the app displayed, are presented in the order they were seen previously.

"Anything that was shown on the screen at the time of use is indicated by the recovered screens, offering investigators a litany of information," Xu said.
In testing, RetroScope recovered anywhere from three to 11 previous screens in 15 different apps, an average of five pages per app.

The findings were presented during the USENIX Security Symposium in Austin, Texas.

"We feel without exaggeration that this technology really represents a new paradigm in smart phone forensics," he said.

"It is very different from all the existing methodologies for analysing both hard drives and volatile memories," Xu noted.

Labels:

Popular posts from this blog

Apple unveils App Accelerator for developers

Apple on Friday announced the opening of its App Accelerator in Bengaluru that will provide specialized support for developers to build tools for the iOS platform. Each week, Apple's team will guide developers to design best practices and refine their skills to create iOS apps. "We are impressed by the great entrepreneurial spirit in India and are excited to provide a platform for these developers to share their innovations with customers around the world," said Philip Schiller, Senior Vice President of Worldwide Marketing at Apple, in a statement. The announcement came at a time when Apple app developers earned over $20 billion in 2016 -- up over 40 per cent from 2015 and several of those talented minds were from India. According to an Apple India spokesperson, app developers from India are now creating amazing apps for its platform. "There are several app developers from India who are now part of the growing innovative community globally," the spokes...
Read More

The only UC Browser version that works on Samsung Wave 525 (Bada OS)

It's been about 4 years since the Samsung Wave 525 was launched. When it came out in 2010, it was one of the best mid-segment "smartphones" that hit the market. How many momentous, technologically-superior smartphones have come and gone since the Bada OS Wave?  The 525 must now feel like a dinosaur - and it is. In terms of its web browser, the most troublesome dinosaur ever. Prior to using the Samsung Wave, I'd used several other phones and none gave me any problem when using the internet as did the 525.  Browsing experience had never been so much a problem unlike the one the 525 gave me since i bought it three years ago. The various versions of UC Browser , a nifty little mobile browser that was touted to be the "fastest browser" for mobile phones that time, was the choice of wave 525 users. The only problem? In a world where every app and gadget was either android or windows, none worked for Bada OS (Samsung's own operating system). The Sams...
Read More

Overview of Sony Ericsson W995: The Little Walkman

The Sony Ericsson w995 Walkman is a relic from the glorious collaboration of Sony Corp and Ericsson. Yet, the  'Walkman' slider phone, released in 2009, remains one of the most popular mobile phones in the market today. An overview of the phone will give us amble reasons why even mobile phone reviewers still cannot beat the little device down, even in this age of the Xperias and the iPhones. Here is an overview of the  main features and specifications of this hardy little Sony Ericsson flagship phone. Overview: The Sony Ericsson w995 is a "Walkman" Slider phone. When it was released in 2009, the device offered probably three of then-biggest features to mobile phone users - a then-unheard of 8.1 Megapixel camera, 8GB Memory Card and 3G - one of the first pre-3G era phones that came with a 3G network band. My guess on the reasons for the phone's popularity is users' relentless hunger for big MP cameras. Only high-ends such as the Xperias, the Nokia Lumias and...
Read More