Playing around with XRY the other day, I downloaded my iPhone. I had created a profile to only load in SMS because I was primarlily interested in looking at deleted SMS contained in the live database (i.e. SMS record slots inside the database that had been flagged as available but still containing the old data) with XACT.

After loading the file into XACT, I did a findstrings search inside the SMS database and did indeed discover deleted SMS (These were SMS messages I knew were on the phone and deleted just prior to my taking the read of the handset).These were unparsed of course but it was encouraging to see the ASCII text.

I then exported the SMS.DB from XACT and loaded it into Text Pad and looked for the deleted messages. I found them as seen in the below screen capture

Interesting…as I play more with XACT and the iPhone, I’ll post more tips and tricks!

Sean Morrissey weighs in on some myths about the current open source forensic solutions floating about the internet regarding the 3gs iPhone.

http://blog.osxforensics.com/2009/09/30/iphone-3gs-imaging-method-myths.aspx

Here’s a cool utility for parsing out deleted SMS from existing IPhone SQLLite SMS Dbs
http://riactant.wordpress.com/2009/09/09/iphone-sms-retriever-utility-for-windows/

Great Article by Kipp Loving and Christa Miller on potentially missed evidence

ttp://www.officer.com/print/Law-Enforcement-Technology/The-crime-scene-evidence-youre-ignoring/1$48858

Apple filed a claim with the US copyright office that jailbreaking an iPhone could crash a wireless provider’s transmission towers and therefore allow people to avoid paying for telephone calls (Capt. Crunch anyone?)

Read the story here

Jailbreaking could crash transmission towers

Here’s also a link to Apple’s answer’s to the copyright office questions
Apple’s Answers

Is this more of ATT pressure like the Google App boondongle? Or is it as some suggest more Cupertino attempts at hegemony on app vendors…..?

Interesting article by Social Network Guru and Law Enforcement Technology Writer Christa Miller on the importance of looking beyond the mobile forensic device to the wireless provider itself

The Other Side of Mobile Forensics

Is Apple asking for the ire of Mobile Users?

http://www.techcrunch.com/2009/07/27/apple-is-growing-rotten-to-the-core-and-its-likely-atts-fault/

The latest for Mr. Nerve Gas Jon Z

http://www.youtube.com/watch?v=5wS3AMbXRLs

LOL Jon…edit out the spinning wheel (hehe)…good stuff all around!

….how fickle we are and how easy we forget?

Http://PrivacyDigest.com/node/1807 — Server with top-secret data stolen from Forensic Telecommunications Services

This is an interesting yet regrettable discovery by a fellow forensic examiner…like he says guess it was just a matter of time

http://www.binint.com/2009/02/twinkle-future-of-online-enticement.html