This is great. I’m thinking about starting a BS in forensic science with a concentration in digital evidence, and your channel has been amazing. Keep them coming!
For JTAG here is an in-depth description: www.corelis.com/education/tutorials/jtag-tutorial/what-is-jtag/ Note that JTAG on phones is pretty rare now, but IoT devices still use it quite often. Was there another link you were looking for?
What does "no record of call in data extractions mean " as it relates to some calls Alex Murdagh made on night of murder For example he made a call but cell phone said "no record data extractions found Thanks very much
Wow. Sorry I missed this comment. Disk encryption themselves make it very difficult to recover deleted files, but in many cases disk encryption is not turned on, is incorrectly implemented or can be bypassed. I would say it is *usually* not a big problem. More of an annoyance. Of course, in really important cases it can be a big problem...
@@DFIRScience not sure. Not aware of any ability to defeat a veracrypt encrypted windows boot loader with a strong password that has been powered off. Similar for LUKS and Linux. As far as IPhone goes, those known bypass exploits don’t really exist in the later iOS 14 + versions or iPhone 11 + models that don’t have the firmware vuln. If iPhone of proper model and up to date and pin code is removed and alpha numeric password used with no cloud backups and FaceId not used yet (or SOS mode activated so first unlock is reset ) I think this all defeats modern techniques but I could be wrong. I believe apple has made multiple strides as well in neutering the communication interfaces as far as data transfer if first Unlock not performed . Files stay encrypted individually until first unlock I’d probably target a user’s encrypted iCloud backups since they use Apples key and that can just be subpoenaed I believe . That’s why I don’t do it myself haha. Also as far as Trim goes , or garbage collection on SSD’s and what not , it seems like it’s actually harder to fully delete data correctly from SSD’s than it is magnetic drives . It’s basically a pray of adding more data to the SSD to overwrite it instead of forcing 1 and 0 overwriting in multiple passes like with an HDD
This is great. I’m thinking about starting a BS in forensic science with a concentration in digital evidence, and your channel has been amazing. Keep them coming!
Sounds like a good idea to me! :D
This is quite good information. Well done keep it up!
I just love your teachings. So cool
Thank you so much!
Are permanently deleted photos or videos recoverable on android 14?
Can you please add links you talked about to the video description?
For JTAG here is an in-depth description: www.corelis.com/education/tutorials/jtag-tutorial/what-is-jtag/
Note that JTAG on phones is pretty rare now, but IoT devices still use it quite often.
Was there another link you were looking for?
Where do i find this whole korean series of épisodes about mobile ?
The full playlist can be found here: ua-cam.com/play/PLJu2iQtpGvv-2LtysuTTka7dHt9GKUbxD.html
What does "no record of call in data extractions mean " as it relates to some calls Alex Murdagh made on night of murder
For example he made a call but cell phone said "no record data extractions found
Thanks very much
How bad has trim and disk encryption affected the ability to recover deleted files?
Nice video thanks.
Wow. Sorry I missed this comment. Disk encryption themselves make it very difficult to recover deleted files, but in many cases disk encryption is not turned on, is incorrectly implemented or can be bypassed. I would say it is *usually* not a big problem. More of an annoyance. Of course, in really important cases it can be a big problem...
@@DFIRScience not sure. Not aware of any ability to defeat a veracrypt encrypted windows boot loader with a strong password that has been powered off. Similar for LUKS and Linux.
As far as IPhone goes, those known bypass exploits don’t really exist in the later iOS 14 + versions or iPhone 11 + models that don’t have the firmware vuln.
If iPhone of proper model and up to date and pin code is removed and alpha numeric password used with no cloud backups and FaceId not used yet (or SOS mode activated so first unlock is reset ) I think this all defeats modern techniques but I could be wrong. I believe apple has made multiple strides as well in neutering the communication interfaces as far as data transfer if first Unlock not performed . Files stay encrypted individually until first unlock
I’d probably target a user’s encrypted iCloud backups since they use Apples key and that can just be subpoenaed I believe . That’s why I don’t do it myself haha.
Also as far as Trim goes , or garbage collection on SSD’s and what not , it seems like it’s actually harder to fully delete data correctly from SSD’s than it is magnetic drives . It’s basically a pray of adding more data to the SSD to overwrite it instead of forcing 1 and 0 overwriting in multiple passes like with an HDD
Happiness.
Can know ur email id ?
I want to know more about cyber crime investigation