I have been trying to get an 'open source' type site running for a couple of months now, with recent docs and news, and links to all the resources, vendor and otherwise, I could find to do with mobile computing. Not much there on forensics, yet, I would also appreciate suggestions. This is not a 'plug' per se, this is a free site, I am just coordinating it. If you find something useful there, enjoy it, if you have something useful to leave there, let me know or send it in. the address: http://securingwireless.intranets.com rgds, dcdave ----- Original Message ----- From: "Riney, Jonathan S." <jsrineyat_private> To: <forensicsat_private> Sent: Thursday, June 14, 2001 1:47 PM Subject: Forensics on Palm Devices > > I'm looking for any information (best practices, tools used, etc.) on > performing forensic reviews of handheld type devices (Palm Inc, Handspring, > iPAQ...). > > What are considering is syncing these devices to a workstation with a virgin > OS and performing the review on this hard disk. Upon completion of the > review, we plan on wiping the drive (provided it does not contain any data > we are looking for) and then re-installing the OS for the next review. > > There are a lot of problems we need to iron out with this process...a couple > of which are ensuring we preserve the evidence on the handheld, as well as > the fact we are missing any data that may be resident in unallocated areas > of the device (since the sync will only update active files thus missing any > deleted files on the device). > > Any help would be greatly appreciated! > > Scott Riney > Logicon/TASC >
This archive was generated by hypermail 2b30 : Fri Jun 15 2001 - 17:00:31 PDT