IPhone Securtity Analysis

The release of Apple’s iPhone was one of the most intensively publicized product releases in the history of mobile devices. While the iPhone wowed users with its exciting design and features, it also outraged many for not allowing installation of third party applications and for working exclusively with AT&T wireless services for the first two years. Software attacks have been developed to get around both limitations. The development of those attacks and further evaluation revealed several vulnerabilities in iPhone security. In this paper, we examine several of the attacks developed for the iPhone as a way of investigating the iPhone’s security structure. We also analyze the security holes that have been discovered and make suggestions for improving iPhone security

iPhone forensics methodology and tools

iPhone mobile devices are rapidly overtaking the new generation of mobile phones market, especially among the young generation. It is also gaining a lot of popularity among security specialists and fancy gadgets for collectors. The device is considered as a “special” mobile phone due to its ability to perform multi-operations if not multitasking. It can therefore be used as a entertainment media device, a camera, a GPS, Internet surfing via Wi-Fi technology, Internet Mobile Edge Services, personal organizer, and finally performing as a cell phone with all the usual services including sms, and so forth. However, the difference between the iPhone and the other conventional phones vendors is its ability to store and process huge volume of data which is supported by decent computing capabilities of the iPhone processor. As part of every technology, such a device can be used for legal and illegal activities. Therefore the potential risks from such “special” technology are not limited to the possibility of containing illegal materials, such as audios and visuals, including explicit materials, images, documents and the possibility of propagating malicious activities rapidly. Such modification can breach or tamper with the telecommunications network authorities and regulations. The goal of this paper is to focus on both the logical and the physical extraction of the iPhone generation one through the extraction of the iPhone flash drive NAND memory chip and also the logical extraction of data onto the second generation of iPhone using various techniques and methods at our disposal

Overcoming Forensic Implications with Enhancing Security in iOS

As the decades passed, smartphones have come to their greatest inventions. But their history has more than 2500 years starting from a basic thing of strings and beads, i.e. from the Abacus to the latest of our present iPhone. With every special invention in this area brought people together socially over the internet. This, in turn, raised the alarm for having secured communication. With these devices getting popular, development in the technology to enhance the security features in those devices has also been increasing. These advancements have brought Apple operating system (IOS) into light. These devices are one step ahead of all other smartphones regarding storage by having space for storing emails, GPS data and many more. This feature of storage has a major advantage in conducting forensics for investigation purposes. In this research, I performed data acquisition on iPhones with two different OS versions using various forensic tools and then compare the forensic implications with variant security features. I analyzed the forensic implications with enhancements in security and iPhone operating systems over the years. I also used to software to break the iPhone passcode which is the major forensic implication caused

Drone forensics: A case study on DJI phantom 4

© 2019 IEEE. Unmanned Aerial Vehicles (UAVs) (a.k.a drones) have grown in popularity mainly due to its\u27 ease of use, wide variety of uses, availability and inexpensiveness nature of the devices. This rapid proliferation of UAVs has also augmented with several security issues and societal crimes pertaining to the illicit activities, making them rich sources of evidence. Therefore, it is crucial for digital forensics examiners to have the capability to recover, analyze, and authenticate the source of content stored on these devices. In this research, we perform a forensic investigation on an Unmanned Aircraft System, specifically the DJI Phantom 4 Vision, using several smartphone devices such as iPhone 6, iPhone 7 Plus, iPhone 10, Samsung Note 3, Samsung S7, Microsoft Lumia, CKTEL G5 Plus and G-Tide_s4 with different operating systems (iOS, Windows Phone and Android). In addition, we investigate and examine the logical backup acquisition of the iPhone 6, iPhone 7 Plus and iPhone 10 mobile devices using Apple iTunes backup utility. It was found that the DJI Phantom 4 App contains a significant amount of forensics data. Moreover, we acquired useful data from the SD card of mobile devices including controller and the drone

Chinese workers exploited by U.S.-owned iPhone supplier: An investigation of labor conditions at Jabil Green Point in Wuxi, China

This document is part of a digital collection provided by the Martin P. Catherwood Library, ILR School, Cornell University, pertaining to the effects of globalization on the workplace worldwide. Special emphasis is placed on labor rights, working conditions, labor market changes, and union organizing.CLW_2013_Report_Chinese_workers_exploited_by_US_iPhone_supplier.pdf: 568 downloads, before Oct. 1, 2020

How Smart is your Android Smartphone?

Smart phones are ubiquitous today. These phones generally have access to sensitive personal information and, consequently, they are a prime target for attackers. A virus or worm that spreads over the network to cell phone users could be particularly damaging. Due to a rising demand for secure mobile phones, manufacturers have increased their emphasis on mobile security. In this project, we address some security issues relevant to the current Android smartphone framework. Specifically, we demonstrate an exploit that targets the Android telephony service. In addition, as a defense against the loss of personal information, we provide a means to encrypt data stored on the external media card. While smartphones remain vulnerable to a variety of security threats, this encryption provides an additional level of security

Remote Control and Monitoring of Smart Home Facilities via Smartphone with Wi-Fly

Due to the widespread ownership of smartphone devices, the application of mobile technologies to enhance the monitoring and control of smart home facilities has attracted much academic attention. This study indicates that tools already in the possession of the end user can be a significant part of the specific context-aware system in the smart home. The behaviour of the system in the context of existing systems will reflect the intention of the client. This model system offers a diverse architectural concept for Wireless Sensor Actuator Mobile Computing in a Smart Home (WiSAMCinSH) and consists of sensors and actuators in various communication channels, with different capacities, paradigms, costs and degree of communication reliability. This paper focuses on the utilization of end users’ smartphone applications to control home devices, and to enable monitoring of the context-aware environment in the smart home to fulfil the needs of the ageing population. It investigates the application of an iPhone to supervise smart home monitoring and control electrical devices, and through this approach, after initial setup of the mobile application, a user can control devices in the smart home from different locations and over various distances

DolphinAtack: Inaudible Voice Commands

Speech recognition (SR) systems such as Siri or Google Now have become an increasingly popular human-computer interaction method, and have turned various systems into voice controllable systems(VCS). Prior work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. Hidden voice commands, though hidden, are nonetheless audible. In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the speech recognition systems. We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks.Comment: 15 pages, 17 figure

Book Review of iPhone and iOS Forensic: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices

Hoog, A., and Strzempka, K. (2011).  iPhone and iOS Forensic: Investigation, Analysis and Mobile Security for Apple iPhone, iPad and iOS Devices. Syngress, Elsevier, xv + 310 pages; ISBN-10: 1597496596; ISBN-13: 978-1597496599, $69.95Reviewed by Simson Garfinkel, Naval Postgraduate SchoolIn April 2011 news outlets around the world revealed shocking news about Apple’s iPhone: for reasons that were not apparently clear, every iPhone contained a small SQLite database that logged where and when the user had been whenever the phone was turned on, and those records went back for pretty much as long as the user had owned their phone. Apple eventually declared that the data cache was the result of a bug and issued a software update to prune the database (it had previously grown without limit). Privacy activists rejoiced that their beloved iPhones were once again trustworthy. But forensics examiners just shook their heads: many had known about the iPhone’s tracking capabilities for more than a year and had kept quiet. They had made good use of that data. Apple’s pro-privacy patch was actually a setback for law enforcement.(see PDF for full review)</p