Page 1 of 2 12 LastLast
Results 1 to 20 of 26

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: iFiasco is a Forensic Gold Mine

  1. #1
    Default iFiasco is a Forensic Gold Mine


    In all of the fervor surrounding the latest iFiasco a small detail seems to be lost on most of the reporting public, including myself: the discovery of the tracking file is old hat. Sean Morrissey and Alex Levinson, two specialists in the field of forensics wrote a book “iOS Forensic Analysis,” wherein they describe how to view the consolidated.db file. The book was published December 5th, 2010.

    Levinson has posted a long response to the findings on his Wordpress blog. He raises three main points in his blog: 1. Apple is not collecting the data. 2. The file is neither new nor secret. 3. The discovery was published months ago.

    Levinson originally discovered the same information stored in the consolidated.db file in pre-iOS4 devices as the h-cell.plist file. The only differences between the two are multitasking and background location services, according to Levinson. These simple changes in iOS devices running iOS 4 allowed for the data to be easily acquired through extremely simple forensic techniques.

    Levinson does a fantastic job explaining what exactly the files are doing and it is somewhat revelatory in exactly how much information can be mined off an iOS device using a simple forensic program. “Third party application data including user names, passwords, and interpersonal communication data” are available according to Levinson. If all of this information has been available in a book for the last five months why is the alarm only being sounded now? Most individuals would gasp at the idea of such sensitive information being so easily available.

    However, Levinson and his peers are not most individuals. They specialize in forensics, being able to uncover information not obvious to the naked eye. Levinson now and at the time of the discovery worked for Katana Forensics. KF sells their forensic mining software (Lantern 2.0) to law enforcement, government and corporate examiners. This discovery quite possibly equated to a data gold mine for KF and its customer base. Levinson and his boss at KF, Morrissey, were not about to let the public know they found a rather profitable loophole around which they programmed their software.

    This is not to say what Levinson and Morrissey does is illegal, rather they have a legitimate and legal business. However, ethical and moral questions can be raised. If someone who was in a not-for-profit position discovered iOS devices were keeping track of locations and other information their response would not have been so mute. Even if the data is not being transmitted to apple or third parties, the simple fact it exists in such an easily attainable form would have been cause for alarm. The public outcries since the announcement yesterday of the discovery is proof enough.

    All this shows is there is a little truth to the saying “there is two sides to every coin.” And as it usually is, those sides were travesty and treasure.
    Attached Thumbnails Attached Thumbnails -gold-mine-copy.jpg  

  2. The Following User Says Thank You to Phillip Swanson For This Useful Post:

    JohnGaltJr (04-22-2011)

  3. #2
    My iPhone is a Part of Me vantheman169's Avatar
    Join Date
    Jul 2009
    Location
    Outter Space
    Posts
    888
    Thanks
    87
    Thanked 114 Times in 75 Posts

    with just glancing at this i thought i was on the wrong site for a second...lmao you know what i mean.... 4:20

  4. #3
    Quote Originally Posted by vantheman169 View Post
    with just glancing at this i thought i was on the wrong site for a second...lmao you know what i mean.... 4:20
    Yup... I did the exact same thing.

  5. The Following User Says Thank You to Jastra For This Useful Post:

    vantheman169 (04-21-2011)

  6. #4
    We've sold a forensic tool to law enforcement offering this ability for more than 2 years now. Funny how it's big news when it's posted on Slashdot and then hits other sites but when we tried to publicize it over a year ago, no one seemed to care (slashdot and others didn't even print the story when contacted about it).

  7. #5
    You're forgetting that this file would be more valuable to some people over others. Like the Chinese govt, for one example.

    Americans are the easiest people in the world to find. This file would be the last thing checked. Google twitter Facebook aim yelp etc. Americans post their location everywhere.

  8. #6
    Livin the iPhone Life
    Join Date
    May 2008
    Posts
    8,023
    Thanks
    102
    Thanked 788 Times in 731 Posts

    Quote Originally Posted by epignosis567 View Post
    ...Americans are the easiest people in the world to find. This file would be the last thing checked. Google twitter Facebook aim yelp etc. Americans post their location everywhere.
    So true ... and we're such idiots !!!

    Information == knowledge. Knowledge == power.

  9. #7
    Hm, my old classmate Alex is making news. Interesting. I should be meeting him up in San Fran this summer. f anyone wants me to do a interview with him let me know.

  10. #8
    Man Idk why I thought this was gonna be about Lupe fiasco

    But yea what's the point of getting mad with them knowing where everyone is it's not surprising in the least

  11. #9
    Quote Originally Posted by vantheman169 View Post
    with just glancing at this i thought i was on the wrong site for a second...lmao you know what i mean.... 4:20
    I def got excited off that pic.. I was about to ask what do they call THAT lol

  12. The Following User Says Thank You to TheDude1120 For This Useful Post:

    vantheman169 (04-21-2011)

  13. #10
    i would smoke that thing, no doubt
    it's just a plant. Thats all it is. And if you happen to set it on fire...there are some effects...

  14. The Following User Says Thank You to iStoner For This Useful Post:

    vantheman169 (04-21-2011)

  15. #11
    My iPhone is a Part of Me vantheman169's Avatar
    Join Date
    Jul 2009
    Location
    Outter Space
    Posts
    888
    Thanks
    87
    Thanked 114 Times in 75 Posts

    Quote Originally Posted by istoner View Post
    i would smoke that thing, no doubt
    hahaha

  16. The Following User Says Thank You to vantheman169 For This Useful Post:

    GreenMachine (04-21-2011)

  17. #12
    I'm kinda getting tired of this story. It's now been debunked and dissected and now I think it's time to move on.

    Apple can legally remote-detonate jailbroken phones as long as they put it in the user agreement and you agree to it.

  18. #13
    My iPhone is a Part of Me coolguy742's Avatar
    Join Date
    Jul 2010
    Location
    Oklahoma
    Posts
    526
    Thanks
    213
    Thanked 37 Times in 30 Posts

    Quote Originally Posted by epignosis567 View Post
    You're forgetting that this file would be more valuable to some people over others. Like the Chinese govt, for one example.

    Americans are the easiest people in the world to find. This file would be the last thing checked. Google twitter Facebook aim yelp etc. Americans post their location everywhere.
    1) I don't do that and I'm American
    2) I don't say there is anything wrong with any other nationality, please don't do it to me either

  19. #14
    iPhone? More like MyPhone trentmorris's Avatar
    Join Date
    Jan 2009
    Location
    Las Vegas, NV
    Posts
    151
    Thanks
    20
    Thanked 105 Times in 38 Posts

    I think a lot of people are overreacting. We know a lot of companies (Google included) collect information to find patterns and trends in consumer life. This information is ultimately used in an effort to create more effective advertising. People jump to Big Brother, over harmless data collection.

    Stories like this just fuel the paranoia of guys living in their parent's basement.

    I will be leaving consolidated.db intact to do what it pleases. I might even post a copy on my Facebook.

    If you're still freaking out, read this.
    Last edited by trentmorris; 04-21-2011 at 11:42 PM.

  20. #15
    iPhone? More like MyPhone
    Join Date
    Mar 2011
    Location
    California
    Posts
    116
    Thanks
    14
    Thanked 24 Times in 23 Posts

    Quote Originally Posted by coolguy742 View Post
    1) I don't do that and I'm American
    2) I don't say there is anything wrong with any other nationality, please don't do it to me either

    I'm an American myself. I don't post on twitter at all, and I don't "check in" on facebook. That's not to say it isn't very commonplace amongst Americans. He didn't say anything negative against our populous or our culture (and I'm the first to stand up for us).

  21. #16
    Retired Moderator one1's Avatar
    Join Date
    Sep 2007
    Location
    In my own little world
    Posts
    10,318
    Thanks
    349
    Thanked 1,180 Times in 730 Posts

    If all of this information has been available in a book for the last five months why is the alarm only being sounded now
    Because nobody read your damn book. Snnnooooozzzeeeee.
    Screw #Winning, I'm #Juanning
    iMac 27" i5 quad 2.8Ghz (1TB), MacBook Pro 17" 2.6, iPhone 4s

  22. The Following User Says Thank You to one1 For This Useful Post:

    coolguy742 (04-22-2011)

  23. #17
    iPhone? More like MyPhone norfskate's Avatar
    Join Date
    Nov 2007
    Location
    Scotland
    Posts
    138
    Thanks
    1
    Thanked 13 Times in 12 Posts

    I'm actually heedin

  24. #18
    actually you are not overreacting.
    There have been quite some topics on this forum about data collection in apps and ios that are being send to the developer or apple.

    and i will say the same here on what i had to say then.

    we should NOT want this.
    also there should be a option enabling or disabling any data collection in ios that will be standard off.
    we had people reply like people reply now everyone collects data blablabla and that makes it alright.
    does it ? maybe you don't care but i care that marketing agencies collect this data like Iad's

    I am happy to see more people start to care old news or not my hope is one day we can go to settings and turn off data collection without losing any real functionality.

  25. #19
    is there an app so i can see where ive been on this file????

  26. #20
    Green Apple MCN's Avatar
    Join Date
    Jul 2008
    Location
    Honolulu, Hawaii
    Posts
    47
    Thanks
    7
    Thanked 3 Times in 3 Posts

    If you have issue with it, just download the fix from Cydia. We have more pressing issues in the country and we only thing that causes us to stand up is when we find out our cell phone keeps track of the tower we are closest to.
    Still a bit fresh at this...and will evolve to FRESH in a Bel Air type of way!

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •