![]() ![]() Alternatively, the logs can be obtained from a forensic image if the device is jailbroken. These logs can be generated within the device and then (ironically) AirDropped to an Apple computer for review. In any investigation or eDiscovery matter, obtaining a copy of the sysdiagnose log archives is a good idea however, obtaining them can be challenging if access to the device is limited. Depending on phone use, these logs can show data going back a few days to possibly 2 weeks, so time is an important factor when analyzing these logs. These logs can contain useful information showing files transferred to and from the device via AirDrop. ![]() This highlighted the high value in analyzing these logs from iOS devices.ĪirDrop logs are stored within the sysdiagnose log archive on iOS devices, and contain a plethora of valuable information. This was very likely his ex-friends doing and would explain the blackmail style messages he was receiving. ![]() I did however find AirDrop transfers to an iPad, and he did not own an iPad. ![]() I analyzed his phone over the course of two weeks and did not find any proof of spyware on the device. He did not know how his ex-friend could have these photos in their possession, and he was worried that his iPhone had been hacked somehow. Don’t Overlook the Significance of AirDrop Logs in iOS AnalysisĪ client once came to me with a concern for his privacy, as he started receiving his own private photos sent to him from a friend that he had a falling-out with. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |