Sarah Edwards: Why do testing? It sounds boring! I understand. I do a little bit of Android as well, but this one's mostly focusing on iOS and Mac OS. I want to test how things work on Mac devices. So, Bear Essentials - what am I going to be talking about? I'm going to do a presentation of stuff that I do, on a daily basis. I'm presenting this later at BsidesNola, so I really only go to conferences where there's booze, at least in the month of October. Sarah Edwards: My contact information is up here and if you want a copy of the presentation it's going to be uploaded to my website in a couple of weeks. I actually try to actively avoid Windows, so I'm going to go through some Mac and iOS stuff here, kind of focusing on iOS, because it does tend to be a little bit more difficult. I do a little bit of reverse engineering, but I also do a lot of dynamic analysis. Maybe figure out a function, here and there, but frankly I'm a forensics person - straight up. I can find strings in IDA, or Hopper, or some other things, but that's about it. ![]() ![]() We do have a reverse engineering theme going on here, if anybody's already caught that? I am not a reverse engineer. Sarah Edwards: This is Poking the Bear: Teasing out Apple's Secrets Through Dynamic Forensic Analysis. (Source: Jailbreak Brewing Company) Transcript I will also show how more intensive testing can be implemented to tease out the strange oddities of native and 3rd party data stored in various SQLite databases using some of my APOLLO modules as examples. A 30 second test may be well worth the investment in the long run. This talk will go through my testing processes on Mac and IOS platforms to show that sometimes a quick test really is a quick test. However, testing can make or break cases. ![]() Testing is the only way to get that warm fuzzy feeling that the awesome piece of data you found truly means what you think it means. They certainly do some questionable things. My experience with Apple data is that it is consistently inconsistent. If I come across a useful piece of data on macOS or iOS I do not just assume I know what it means - especially if my whole case depends on it. Sarah Edwards speaking at the Jailbreak Brewing Company Security Summit on Friday, October 11, 2019.
0 Comments
Leave a Reply. |