-
On Ashton Kutcher and Secure Multi-Party Computation
Back in March I was fortunate to spend several days visiting Brussels, where I had a chance to attend a panel on “chat control“: the new content scanning regime being considered by the EU Commission. Among various requirements, this proposed legislation would mandate that client-side scanning technology be incorporated into encrypted text messaging applications like…
-
PRFs, PRPs and other fantastic things
A few weeks ago I ran into a conversation on Twitter about the weaknesses of applied cryptography textbooks, and how they tend to spend way too much time lecturing people about Feistel networks and the boring details of AES. Some of the folks in this conversation suggested that instead of these things, we should be…
-
Book Review: Red Team Blues
As a rule, book reviews are not a thing I usually do. So when I received an out-of-the-blue email from Cory Doctorow last week asking if I would review his latest book, Red Team Blues, it took a minute to overcome my initial skepticism. While I’m a fan of Cory’s work, this is a narrow/nerdy…
-
Remarks on “Chat Control”
On March 23 I was invited to participate in a panel discussion at the European Internet Services Providers Association (EuroISPA). The focus of this discussion was on recent legislative proposals, especially the EU Commission’s new “chat control” content scanning proposal, as well as the future of encryption and fundamental rights. These are the introductory remarks…
-
iPhone and iPad Acquisition Methods: Yet Another Comparison
Welcome to the world of mobile forensics, where extracting data is the first (and arguably the most critical) step. Whether you’re working with an ancient Apple device or attempting to break into the latest iPhone 16 Pro Max, there is a method for every gadget – each with its own share of challenges. We love…
-
Extraction Agent and Firewall: Software vs. Hardware
Using a firewall is essential to secure the installation of the extraction agent when performing low-level extraction from a variety of iOS devices. We developed two solutions: a software-based firewall for macOS and a hardware-based firewall using a Raspberry Pi (or similar microcomputer) with our own custom firmware. This guide will help you choose the…
-
Intelligent Load Balancing: Optimizing Password Recovery Across Heterogeneous Units
In the latest update of Elcomsoft Distributed Password Recovery (EDPR), we’ve introduced a revamped load-balancing feature. The new feature aims to enhance resource utilization on local workstations across diverse hardware configurations. This update has drastically reduced the time required to break passwords in certain hardware configurations, thanks to a refined load distribution algorithm. In this…
-
When Speed Matters: Imaging Fast NVMe Drives
Modern NVMe SSDs require specialized approaches for forensic analysis. Each year, the speed and capacity of these devices grow, presenting significant challenges related to both the speed and reliability of transferring large volumes of data when capturing disk images. In this article, we will test the imaging of a high-speed Samsung 980Pro NVMe drive with…
-
Outlook Forensic Toolbox Helps Access Deleted Messages
What can a forensic expert find in an Outlook data file? Can they recover deleted emails, contacts and appointments from Microsoft Outlook? Can users erase unwanted correspondence from Outlook? In this article, we’ll demonstrate how experts can recover valuable information from Outlook data files (PST/OST), including deleted emails, contacts, attachments, and appointments. Even when users…
-
When Speed Matters: Optimizing Disk Imaging
We recently shared an article about maximizing disk imaging speeds, which sparked a lot of feedback from our users and, surprisingly, from the developers of one of the disk imaging tools who quickly released an update addressing the issues we discovered in the initial test round. We did an additional test, and we’re ready to…