-
Firefox Security Response to pwn2own 2025
At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature release management and security engineering practices. These practices combined with well-trained and talented Firefox teams are also the reason why we respond to security bugs…
-
Updated GPG key for signing Firefox Releases
The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to a new signing subkey shortly. The GPG fingerprint is 14F2 6682 D091 6CDD 81E3 7B6D 61B7 B526 D98F 0353. The new signing subkey’s fingerprint is 09BE ED63 F346 2A2D FFAB 3B87 5ECB 6497…
-
A first look at iOS 18 forensics
This has been a tough year for me: my mom passed away in June, and I’m still slowly recovering from the hard blow. It’s time to start again doing what I love: researching and sharing! It’s early September and like every year, that moment is approaching when everyone who deals with mobile forensics starts to…
-
Dissecting the Android WiFiConfigStore.xml for forensic analysis
A smartphone is often connected to a Wi-Fi network: think of how much time we spend at home, in our office, or even in a public place while studying or exercising. As soon as we can reach a (hopefully trusted) Wi-Fi network, we connect to it! On Android devices, the Wi-Fi connection is managed by…
-
A first look at Android 14 forensics
Android 14 was released to the public by the Open Handset Alliance on October 4, 2023, and is now available on various smartphones, including the Google Pixel. This blog post aims to explore a list of the majr oartifacts you can find on this version of the Android OS. For testing and review, I set up…
-
Analysis of Android settings during a forensic investigation
During the forensic examination of a smartphone, we sometimes need to understand some basic settings of the device. Some simple examples are: What is the name of the device? Is the “Set time automatically” option on or off? Is the “Set time zone automatically” option on or off? Is mobile data switched on or off?…
-
Has the user ever used the XYZ application? aka traces of application execution on mobile devices
A common question during a forensic investigation of a digital device is: “Has the user ever used the XYZ application?“. As always when answering this question, it is important to create and follow a solid process. In this blog post, I want to share a possible process that everyone should customize based on their needs…
-
iOS 15 Image Forensics Analysis and Tools Comparison – Browsers, Mail Clients, and Productivity apps
The fifth episode is dedicated to three categories of third-party apps: browsers, mail clients, and productivity apps. There are 6 browsers, 3 mail clients, and 3 productivity applications available in Josh Hickman’s acquisition. The 6 browsers are listed below, in alphabetical order. Brave DuckDuckGo Firefox Firefox Focus Google Chrome Microsoft Edge The 3 mail clients…
-
iOS 15 Image Forensics Analysis and Tools Comparison – Communication and Social Networking Apps
The fourth episode is dedicated to the most analyzed family of applications: communication and social networking apps. Before I start, I would like to mention that I have made some corrections to the previous blog post, based on feedback by tool developers. Also, most of them have confirmed to me that they are working on…