Profile cover photo
Profile photo
John Lehr
180 followers
180 followers
About
John's posts

Post has attachment

Post has attachment
Android SDK on 64-bit Linux
I commonly use adb and fastboot to access Android devices.  Ubuntu has packages for those tools making installation easy: $ sudo apt-get install android-tools-adb android-tools-fastboot But, in recent months, I have encountered instances where the adb and f...

Post has attachment
Riffbox and Windows 10
I decided to bite the bullet and try out Windows 10. I wanted to learn the new operating system and determine if I could run specific software/hardware combinations under the new Windows that I had been running in Windows 7, specifically Riffbox. I happy ...

Post has attachment
URLs : U R Loaded with Information
In my early days of forensics, I considered URLs in web histories as nothing more than addresses to websites, and strictly speaking, that’s true. But URLs often contain form information supplied by the user and other artifacts that can be relevant to an in...

Post has attachment
Finding Felons with the Find Command
Digital devices are common place. Digital device examiners are not. How does the digital dutch boy prevent the digital device dam from breaking? By sticking his preview thumb into the leak. The point of a forensic preview is to determine if the device yo...

Post has attachment
Getting Attached: Apple Messaging Attachments
I sometimes get questions about showing attachments in Apple iDevice messaging databases. The questions, however, seem to come at a time when I don’t have any databases on hand to study the issue. Well, this week I stumbled on the chats.db during an exam ...

Post has attachment
Identifying Android Device Owners
I work in a college town.  That means lots of unsecured electronics.  Lots of unsecured electronics means lots of thefts and 'misplaced'-- "I'm not as think as you drunk I am!"-- devices.   I've seen a trend in recovered stolen devices over the past few yea...

Post has attachment
Searching for Searches
In a recent examination of smart phone content, it became necessary to know the personal interests of the device's owner.  You can browse internet and app history, but that can be extensive to review every URLs to every clicked link and served page.  To get...

Post has attachment
Finding Serial Numbers on Locked iPhones
Apple iDevices have their serial number engraved on the back, right? So why the article? Because it's not true of newer devices like the iPhone 5, 5s, and 5c. Also, original cases can be replaced and serial numbers obliterated through unprotected use or ...

Post has attachment
Identifying Owners of Locked Android Devices
Locked Devices are not Always Secure I was handed a device I’ve never seen before: A Verizon Ellipsis 7" tablet. The device was suspected to be stolen, but it was password locked with no sd card or sim card installed. USB debugging and mass storage mode w...
Wait while more posts are being loaded