Mobile Forensics – Advanced Investigative Strategies

November 16th, 2020 by Vladimir Katalov
Category: «Clouds», «Mobile»

Four years ago, we published our first book: Mobile Forensics – Advanced Investigative Strategies. We are really proud of this achievement. Do you want to know the story behind it and what’s changed since then in mobile and cloud forensics? Here are some insides (but please do not tell anyone!)

If you read “Novel Notes” by Jerome K. Jerome (published in 1893), which is one of my favorite books, you’ll find our story exceptionally similar.

It all began with our blog. At one point, we decided that we need to put our knowledge on mobile forensics into single document – well, like a whitepaper. The intention was to collect some articles, update with the most recent information, add some “how-to”, conclude with some references – and that’s it, the whitepaper is ready!

So we started to work. In just two weeks, the “whitepaper” became about 50 pages, while it has covered less than 20% of everything we wanted to say. We understood that it should be a book, so we found a publisher, and…

It took one and a half year to write.

Most of the work has been done by my colleague Oleg Afonin, and I really appreciate it. He had to follow all the (sometimes crazy) publisher’s requirements, search for external references and do all that stuff. I mostly made suggestions on what we have to add, did some testing (of our software – oh yes, of course we tested it before, million times or so, but still we needed the most recent data), made some screen shots etc. In the middle of the work, we discussed what else was worth including in the book and what not. Sometimes we argued. Sometimes we had to trash a solid part of the material that looked fine just a day before. Sometimes we thought it’s not worth it and we’d better spend some time improving our software.

Long story short, we did it! And surprisingly received some positive reviews in the end. For example, from Mattia Epifani (partner and founder at REALITY NET – System Solutions, and also a SANS instructor), and Forensic Focus, the best source of up-to-date information on forensics tools and technologies. And a couple of reviews from Amazon readers:

  • “A most intense book, very in depth, very interesting in every aspect, a must read for cells.”
  • “One of the best published books dealing with Android and IOS Forensics”

I honestly wanted to compile a list of “updates” (or how to call it) about what had changed since the book release. But soon I realized that it takes another book to tell everything I want to tell. Everything from iTunes backups to iCloud encryption has changed, and even counting all these changes is easily worth an article.

Are there any other books on mobile forensics around? Of course, but not too many. Here is the list of every published book we are aware of (and we like them all):

Conclusion

“At that point my notes end, and there is nothing in the book beyond. Whether any of us thought any more of the novel, whether we ever met again to discuss it, whether it were ever begun, whether it were ever abandoned – I cannot say.”

You know the author.