Established NAS manufacturers often offer some kind of encryption to their users. While anyone can use “military-grade AES-256 encryption”, the implementation details vary greatly. Synology, Asustor, and TerraMaster implement folder-based encryption, while QNAP, Thecus, and Asustor (MyAcrhive) employ full-disk encryption; the full comparison is available here. In this article, we’ll have a look at encryption methods used in TrueNAS, a system commonly used by computer enthusiasts for building custom NAS servers.

Protecting one’s online privacy is becoming increasingly more important. With ISPs selling their customers’ usage data left and right, and various apps, mail and Web trackers contributing to the pool of “anonymized” data, de-anonimyzation becomes possible with big data analysis. This was clearly demonstrated with the recent event highlighted in Catholic priest quits after “anonymized” data revealed alleged use of Grindr.

Elcomsoft System Recovery is a perfect tool for digital field triage, enabling safer and more secure in-field investigations of live computers by booting from a dedicated USB media instead of using the installed OS. The recent update added a host of features to the already great tool, making it easier to examine the file system and extract passwords from the target computer.

Elcomsoft Phone Breaker is not just about Apple iCloud data. It can also download the data from other cloud services including Microsoft accounts. In this new version, we have added support for even more types of data, including Windows 10 Timeline, Account Activity (logins to the account), OneDrive files, recent OneDrive files history, and files from Microsoft Personal Vault. Learn about these data types and how they can help advance your investigation.

Released back in 2013, VeraCrypt picks up where TrueCrypt left off. Supporting more encryption algorithms, more hash functions and a variable number of hash iterations, VeraCrypt is the default choice for the security conscious. VeraCrypt has no known weaknesses except one: once the encrypted disk is mounted, the symmetric, on-the-fly encryption key must be kept in the computer’s RAM in order to read and write encrypted data. A recent change in VeraCrypt made OTF key extraction harder, while the latest update to Elcomsoft Forensic Disk Decryptor attempts to counter the effect of the change. Who is going to win this round?

Back in 2019, independent researcher axi0mX has developed a ground-breaking exploit. Targeting a vulnerability in the bootloader of several generations of iOS devices, checkm8 made it possible to obtain BootROM code execution and perform forensic analysis on a long list of devices running a wide range of iOS versions. In this article, we’ll talk about the forensic use of checkm8 with iOS Forensic Toolkit.

The supply of NVIDIA’s latest and greatest RTX 3000 series boards remains scarce due to production shortages and increased demand from gamers and cryptocurrency miners. That didn’t stop us from giving these cards yet another purpose: breaking Wi-Fi passwords.

The recent update to Elcomsoft Advanced Archive Password Recovery, our go-to tool for breaking passwords to encrypted archives, brought compatibility with RAR5 and 7Zip formats, and enabled multithreaded dictionary attacks. Which archive formats are the most secure, and which ones are the toughest to break? Read along to find out!

iOS Forensic Toolkit 7.0 brings low-level extraction support for the latest generation of Apple devices. This includes the entire range of iPhone 12 models as well as all other devices capable of running iOS 14.0 to 14.3. Learn how to image the latest iPhone models without a jailbreak.

The iPhone recovery mode has limited use for mobile forensics. However, even the limited amount of information available through recovery mode can be essential for an investigation. Recovery access can be also the only available analysis method if the device becomes unusable, is locked or disabled after ten unsuccessful unlocking attempts, or had entered the USB restricted mode. Learn how to enter and leave Recovery and what information you can obtain in this mode.