Using the Extraction Agent in 2026: Compatibility, Signing, Firewall, and Extraction Tips
May 11th, 2026 by Oleg Afonin
Over the years, we have published several articles about the extraction agent. However, the underlying technology changes quickly, and incremental changes often have significant cumulative effects. As a result, many of our older posts are no longer relevant and can be misleading if followed to the letter today. While last year’s recap, Installing and Troubleshooting the Extraction Agent (2025), remains a solid foundation for general setup, it does not account for the most recent hardware and software developments. This article serves as the definitive point of reference, providing an up-to-date recap of everything you need to know about the extraction agent as of May 2026.
Identifying SSD Controller and NAND Configuration
January 31st, 2019 by Oleg Afonin
In our previous article Why SSDs Die a Sudden Death (and How to Deal with It) we talked about SSD endurance and how it’s not the only thing affecting real life reliability. In that article, we assumed that manufacturers’ specifications of certain SSD models remain similar for a given SSD model. In fact, this is not the case. Quite a few manufacturers play tricks with consumers, releasing a certain SSD model with top notch specifications only to downgrade them at some point during the production cycle (but certainly after receiving its share of glowing reviews). While some OEMs do note the change at least in the revision number, the rest will just quote the small print allowing them to “change specifications at any time without prior notice”. We’ve seen well known SSD manufacturers switching from reliable MLC NAND to planar TLC trash within the same model (and zero notice to potential buyers). How can you tell which NAND configuration your particular SSD drive employs and whether or not it lives up to your expectations? Read along to find out.
Securing and Extracting Health Data: Apple Health vs. Google Fit
January 30th, 2019 by Oleg Afonin
Today’s smartphones and wearable devices collect overwhelming amounts of data about the user’s health. Health information including the user’s daily activities, workouts, medical conditions, body measurements and many other types of information is undoubtedly one of the most sensitive types of data. Yet, smartphone users are lenient to trust this highly sensitive information to other parties. In this research, we’ll figure out how Apple and Google as two major mobile OS manufacturers collect, store, process and secure health data. We’ll analyze Apple Health and Google Fit, research what information they store in the cloud, learn how to extract the data. We’ll also analyze how both companies secure health information and how much of that data is available to third parties.
Apple iTunes: Standalone vs. Microsoft Store Edition
January 23rd, 2019 by Oleg Afonin
Since April 2018, Apple made iTunes available to Windows 10 users through the Microsoft Store. While the stand-alone download remains available from Apple’s Web site, it is no longer offered by default to Windows 10 users. Instead, visitors are directed to Microsoft Store, which will handle the installation and updates of the iTunes app.
Why SSDs Die a Sudden Death (and How to Deal with It)
January 18th, 2019 by Oleg Afonin
Many thanks to Roman Morozov, ACELab technical support specialist, for sharing his extensive knowledge and expertise and for all the time he spent ditching bugs in this article.
Life after Trim: Using Factory Access Mode for Imaging SSD Drives
January 16th, 2019 by Oleg Afonin
Many thanks to Roman Morozov, ACELab technical support specialist, for sharing his extensive knowledge and expertise and for all the time he spent ditching bugs in this article.
A New Method for Decrypting WhatsApp Backups
December 20th, 2018 by Vladimir Katalov
WhatsApp remains one of the most popular instant messengers. With more than 1.5 billion users and about half billion daily active users, WhatsApp sends over 100 billion messages per day. WhatsApp is secure thanks to end-to-end encryption to make intercepted messages impossible to decrypt. While this is great news to consumers and privacy advocates, it is also bad news for the law enforcement. Once an expert accepts to access the suspect’s WhatsApp communication history, they will struggle with the encryption and demand for a vendor-provided backdoor (WhatsApp: The Bad Guys’ Secret Weapon).
Six Ways to Decrypt iPhone Passwords from the Keychain
December 18th, 2018 by Vladimir Katalov
In Apple’s world, the keychain is one of the core and most secure components of macOS, iOS and its derivatives such as watchOS and tvOS. The keychain is intended to keep the user’s most valuable secrets securely protected. This includes protection for authentication tokens, encryption keys, credit card data and a lot more. End users are mostly familiar with one particular feature of the keychain: the ability to store all kinds of passwords. This includes passwords to Web sites (Safari and third-party Web browsers), mail accounts, social networks, instant messengers, bank accounts and just about everything else. Some records (such as Wi-Fi passwords) are “system-wide”, while other records can be only accessed by their respective apps. iOS 12 further develops password auto-fill, allowing users to utilize passwords they stored in Safari in many third-party apps.
How to Reset or Recover Windows SYSKEY Passwords
December 7th, 2018 by Oleg Afonin
Some 22 years ago, Microsoft made an attempt to make Windows more secure by adding an extra layer of protection. The SAM Lock Tool, commonly known as SYSKEY (the name of its executable file), was used to encrypt the content of the Windows Security Account Manager (SAM) database. The encryption was using a 128-bit RC4 encryption key.
Can Forensic Experts Keep Up with the Digital Age?
December 5th, 2018 by Vladimir Katalov
The boom in personal electronic devices recording literally every persons’ step introduced a new type of forensic evidence: the digital evidence. In this day and age, significantly more forensic evidence is available in digital form compared to physical evidence of yesteryear. Are law enforcement and intelligence agencies ready to handle the abundance of digital evidence? And more importantly, do frontline officers have the skills and technical expertise required to handle and preserve this wealth of information?
Apple Health Is the Next Big Thing: Health, Cloud and Security
November 29th, 2018 by Vladimir Katalov
Health data is among the most important bits of information about a person. Health information is just as sensitive as the person’s passwords – and might be even more sensitive. It is only natural that health information is treated accordingly. Medical facilities are strictly regulated and take every possible security measure to restrict access to your medical records.
