Blog

Every now and again we will add data recovery and computer forensics relevant articles to our blog. If you have topic suggestions - feel free to contact us.

Researcher to Discuss Forensic Complications Posed by Apple’s Migration to SSDs at TakeDownCon Dallas

Tue 17 May, 2011 | No comments

Researcher to Discuss Forensic Complications Posed by Apple’s Migration to SSDs at TakeDownCon Dallas

http://www.prweb.com/releases/2011/5/prweb8399928.htmDallas, TX (PRWEB) May XX, 2011

Apple’s latest update to their all-in-one iMac series includes a build-to-order option for SSD (Solid State Drive) reflecting the trend of migrating to SSDs, due to their enhancements in efficiency and reliability as opposed to traditional hard drives.  But hard drive forensics expert Scott Moulton, who is presenting in one week at EC-Council’s TakeDownCon Dallas conference, will show how this migration isn’t as well-received from a forensic standpoint, potentially even frustrating criminal and civil investigations.

In an effort to retain efficiency, SSDs activate purging algorithms for locating files that have already been marked for deletion, and reset them; this is done because writing to an unused space is twice as fast as writing to a used space. This can take place within minutes from the SSD being powered on, and does so without any instruction from the computer or knowledge of the user.  There are neither any warnings nor indicator lights to inform the user of such activity.

Furthermore, as a result of these “garbage collecting” purging algorithms operating independently from the computer it’s attached to, “write blockers,” which are meant to isolate the drive during forensic imaging, are rendered useless. If this takes place before or during the forensic extraction process, irrecoverable damage to the data can occur, resulting in destructive corrosion of potentially vital evidence. For the user, this is a feature; for law enforcement, this is a frustration.

With the addition of SSDs to the iMac, Apple now has multiple products that use SSDs, including the MacBook Air and iPad.

“This could make it easier for criminals to get away with crime,” said Moulton, who’s been involved in numerous criminal investigations, ranging from child pornography cases to murder.  “SSDs are not as reliable as people think, and there is a huge risk of complete data loss. This loss is the criminal’s gain, and as SSDs become more ubiquitous, this is going to become a bigger problem for forensic examiners.”

Scott Moulton, president of Forensic Strategy Services in Atlanta, will be presenting his research on May 19th, at TakeDownCon Dallas, the EC-Council’s new technical IT security conference series, taking place at the InterContinental Dallas. For more information, visit www.TakeDownCon.comor www.ECCouncil.org.

ABOUT SCOTT MOULTON

Scott Moulton is president of Forensic Strategy Services in Atlanta.  As the owner of MyHardDriveDied.com, he specializes in data recovery and training for the public and private sector. He has testified as an expert witness in numerous criminal cases, ranging from child pornography to homicide.

ABOUT TAKEDOWNCON

TakeDownCon is a new technical IT security conference series that provides advanced, highly technical research, presentations, and training to accomplished information security professionals. Designed by EC-Council, it debuts in 2011 with two conferences in Dallas and Las Vegas. TakeDownCon focuses on technical research in cutting-edge exploits and vulnerabilities and also provides EC-Council certification training, including the renowned Certified Ethical Hacker (CEH) program (an accepted certification of DOD Directive 8570.01M Change 2). Website: http://www.takedown.com.

 

ABOUT EC-COUNCIL

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. Its certification programs are offered by over 450 training centers across 84 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. The global organization is headquartered in Albuquerque, New Mexico. More information about EC-Council is available at www.eccouncil.org.

 ### Contact Information Justin Troutman

 

Comments