7:00p - Pizza, Networking and General Merriment
Special thanks to LeadPages for being June's pizza sponsor!
7:30p - Lightning Talks
• Lisp & Python: Hy - Andres Moreno (http://www.meetup.com/PyMNtos-Twin-Cities-Python-User-Group/members/134009772) (15 minutes)
• Time Intervals By Extending the Datetime Library - Kyle Marek-Spartz (http://www.meetup.com/PyMNtos-Twin-Cities-Python-User-Group/members/109628552/)
• Parsing data with Construct (http://construct.readthedocs.org/en/latest/index.html) - Benjamin Riggs (http://www.meetup.com/PyMNtos-Twin-Cities-Python-User-Group/members/145932622/)
• Mobile App Forensics Python Plug-in Development - John J. Carney, Esq. & Don Huettl (30 minutes)
Digital forensic practitioners are facing a challenging problem today keeping up with the sky rocketing popularity of mobile apps on smart phones and tablets. Mobile apps available for the public to download from app stores are growing exponentially and now number into the millions. Digital evidence from these apps is frequently material to criminal and civil cases and investigations. Yet app evidence is time consuming and costly to decode, analyze, and produce while facing deadlines and a backlog of cases. What can be done to solve this industry wide app challenge?
This session will present a case study in mobile app forensics development that points to a solution. Mobile examiners can step up and become developers of Python scripts or plug-ins that meet the need for cost effective evidence retrieval from mobile apps not yet supported by mobile device forensic tools vendors. The presenters will describe the development environment and process for decoding, authoring, and testing a plug-in for examining an unsupported mobile messaging app on an Android mobile device using Cellebrite’s UFED Physical Analyzer. Lastly, they will point the way to resources and documentation to educate and support examiners who want to develop their own plug-ins.