Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, March 17, 2010

Forensics for GPS Unit

Blackthorn2 - http://www.blackthorn2.com/

TomTom

Forensic Analyser - TomTom Edition - http://www.gpsforensics.org/reviews_forensicanalyzer.html - company seems to be dead
TomTology - http://www.forensicnavigation.com/#/products/4527490520
EnCase Enscript - can parse TomTom files once they have been recovered from a device
XACT - http://www.msab.com/

Garmin

Device Seizure http://www.paraben.com/catalog/product_info.php?cPath=25&products_id=405
\Garmin\GPX\Current.gpx is an text file that contains trips details

Cross Product


Blackthorn2
For forensics acquisition, examination and analysis platform for various platforms including Garmin, TomTom, and Magellan:
I like this product since it provides forensic quality data (including hashes).
Pricing:  Being requested.

Device Seizure
• GPS Waypoints, Tracks, Routes…
Price: USD 199 per license

TomTom Specific

TomTology
Decoding of live data providing:
         Home Location
       Favourites
     Recent Destinations
     Last Journey Start and End Point (where available)
         Stored Phonebook
         Called Phone Numbers
     Received Phone Numbers
         Sent SMS Messages
         Received SMS Messages
         Location where TomTom was turned off

• Retrieving of deleted journeys from unallocated space proving same details as above for all recovered.

• Locating deleted phone numbers

• Locating deleted SMS Messages

Price: USD 250 per license

XACT
Retrieves location data.

Pricing: Being requested.

Not tools but useful pages of info:


Tom Tom GPS Forensics
Pinpointing TomTom location records: A forensic analysis

Posted on 03/17
NewsPermalink