Your guide to Android 6.0’s encryption, passwords, and adoptable storage—and the skills and tools you need to collect evidence from devices that use them.
Android Marshmallow forensic analysis might seem potentially insurmountable. But as Android’s single most popular OS at the moment, it must be a priority. However, its hardware-accelerated encryption follows on Apple’s heels, it maintains passwords in entirely different and unexpected places, and its adoptable storage means you can no longer remove micro SD cards and examine them separately from the devices they came from.
Therefore, as Marshmallow gains ground with more mobile device manufacturers shipping it preinstalled on new devices, forensic examiners need to know how to obtain the data obfuscated within its file system—a process which mainly requires the right approach.
Register for our white paper to learn more about:
- Why Marshmallow’s built-in encryption isn’t necessarily the end of the forensic line
- How to bypass new and different levels of data obfuscation
- Where—and more importantly, how—to find the right data partition
- How adoptable storage changes your forensic process for micro SD cards
Pre-register for the Android Marshmallow White Paper today!
SIGN UP TO GET IT FIRST!