Learn More
Windows Phone 7 is a new smartphone operating system with the potential to become one of the major smartphone platforms in the near future. Phones based on Windows Phone 7 are only available since a few months, so digital forensics of the new system is still in its infancy. This paper is a first look at Windows Phone 7 from a forensics' perspective. It(More)
The analysis of mobile devices is a fast moving area in digital forensics. Investigators frequently are challenged by devices which are not supported by existing mobile forensic tools. Low level techniques like de-soldering the flash memory chip and extracting its data provide an investigator with the exhibits internal memory, however, the interpretation of(More)
After testing the absorbable vicryl pad, which was developed by us in 1985, and having applied the technique as a routine in the surgical therapy of inguinal hernias since 1986, in total 2222 primary inguinal hernias and additional 937 first up to maximum 10th recurrences have been treated at our surgical department by means of the additional vicryl pad(More)
Since January 1981, the so-called "3-day principle" in cases of suspected appendicitis has been applied in order to render the indications for surgery more precise. The retrospective analysis of a total of 1877 appendectomies performed between 1981 and 1990 demonstrated that the majority of histologically definite cases of acute appendicitis had been(More)
A secure and reliable critical infrastructure is a concern of industry and governments. SCADA systems (Supervisory Control and Data Acquisition) are a subgroup of ICS (Industrial Control Systems) and known to be well interconnected with other networks. It is not uncommon to use public networks as transport route but a rising number of incidents of(More)
The Volatility Framework is a collection of tools for the analysis of computer RAM. The framework offers a multitude of analysis options and is used by many investigators worldwide. Volatility currently comes with a command line interface only, which might be a hinderer for some investigators to use the tool. In this paper we present a GUI and extensions(More)
Cold boot attacks provide a means to obtain a dump of a computer's volatile memory even if the machine is locked. Such a dump can be used to reconstruct hard disk encryption keys and get access to the content of Bit locker or True crypt encrypted drives. This is even possible, if the obtained dump contains errors. Cold boot attacks have been demonstrated(More)
  • 1