April 2015
Beginner to intermediate
322 pages
7h 11m
English
In addition to the methods discussed in the previous chapters, there are also more advanced, specialized methods available. JTAG and chip-off methods are both highly useful tools in many common situations, but require advanced training (and a lot of practice before working on live evidence!). The final advanced method, a cold boot attack to recover encryption keys, is far more theoretical.
JTAG is a standard developed by the Institute of Electrical and Electronics Engineers (IEEE). During the device production process, it is used to communicate with the processor through a specialized interface for testing purposes. Luckily for forensic examiners, it also allows them to communicate directly with the processor and ...