Chapter 6. Using Python for Mobile Forensics
While forensic analysis of standard computer hardware—such as hard disks—has developed into a stable discipline with a lot of reference work such as the book File System Forensic Analysis, by Brian Carrier, Addison-Wesley Professional and our previous chapters, there is still much debate on the techniques to analyze non-standard hardware or transient evidence. Despite their increasing role in digital investigations, smartphones are still to be considered non-standard because of their heterogeneity. In all the investigations, it is necessary to follow the basic forensic principles. The two main principles of forensic investigations are as follows:
- Great care must be taken so that the evidence is manipulated or changed as little as possible.
- The course of a digital investigation must be understandable and open to scrutiny. At best, the results of the investigation must be reproducible by independent investigators.
The first...
