The case was about business secret and forensic guy did a physical acquisition from a smart phone. He'd like to find out files relates to sensitive data by examining the image file.

A file named "top-secret.docx" draw forensic guy's attention. Bingo there's lots of classified data inside this document.

Where did this files come from? In which way? Who sent this file?  Take a look at the path and you'll know what's going on. This file was transfered via Bluetooth! All three timestamp including the creation time, accessed time and modified time are "2016/05/11 11:01:20 UTC". That means this file "top-secret.docx" was transfered to this volume on the smart phone at local time "2016/05/11 19:01:20". Also we could know the create date/time and the last person who modified this document. The "path" of a file is usually a useful hint to forensic guys.

Find out files transfered via Bluetooth的更多相关文章

  1. Analyze network packet files very carefully

    As a professional forensic guy, you can not be too careful to anlyze the evidence. Especially when t ...

  2. How to Implement Bluetooth Low Energy (BLE) in Ice Cream Sandwich

    ShareThis - By Vikas Verma Bluetooth low energy (BLE) is a feature of Bluetooth 4.0 wireless radio t ...

  3. Bluetooth

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  4. Bluetooth(android 4.2.2版本)

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  5. 零基础入门学习Python(3)--小插曲之变量和字符串

    前言 小甲鱼说,在对前边的小游戏改善前,先了解下,Python中的变量与字符串. 主要内容 变量 变量名就像我们现实社会的名字,把一个值赋值给一个名字时,Ta会存储在内存中,称之为变量(variabl ...

  6. Maven 梳理-安装配置

    项目构建过程包括[清理项目]→[编译项目]→[测试项目]→[生成测试报告]→[打包项目]→[部署项目]这几个步骤,这六个步骤就是一个项目的完整构建过程. 下载后解压   配置环境变量 F:\jtDev ...

  7. PIC24FJ64GB002 with bluetooth USB dongle

    PIC24FJ64GB002 with bluetooth USB dongle I will explain my project (how to control a bluetooth USB d ...

  8. [daily][device][bluetooth] 蓝牙怎么办!(archlinux下驱动蓝牙鼠标,以及三星手机)

    去年地摊买的破无线鼠标坏掉了.看上微软的Designer Mouse蓝牙鼠,但是买之前我要确认我能不能驱起来. 这款鼠标只支持蓝牙4.0.系统支持windows8以上,不支持xp和windows7. ...

  9. Bluetooth in Android 4.2 and 4.3(一):综述

    从Android 4.2开始,Bluetooth stack发生了重大改变:从Bluez换成了由Google和Broadcom联合开发的Bluedroid(当然,核心的部分还是Broadcom的,Go ...

随机推荐

  1. wordmate 词典安装

    wordmate,使用 StarDict 的词典,可称为 Android 上的 StarDict 安装 wordmate 后,会在 SD 卡中生成 wordmate 文件夹,词典便放在此目录 下载词典 ...

  2. (zhuan) Deep Reinforcement Learning Papers

    Deep Reinforcement Learning Papers A list of recent papers regarding deep reinforcement learning. Th ...

  3. tiny java web server

    import java.io.*; import java.net.ServerSocket; import java.net.Socket; import java.util.ArrayList; ...

  4. PHP-PHP-FPM的max_children一些误区

    现在nginx + fpm 基本成为主流的配置,其中我们比较关注的是pm.max_chindren的配置 首先,我们关注一个前提设置: pm = static/dynamic, 这个选项是标识fpm子 ...

  5. CDN 技术详解(DNS,GSLB,Cache)

    CDN 是什么 CDN(Content Delivery Network,内容分发网络),即全网内容加速服务.为了尽可能的避开互联网上有可能影响数据传输速度和稳定性的瓶颈和环节,使内容传输的更快.更稳 ...

  6. asp.net mvc4 学习笔记一(基本原理)

    做了8年的asp.net webform,用过MVVM但还没用过MVC , 虽然项目不用MVC,但是还是想了解一下,今天第二天学习,以下是学习心得. VS2012默认带有asp.net mvc3和as ...

  7. oracle数据库备份和还原

    ip导出方式:exp  demo/demo@127.0.0.1:1521/orcl file=f:\f.dmp full=y 备份:exp demo/demo@orcl file=f:\f.dmp f ...

  8. 转载:JAVA的静态变量、静态方法、静态类

    静态变量和静态方法都属于静态对象,它与非静态对象的差别需要做个说明. (1)Java静态对象和非静态对象有什么区别? 比对如下: 静态对象                                ...

  9. hdu3294 girl‘s research

    题目大意:有多组数据,每组数据给出一个字符和一个字符串.该字符将变成’a‘,表示字符串中的所有该字符将变成’a‘,同时其他字符也将做相同的偏移.具体来说,如果该字符为’b‘,表示字符串中的’b‘都将变 ...

  10. SVN设置钩子

    在post-commit 文件后增加两行: WEB_DIR="/data/www/wb.abc.cn/2.4" /usr/bin/svn update $WEB_DIR --use ...