The case was about business secret and forensic guy did a physical acquisition from a smart phone. He'd like to find out files relates to sensitive data by examining the image file.

A file named "top-secret.docx" draw forensic guy's attention. Bingo there's lots of classified data inside this document.

Where did this files come from? In which way? Who sent this file?  Take a look at the path and you'll know what's going on. This file was transfered via Bluetooth! All three timestamp including the creation time, accessed time and modified time are "2016/05/11 11:01:20 UTC". That means this file "top-secret.docx" was transfered to this volume on the smart phone at local time "2016/05/11 19:01:20". Also we could know the create date/time and the last person who modified this document. The "path" of a file is usually a useful hint to forensic guys.

Find out files transfered via Bluetooth的更多相关文章

  1. Analyze network packet files very carefully

    As a professional forensic guy, you can not be too careful to anlyze the evidence. Especially when t ...

  2. How to Implement Bluetooth Low Energy (BLE) in Ice Cream Sandwich

    ShareThis - By Vikas Verma Bluetooth low energy (BLE) is a feature of Bluetooth 4.0 wireless radio t ...

  3. Bluetooth

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  4. Bluetooth(android 4.2.2版本)

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  5. 零基础入门学习Python(3)--小插曲之变量和字符串

    前言 小甲鱼说,在对前边的小游戏改善前,先了解下,Python中的变量与字符串. 主要内容 变量 变量名就像我们现实社会的名字,把一个值赋值给一个名字时,Ta会存储在内存中,称之为变量(variabl ...

  6. Maven 梳理-安装配置

    项目构建过程包括[清理项目]→[编译项目]→[测试项目]→[生成测试报告]→[打包项目]→[部署项目]这几个步骤,这六个步骤就是一个项目的完整构建过程. 下载后解压   配置环境变量 F:\jtDev ...

  7. PIC24FJ64GB002 with bluetooth USB dongle

    PIC24FJ64GB002 with bluetooth USB dongle I will explain my project (how to control a bluetooth USB d ...

  8. [daily][device][bluetooth] 蓝牙怎么办!(archlinux下驱动蓝牙鼠标,以及三星手机)

    去年地摊买的破无线鼠标坏掉了.看上微软的Designer Mouse蓝牙鼠,但是买之前我要确认我能不能驱起来. 这款鼠标只支持蓝牙4.0.系统支持windows8以上,不支持xp和windows7. ...

  9. Bluetooth in Android 4.2 and 4.3(一):综述

    从Android 4.2开始,Bluetooth stack发生了重大改变:从Bluez换成了由Google和Broadcom联合开发的Bluedroid(当然,核心的部分还是Broadcom的,Go ...

随机推荐

  1. c++中的内存空间不足和自定义处理内存不足

    new操作符动态分配内存时,首先它会调用对象的operator new()函数分配相应大的内存(如果对象类没有重载operator new()函数,则默认调用<new>头文件里的opera ...

  2. iOS初步开发

    趁公司目前iOS整个没人管理,我折腾一下调试工具,刚好nordic也有参考demo. 然后作为helloworld级别的我... 就直接down下来,结果,还不错, 不像oschina.net和cod ...

  3. C++引用详解

    引用的概念 引用:就是某一变量(目标)的一个别名,对引用的操作与对变量直接操作完全一样. 引用的声明方法:类型标识符 &引用名=目标变量名: 如下:定义引用ra,它是变量a的引用,即别名. i ...

  4. spring加载bean实例化顺序

    问题来源: 有一个bean为 A,一个bean为B.想要A在容器实例化的时候的一个属性name赋值为B的一个方法funB的返回值. 如果只是在A里单纯的写着: private B b;private ...

  5. 【python】多进程锁multiprocess.Lock

    [python]多进程锁multiprocess.Lock 2013-09-13 13:48 11613人阅读 评论(2) 收藏 举报  分类: Python(38)  同步的方法基本与多线程相同. ...

  6. appium 环境搭建 java

    1 安装node.js 1.1 安装node.js http://nodejs.cn/download/ 1.2.下载后直接点击exe,按照提示一步一步的安装 1.3 安装成功后,运行cmd,输入no ...

  7. Beta版本冲刺——day2

    No Bug 031402401鲍亮 031402402曹鑫杰 031402403常松 031402412林淋 031402418汪培侨 031402426许秋鑫 站立式会议 培侨走的第5天,想他~( ...

  8. Temporary-Post-Used-For-Style-Detection-Title-16761156

    Temporary-Post-Used-For-Style-Detection-Content-16761156 =-=-=-=-=Powered by Blogilo

  9. Managing a node remotely by using the netapp SP

    Managing a node remotely by using the Service Processor The Service Processor (SP) is a remote manag ...

  10. DOJO DOM 功能

    In this tutorial, you'll learn about how to use Dojo to manipulate the DOM in a simple, cross-browse ...