The case was about business secret and forensic guy did a physical acquisition from a smart phone. He'd like to find out files relates to sensitive data by examining the image file.

A file named "top-secret.docx" draw forensic guy's attention. Bingo there's lots of classified data inside this document.

Where did this files come from? In which way? Who sent this file?  Take a look at the path and you'll know what's going on. This file was transfered via Bluetooth! All three timestamp including the creation time, accessed time and modified time are "2016/05/11 11:01:20 UTC". That means this file "top-secret.docx" was transfered to this volume on the smart phone at local time "2016/05/11 19:01:20". Also we could know the create date/time and the last person who modified this document. The "path" of a file is usually a useful hint to forensic guys.

Find out files transfered via Bluetooth的更多相关文章

  1. Analyze network packet files very carefully

    As a professional forensic guy, you can not be too careful to anlyze the evidence. Especially when t ...

  2. How to Implement Bluetooth Low Energy (BLE) in Ice Cream Sandwich

    ShareThis - By Vikas Verma Bluetooth low energy (BLE) is a feature of Bluetooth 4.0 wireless radio t ...

  3. Bluetooth

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  4. Bluetooth(android 4.2.2版本)

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  5. 零基础入门学习Python(3)--小插曲之变量和字符串

    前言 小甲鱼说,在对前边的小游戏改善前,先了解下,Python中的变量与字符串. 主要内容 变量 变量名就像我们现实社会的名字,把一个值赋值给一个名字时,Ta会存储在内存中,称之为变量(variabl ...

  6. Maven 梳理-安装配置

    项目构建过程包括[清理项目]→[编译项目]→[测试项目]→[生成测试报告]→[打包项目]→[部署项目]这几个步骤,这六个步骤就是一个项目的完整构建过程. 下载后解压   配置环境变量 F:\jtDev ...

  7. PIC24FJ64GB002 with bluetooth USB dongle

    PIC24FJ64GB002 with bluetooth USB dongle I will explain my project (how to control a bluetooth USB d ...

  8. [daily][device][bluetooth] 蓝牙怎么办!(archlinux下驱动蓝牙鼠标,以及三星手机)

    去年地摊买的破无线鼠标坏掉了.看上微软的Designer Mouse蓝牙鼠,但是买之前我要确认我能不能驱起来. 这款鼠标只支持蓝牙4.0.系统支持windows8以上,不支持xp和windows7. ...

  9. Bluetooth in Android 4.2 and 4.3(一):综述

    从Android 4.2开始,Bluetooth stack发生了重大改变:从Bluez换成了由Google和Broadcom联合开发的Bluedroid(当然,核心的部分还是Broadcom的,Go ...

随机推荐

  1. html框架

    1.框架的概念 框架:将一个浏览器窗口划分成若干个小窗口 2.框架集合框架页 框架集<frameset>:主要用来划分窗口的. 框架页<frame>:主要用来指定窗口默认显示的 ...

  2. 【Yii2-CookBook】JSON 和 XML 输出

    Web 和移动应用程序现在不仅仅只是用来呈现 HTML. 现在开发一个移动客户端,利用服务器 api 驱动前端,所有的用户交互都在客户端哪里.JSON 和 XML 格式通常用于序列化和传输结构化数据通 ...

  3. there are no usable controls in this group

    今天遇到一个怪事, MFC的toolbox是灰的, 不能使用, 后来上网一查找到解决方案: 右键Toolbox, 点击"Choose Items", 重新启动VS2013, 这样t ...

  4. 创建COM对象时遭遇 800702e4

    SolidEdge st5(x64) SDK /vs2012/win8.1 x64 西夏普创建SEApplication COM对象时遭遇800702e4.翻来覆去的调vs进程的权限,调se进程的权限 ...

  5. 利用ffmpeg给小视频结尾增加logo水印

    背景 1.app有类似微信拍摄小视频功能,时长上限8s,视频文件保存在第三方云存储,app直接上传,后端数据库只记录视频的存放地址. 2.最近一次功能迭代,增加了小视频下载功能,小视频有可能在别的社交 ...

  6. Python 文件常见操作

    # -*-coding:utf8 -*- ''''' Python常见文件操作示例 os.path 模块中的路径名访问函数 分隔 basename() 去掉目录路径, 返回文件名 dirname()  ...

  7. 一个奇葩的SQL

    需求 建表脚本 CREATE TABLE [dbo].[A]( ) NOT NULL, ) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[B]( ) NOT N ...

  8. OAF_开发系列22_实现OAF条形码BarCode

    20150717 Created By BaoXinjian

  9. Android笔记:invalidate()和postInvalidate() 的区别及使用

    http://blog.csdn.net/mars2639/article/details/6650876 Android提供了Invalidate方法实现界面刷新,但是Invalidate不能直接在 ...

  10. Shift的用法

    Shell编程中Shift的用法     位置参数可以用shift命令左移.比如shift 3表示原来的$4现在变成$1,原来的$5现在变成$2等等,原来的$1.$2.$3丢弃,$0不移动.不带参数的 ...