The case was about business secret and forensic guy did a physical acquisition from a smart phone. He'd like to find out files relates to sensitive data by examining the image file.

A file named "top-secret.docx" draw forensic guy's attention. Bingo there's lots of classified data inside this document.

Where did this files come from? In which way? Who sent this file?  Take a look at the path and you'll know what's going on. This file was transfered via Bluetooth! All three timestamp including the creation time, accessed time and modified time are "2016/05/11 11:01:20 UTC". That means this file "top-secret.docx" was transfered to this volume on the smart phone at local time "2016/05/11 19:01:20". Also we could know the create date/time and the last person who modified this document. The "path" of a file is usually a useful hint to forensic guys.

Find out files transfered via Bluetooth的更多相关文章

  1. Analyze network packet files very carefully

    As a professional forensic guy, you can not be too careful to anlyze the evidence. Especially when t ...

  2. How to Implement Bluetooth Low Energy (BLE) in Ice Cream Sandwich

    ShareThis - By Vikas Verma Bluetooth low energy (BLE) is a feature of Bluetooth 4.0 wireless radio t ...

  3. Bluetooth

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  4. Bluetooth(android 4.2.2版本)

    Android provides a default Bluetooth stack, BlueDroid, that is divided into two layers: The Bluetoot ...

  5. 零基础入门学习Python(3)--小插曲之变量和字符串

    前言 小甲鱼说,在对前边的小游戏改善前,先了解下,Python中的变量与字符串. 主要内容 变量 变量名就像我们现实社会的名字,把一个值赋值给一个名字时,Ta会存储在内存中,称之为变量(variabl ...

  6. Maven 梳理-安装配置

    项目构建过程包括[清理项目]→[编译项目]→[测试项目]→[生成测试报告]→[打包项目]→[部署项目]这几个步骤,这六个步骤就是一个项目的完整构建过程. 下载后解压   配置环境变量 F:\jtDev ...

  7. PIC24FJ64GB002 with bluetooth USB dongle

    PIC24FJ64GB002 with bluetooth USB dongle I will explain my project (how to control a bluetooth USB d ...

  8. [daily][device][bluetooth] 蓝牙怎么办!(archlinux下驱动蓝牙鼠标,以及三星手机)

    去年地摊买的破无线鼠标坏掉了.看上微软的Designer Mouse蓝牙鼠,但是买之前我要确认我能不能驱起来. 这款鼠标只支持蓝牙4.0.系统支持windows8以上,不支持xp和windows7. ...

  9. Bluetooth in Android 4.2 and 4.3(一):综述

    从Android 4.2开始,Bluetooth stack发生了重大改变:从Bluez换成了由Google和Broadcom联合开发的Bluedroid(当然,核心的部分还是Broadcom的,Go ...

随机推荐

  1. 1.5 linux笔记

    fdisk /dev/sda   查看sda下硬盘状态 fdisk l 看LIST所有文件系统 fdisk n 创建分区 fdisk m help fdisk p 查看所有分区 fdisk w 保存分 ...

  2. winform中button的image属性无法更改

    在开发一个winform程序的时候,界面中的button的image本来有一个贴图A.后来我觉得不合适,打算换成贴图B. 但是这时问题出现了:虽然我改成了贴图B,在IDE中的预览也是贴图B,但是每次编 ...

  3. JConsole监控远程Tomcat服务器

    为了解决内存溢出的问题,会用到一些监视内存的工具,jconsole这个工具在jdk1.7自带了.这个工具可以查看系统的堆,非堆,线程,等等的一些整体的情况,从而可以判断出系统的一个大概的性能情况. c ...

  4. C# FileSystemWatcher监听文件事件

    现有一个需求如下:监控某个目录中的文件修改,创建,删除等信息,并记录下来. 这里用到FileSystemWatcher类.由于考虑到文件的写入量会很频率,所以考虑先将监听到的消息记录到内存中. 监听部 ...

  5. oracle 科普

    Schem定义 A schema is a collection of database objects (used by a user.). Schema objects are the logic ...

  6. Events with Dojo(翻译)

    In this tutorial, we will be exploring dojo/on and how Dojo makes it easy to connect to DOM events. ...

  7. navicat连接My SQL时忘记root密码处理方法

    前端时间安装完My SQL5.6以后很长时间没用过,用navicat连接时有错误提示 应该是密码错误了,但是忘记了root的密码. 在网上找了很久,终于找到修改root密码的方法并修改成功. 1. 关 ...

  8. Files 的值“ < < < < < < < .mine”无效。路径中具有非法字符。

    出现这个问题的原因是,用svn时,发生了冲突.解决方法:先解决代码冲突,然后在你的工程OBJ/DEBUG目录下,找到 工程名.csproj.FileListAbsolute.txt的文件打开并删除含有 ...

  9. mongodb配置文件

    启动MongoDB有2种方式,一是直接指定配置参数,二是指定配置文件.这里先介绍配置文件,启动方式如下: 1.mongod --config /etc/mongodb.conf 配置如下: verbo ...

  10. ArcGIS Engine中的8种数据访问 (转)

    数据是GIS的基础, 访问数据也是进行任何复杂的空间分析及空间可视化表达的前提.ArcGIS支持的数据格式比较丰富,对不同的数据格式支持的程度也有很大差异.本文主要介绍一下以下八种数据格式在ArcGI ...