Hi, everyone. I’m a 3rd year student researching into the iphone for my dissertation, could anyone advise me to whether the same jail braking methods used for older Iphone OS's work for the newer 3GS model and v3 OS? based on Zdziarski's work.

As well as this, I’m struggling to find mobile software, any suggestions for any free or educational copies? My university is too focused on buying NEW MACs (AGAIN) for the art students than software or hardware for the Forensic Students.  

could anyone advise me to whether the same jail braking methods used for older Iphone OS's work for the newer 3GS model and v3 OS? .

Jailbreaking an iPhone isn't really that difficult... It would depend on what firmware and baseband the iphone has also.

There are enough tutorials on the net (hackthatphone.com has a good flow chart that should steer you right), with Mac and PC based software to do this. (redsn0w, blackra1n, spirit, sn0wbreeze).
Try it and see.

based on Zdziarski's work

Zdziarski technique is probably not the most forensically valid way to obtain a bit-by-bit copy of the original media. It may be attested that the Zdziarski technique performs a bit-by-bit copy of the iPhone’s user partition & that the so called forensic recovery RAM disk is loaded onto the iPhone’s read-only system partition. This makes me wonder. Iphone is now capable of running dual OS- with Android. I wonder how much of the user partition gets pushed with Android installed , or would doing the Zdziarski technique on a dual OS iphone install the payload onto the read-only partition of the Android OS..who knows. What I recall at a recent AusCert conference, a US Secret Service Agent conducted a talk on Cell Phone and Embedded Technology Forensics & didn't think too highly of Zdziarski technique.  

- Robbo747

could anyone advise me to whether the same jail braking methods used for older Iphone OS's work for the newer 3GS model and v3 OS? .

Jailbreaking an iPhone isn't really that difficult... It would depend on what firmware and baseband the iphone has also.

There are enough tutorials on the net (hackthatphone.com has a good flow chart that should steer you right), with Mac and PC based software to do this. (redsn0w, blackra1n, spirit, sn0wbreeze).
Try it and see.

based on Zdziarski's work

Zdziarski technique is probably not the most forensically valid way to obtain a bit-by-bit copy of the original media. It may be attested that the Zdziarski technique performs a bit-by-bit copy of the iPhone’s user partition & that the so called forensic recovery RAM disk is loaded onto the iPhone’s read-only system partition. This makes me wonder. Iphone is now capable of running dual OS- with Android. I wonder how much of the user partition gets pushed with Android installed , or would doing the Zdziarski technique on a dual OS iphone install the payload onto the read-only partition of the Android OS..who knows. What I recall at a recent AusCert conference, a US Secret Service Agent conducted a talk on Cell Phone and Embedded Technology Forensics & didn't think too highly of Zdziarski technique.

Robbo747 some very useful observations you have included in your reply.
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup 

some very useful observations

I wouldn't discount Zdziarski technique if all your after is a bit-by-bit copy of the iPhone’s user partition. This method was given the highest rating, when compared to using other tools, employing the so-called "find-the-evidence-button"- search for a white paper on iPhone Forensics by Andrew Hoog & Kyle Gaffaney at viaforensics.com.

But one would need to be mindful, as anything is possible in computer forensics world, that a crim could also store data in the partitioned area of an iphone where a payload is placed, just as it is possible to hide data in any NTFS file system.  

I actually have a iPhone 3GS running 3.1.3 using the old boot rom. This has caused me a lot of grief trying to jailbreak it. Most methods work on older phones, but I have only found one which works on mine, which is an untethered method.  

I have a 3GS running the new boot ROM with the spirit jail break avaliable from www.spiritjb.com.

Very useful jailbreak which doesn't brick the phone works on 3.1.2 and 3.1.3 no problem, I've also used it on an old and new touch, an old 3g and an old boot rom 3gs. Would definatly recomend it but don't forget this will alter the phone when adding the cydia app and the phone will be overwritting data everytime you allow it to update the internal directory of its added sources. Investigator beware!  

- stezer2000

I have a 3GS running the new boot ROM with the spirit jail break avaliable from www.spiritjb.com.

Very useful jailbreak which doesn't brick the phone works on 3.1.2 and 3.1.3 no problem, I've also used it on an old and new touch, an old 3g and an old boot rom 3gs. Would definatly recomend it but don't forget this will alter the phone when adding the cydia app and the phone will be overwritting data everytime you allow it to update the internal directory of its added sources. Investigator beware!

That was actually the method I was referring to. It's magic!