Recently we've had problems with iPhone 4 (can't get e-mail messages out). As I understand the best method to get these is JZ's. So as we are LE, I wrote to Zdziarski through
How long it takes him to answer? I think some guys in this forum should know that.
Thank in advance.
Hi Marec4
JZ is currently working on a method to decrypt the e-mail messages.He is based in the US and gets a lot of requests to deal with so you will get a responce eventually.
Regards Tony
As far as I am aware the JZ method is only working for iPhone 3 / 3GS and not iPhone 4?
Correct me if I am wrong!
Using the Zdziarski method on ubuntu you can do a logical extraction of data from an iphone 4 up to but not including firmware version 4.2.1
regards tony
Using the Zdziarski method on ubuntu you can do a logical extraction of data from an iphone 4 up to but not including firmware version 4.2.1
regards tony
Ah, so just not iOS then. Maybe thats where I'm getting my confusion!
Thanks.
If you want to get in touch with him you could always try talking to him on Twitter.
I tried emailing directly and through
Maybe someone from this forum could send me JZ-tools for iPhone, if i prove that I am LE. I could send same email with credentials as I sent to JZ. I can't see any restriction in
That will not work.
In order to set the new tools up (Mac ones) you will need login credentials to download additional material. The Ubuntu ones could in theory be shared but I doubt anyone would be willing to do that as there is a level of trust with the tools.
Marec4,
I am in LE too and if I may give you some advice, don't wait for JZ… We've sent 5 investigators to his iPhone Forensics training in the last year. His classes were correct, but the problem is that after the training, he NEVER replied to our emails when we needed help (and we've sent a bunch).
Basically, his scripts are great when you encounter an iOS device that fits exactly in the specs of his working scripts. Aside from that, you're on your own…
Also know that all his iPhone 4 scripts are all marked as "Experimental" so basically, you're even more on your own as I haven't been able to extract any data with those experimental scripts yet. His documentation available on his restricted-access website is detailed, but outdated.
Just to make things clear, my post is not just to rant against JZ. I know he's great, but before investing (lots of) time and money in learning his technique, I thought you might want to know what you're getting into. If we had known about the lack of post-training support and current documentation beforehand, we wouldn't have gone with the training.
Right now we are looking for an alternative to the JZ method and we will probably buy a licence of FTS iXAM product.