This presentation will self-destruct in 45 minutes: A forensic deep dive into self-destructing message apps

Presented at DEF CON 21 (2013), Aug. 4, 2013, noon (45 minutes).

Prior to 2013, the phrase 'Self Destructing Message' was most commonly associated with Inspector Gadget, Maxwell Smart, and the occasional Tom Cruise movie. With the advent of smartphone apps like Snapchat, Wickr, and Facebook Poke, the self-destructing message has left the world of 'International Men of Mystery' and arrived to the civilian world by way of smart phone applications. These apps, and others, claim to provide ephemeral or private messaging to assure senders that their messages are burnt after reading.

A message can be encrypted, but that does not make it clandestine or deniable. Through the use of forensic images, packet captures, and API review - we have recovered a wide range of artifacts from messages before, after, and during transmission. We are neutral, fact finding, forensic examiners on a mission. A mission to seek truth and provide you with the results of our deep dive forensic review of self-destructing messaging smartphone apps.


Presenters:

  • Drea London - Digital Forensic Examiner, Stroz Friedberg
  • Kyle O'Meara - Digital Forensic Examiner, Stroz Friedberg
    Kyle O'Meara is a Digital Forensic Examiner in Stroz Friedberg’s Washington, DC office. Mr. O’Meara is part of a national team of examiners skilled in performing forensic acquisitions, preserving data from a variety of electronic sources, and delivering astute analysis. He supports the firm’s electronic discovery cases and also serves as a member of Stroz Friedberg’s incident response practice. His work further entail forming and articulating concise opinions on complex technical matters which ultimately serve as expert testimony in depositions, trials and other proceedings. Prior to joining Stroz Friedberg, Mr. O’Meara was a Network Exploitation and Vulnerability Analyst for the National Security Agency (NSA) providing security guidance to the Army and Air Force. During this time, he performed computer forensics on a 6 month deployment to Iraq and served as a lead cryptanalyst for discovering malicious and vulnerable content in computer network operation projects. Mr. O'Meara holds a Master's of Science in Information Security Policy and Management from Carnegie Mellon University.

Links: