This presentation will self-destruct in 45 minutes: A forensic deep dive into self-destructing message apps

Presented at DEF CON 21 (2013), Aug. 4, 2013, noon (45 minutes)

Prior to 2013, the phrase 'Self Destructing Message' was most commonly associated with Inspector Gadget, Maxwell Smart, and the occasional Tom Cruise movie. With the advent of smartphone apps like Snapchat, Wickr, and Facebook Poke, the self-destructing message has left the world of 'International Men of Mystery' and arrived to the civilian world by way of smart phone applications. These apps, and others, claim to provide ephemeral or private messaging to assure senders that their messages are burnt after reading.

A message can be encrypted, but that does not make it clandestine or deniable. Through the use of forensic images, packet captures, and API review - we have recovered a wide range of artifacts from messages before, after, and during transmission. We are neutral, fact finding, forensic examiners on a mission. A mission to seek truth and provide you with the results of our deep dive forensic review of self-destructing messaging smartphone apps.

Presenters:

• Kyle O'Meara - Digital Forensic Examiner, Stroz Friedberg
  Kyle O'Meara is a Digital Forensic Examiner in Stroz Friedberg’s Washington, DC office. Mr. O’Meara is part of a national team of examiners skilled in performing forensic acquisitions, preserving data from a variety of electronic sources, and delivering astute analysis. He supports the firm’s electronic discovery cases and also serves as a member of Stroz Friedberg’s incident response practice. His work further entail forming and articulating concise opinions on complex technical matters which ultimately serve as expert testimony in depositions, trials and other proceedings. Prior to joining Stroz Friedberg, Mr. O’Meara was a Network Exploitation and Vulnerability Analyst for the National Security Agency (NSA) providing security guidance to the Army and Air Force. During this time, he performed computer forensics on a 6 month deployment to Iraq and served as a lead cryptanalyst for discovering malicious and vulnerable content in computer network operation projects. Mr. O'Meara holds a Master's of Science in Information Security Policy and Management from Carnegie Mellon University.
• Drea London - Digital Forensic Examiner, Stroz Friedberg

Links:

• https://defcon.org/html/defcon-21/dc-21-speakers.html#London
• https://infocon.org/cons/DEF CON/DEF CON 21/DEF CON 21 video and slides/DEF CON 21 - Drea London and Kyle OMeara - This Presentation Will Self-Destruct in 45 Minutes - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=LwW9g_SQn9Y

Similar Presentations:

• Black Hat USA 2010 / App Attack: Surviving the Mobile Application Explosion
• DEF CON 18 (2010) / App Attack: Surviving the Mobile Application Explosion
• AppSec USA 2013 / Wassup MOM? Owning the Message Oriented Middleware