Author Archives: Jonathan Zdziarski

About Jonathan Zdziarski

Respected in his community as an iOS forensics expert, Jonathan is a noted security researcher, penetration tester, and hacker. Author of many books ranging from machine learning to iPhone hacking and software development, Jonathan frequently trains many federal and state law enforcement agencies in digital forensic techniques and assists law enforcement and the military in high profile cases. Jonathan is also inventor on several US patent applications, father of DSPAM and other language classification technology, and an App Store developer. All opinions expressed on this website are the author's own. Follow Jonathan on Twitter: @JZdziarski

Shellshock OpenSSH restricted shell RCE/PE Proof of Concept

Synopsis: The sshd daemon used in OpenSSH supports a ForceCommand directive, allowing shell logins to be restricted to specific commands. This is often used in configuring sshd for cvs/git accounts, restricted shells, or management scripts. The ForceCommand directive can be … Continue reading

Posted in Security | Comments Off

The Politics Behind iPhone Encryption and the FBI

Apple’s new policy about law enforcement is ruffling some feathers with FBI, and has been a point of debate among the rest of us. It has become such because it’s been viewed as just that – a policy – rather than … Continue reading

Posted in Forensics, iPhone, Politics, Security | Comments Off

iOS 8 Protection Mode Bug: Some User Files At Risk of Exposure

Apple’s recent security announcement suggested that they no longer have the ability to dump your content from iOS 8 devices: “On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, … Continue reading

Posted in Forensics, iPhone, Security | Comments Off

Ballistic Has Been Acquired

To my fantastic Ballistic customers, It’s been an incredible six years watching Ballistic grow from a humble trajectory computer to top the charts as the App Store’s most popular field firing system. Ballistic has grown organically – a rarity in … Continue reading

Posted in General | Comments Off

Your iOS 8 Data is Not Beyond Law Enforcement’s Reach… Yet.

In a recent announcement, Apple stated that they no longer unlock iOS (8) devices for law enforcement. “On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under … Continue reading

Posted in Forensics, iPhone, Security | Comments Off

An Open Letter to Tim Cook and Apple’s Security Team

Greetings! You may not know me, but you probably know my research over the years. I’ve been researching security on Apple devices since 2007, when iPhone first came out, and even helped put together the very first jailbreaks. I’ve assisted law … Continue reading

Posted in iPhone, Security | Comments Off

Is Apple’s new 2FA Really Secure? (Answer: It’s Pretty Solid)

I’ve recently updated my TL;DR regarding the recent celebrity iCloud hacks. I now summarize Apple’s latest changes to improve their 2-factor authentication (2FA) . Apple has implemented not just a band-aid, but a very good security solution to protect iCloud accounts, by … Continue reading

Posted in Forensics, iPhone, Security | Comments Off

Apple Should Have Abandoned NFC and Acquired LoopPay Instead

Is it OK to admit that NFC exists now? Apple’s latest iPhone models now incorporate the near-field communications technology that’s been around in Android phones for a few years… and a little too late, according to many experts. Over a year … Continue reading

Posted in iPhone | Comments Off

Apple Addresses iOS Surveillance and Forensics Vulnerabilities

After some preliminary testing, it appears that a number of vulnerabilities reported in my recent research paper and subsequent talk at HOPE/X have been addressed by Apple in iOS 8. The research outlined a number of risks for wireless remote … Continue reading

Posted in Forensics, iPhone, Security | Comments Off

Delighted

The Nubble Lighthouse in Cape Neddick, ME sits on Nubble Island, just off shore. It’s one of Maine’s most beautiful lighthouses, and if you come at the right time of day, you can get right down onto the rocks near … Continue reading

Posted in Photography | Comments Off