O'Reilly just released a new book, iPhone Forensics, Recovering Evidence, Personal Data, and Corporate Assets (US$39.99) by Jonathan Zdziarski.
Any given iPhone is likely to contain sensitive information belonging to its owner, and some types of information that may belong to others: corporate email, documents, and photos, to name a few. As the dark side of such a versatile device becomes more evident, so does the need to recover personal information from it.
In it Zdziarsk details how to perform a forensic analysis of the iPhone, iPhone 3G, and iPod Touch. The book promises to help you:
Determine what type of data is stored on the device
Break v1.x and v2.x passcode-protected iPhones to gain access to the device
Build a custom recovery toolkit for the iPhone
Interrupt iPhone 3G's "secure wipe" process
Conduct data recovery of a v1.x and v2.x iPhone user disk partition, and preserve and recover the entire raw user disk partition
Recover deleted voicemail, images, email, and other personal data, using data carving techniques
Recover geotagged metadata from camera photos
Discover Google map lookups, typing cache, and other data stored on the live file system
Extract contact information from the iPhone's database
Use different recovery strategies based on case needs, and more
While the books is intended for "lawful forensic examination" by corporate security officers, law enforcement personnel, and private forensic examiners, it will undoubtedly be popular with the hacker set.
Let's hope that Apple also orders a copy and fixes some of the exploits.