Impressions: Android Forensics

My final book in this batch is Android Forensics by Andrew Hoog. Due to the nature of Android and the author's experience with it, this book has a lot of great content. (In contrast, on page xiii, the author thanks iPhone and iOS Forensics co-author Katie Strzempka "for generally taking care of that other book." Hmm, maybe I should have known that before trying to assess that "other book?")

My only real concern with this book is that it might lack the focus required by a normal investigator. I'm sure many investigators simply want to know where to find key data (email, Web history, etc.) and then retrieve and analyze it in a forensically sound manner. It's the "so what" question that hangs over many forensics books. I would have liked a case study focusing on that sort of material to show how an investigator would make sense of the data and structures unearthed by the author throughout the book.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics