2024-10-31, 14:45–15:30 (Europe/Amsterdam), Main stage
In this talk we’ll examine Apple’s AirDrop functionality from a forensic perspective. We will look at the various forensic artefacts an AirDrop file transfer creates, including unified logs, file metadata, extended attributes and the quarantine database, as well as how to find and analyse them. We will also discuss some of the privacy & security concerns regarding the protocol behind AirDrop.
Talk outline:
- What is AirDrop & how the technology works
- Existing AirDrop security issues
- Forensics artefacts created by an AirDrop transfer
Kinga Kieczkowska is a cyber security consultant with a keen interest in digital forensics. She's passionate about all things cyber security, from building security awareness and culture to security operations and engineering. She currently splits her time between working in security architecture at a bank and consulting through her own consultancy Rada Cyber Security. After hours she blogs about macOS and iOS security on kieczkowska.com.