" F-Response is an innovative, enabling and efficient solution for realizing Enterprise functionality and extending your existing arsenal. "
Andrew Rosen, President ASR Data - www.asrdata.com
F-Response and Android PDF Print E-mail
Blog Posts

We are tremendously excited to tell you about our newest supported platform, Android!.

We've worked long and hard to bring the simplicity of F-Response direct device access to the Android platform and couldn't be happier with the results.

Simply put, provided you have root access to an Android based device (ARM processor) Consultant and Enterprise customers can execute the F-Response Android build and gain direct access to the MTD (Memory Technology Devices) that make up the storage core of Android.

As you can imagine this opens up F-Response to a dizzying array of potential devices including cell phones, e-readers, television sets, set-top boxes, tablets, and more. Best of all the process is very much like using F-Response CE or EE on any non-Windows based environment making for a very small learning curve for existing customers.

We've got a short video posted below that outlines the process used to deploy and execute F-Response on an Android based Tablet device, in this instance we have already obtained root access to the device and we are using the popular and free Android Debug Bridge to access the device natively.

Let's get started!



Now that you've seen how we access the MTD devices let's go into a little more detail about that MTD devices are, their filesystem, and how they are accessed and managed by the Android Core.

The Android core looks at MTD devices in two distinct ways, MTD_CHAR and MTD_BLOCK. Quite simply Android (and many embedded linux systems) create block device abstractions over top of the raw MTD device. In Android this looks as follows:

MTD Device = /dev/mtd/mtdX and /dev/mtd/mtdXro where X is the numerical indicator of the device

MTD Block Abstraction = /dev/mtdblock/mtdblockX where X matches the numerical indicator of the MTD Device

F-Response uses information from both the raw MTD read-only device and the MTD Block abstraction to give you direct read-only access to the data, which is typically in YAFFS (Yet Another Flash FileSystem) format.

Officially the F-Response Android ARM build will be in the 3.09.09 release of F-Response, however registered Consultant or Enterprise customers interested in getting access to it before the release are welcome to contact us for more details.

Also, if you haven't checked out Andrew Hoog's site on Android Forensics, you should, Andrew is deep in the weeds with Android and I expect we'll see more good things from him going forward.

Thanks and enjoy!

Warmest Regards,

M Shannon, Founder

F-Response

July 21, 2010

 

< Prev   Next >
 

Frequently Asked Questions

    -    Powered by F-Response.    -    Site Design by 723Media