Presentation Title: How the Leopard Hides His Spots - OS X Anti-Forensics Techniques
Presentation Abstract:

Anti-Forensics is the buzzword within forensic circles, and yet there is very little new information on this critical topic. This talk will retrace the core anti-forensic techniques and methodologies, and show how they can be applied to defeat forensic analysis of OS X systems. This talk will include attacks against the OS X file system (HFS+), as well as attacks beyond the file system. There will be 0-day OS X bugs as well as previously unreleased attacks against Microsoft file systems.

If you are a hacker, you’ll discover a new world of data storage, and if you’re a forensic investigator… be prepared to never discover anything again.

About The Grugq

The Grugq is a domain expert consultant on VoIP security, digital forensic analysis and reverse engineering. The Grugq has spent 7 years working with all aspects of information security, from penetration testing to solutions and product development. The Grugq’s career has seen him working for financials, security consulting companies, start-ups and, most recently, founding his own information security company. The Grugq’s information security expertise ranges from penetration testing and source code auditting, through to rootkit technologies and advanced digital forensic analysis and investigation. Since 2001 the Grugq has been involved in active Voice over IP security research, recently completing successful audits for major European and Asian telcos.