Email Forensic.pdf

Full Transcript

Email Forensic
❖ Bob Sending an Email to Alice.
❖ Both Send and Receive email using Mail User Agent (MUA) over SMTP.
❖ Mail Transfer Agent on the mail server sends and receives the emails.
❖ Email sending server uses MTA while the Email reserving server uses MDA (Mail
Delivery Agent) POP3/IMAP.
❖ Email address consist of the three parts.
Email Forensic
Email Forensic
 Email Forensic
❖ Mail User Agent (MUA):
Desktop-Based application that enables users to read ,write ,compose and send emails
from their configured email address.

Common used Email Clients :
Client Server : Microsoft OutLook ,Mozilla ThunderBird.
Web Server :Gmail,Yahoo (over HTTPS and HTTP Port :443/80).

❖ Mail Transfer Agent:
It is a Mail Server that accepts Mail from the sender and routes them to the destination
Eg:Sendmail,Exim,Postfix.
 Email Forensic
❖ Mail Delivery Agent:
It is responsible for receiving an email message from MTA
Store them in mail box of the recipient
Eg:Dovecot.

❖ SMTP(Simple Mail Transfer Protocol):
SMTP allows the user to send emails to valid email address
Whenever a user send Email from the Server End it host a SMTP Server and it interacts
with the receivers host SMTP Server through port number 25.
 Email Forensic
❖ POP3(Post Office Protocol):
It receives mail from the sender's mail server.
It handles the incoming mails from the sender on the port number 110.

❖ IMAP (Internet Message Access Protocol):
Internet protocol designed for accessing Email on Mail Server
Its listed on port number 993
Email Forensic
Email Forensic
 Email Forensic
SMTP Terminology :
1. Connection Establishment.
2. Message Transfer.
3. Connection Termination.
 Email Forensic
❖ SMTP Commands :

HELO and EHLO -
The HELO Command that initiate a new protocol session between client and server
The EHLO Command request them to respond with an optional SMTP extension it support

MAILFROM -
The Command to initiate sending an Email message or to identify sender

RCPT-
Identify intended recipient
 Email Forensic
SMTP Commands :

DATA -
The DATACommand that indicates the transmission of the email message

“.” -
The Command is to represent a termination character to signify the end of the mail.

RSET-
The command is use to re-establish the connection if the encounter or error.
 Email Forensic
SMTP Commands :

QUIT -
Terminates the Protocol Session.
Email Forensic
 ATTACKS
Unauthorized access to your emails and data leakage

Cybercriminals might try to get access to your SMTP server that all the outgoing mail goes
through. This is done by breaking your authentication procedures with more or less
sophisticated methods. When in, unwanted visitors can access your emails and use them to
their advantage, by for example leaking your users’ data or stealing confidential information
you were sending to coworkers.
Spam and Phishing

When fraudsters are able to access your SMTP server, they’re also likely to use it to send
unauthorized messages to both your contacts and external accounts (this is known as using
your server as an Open Relay). This is done to send spam which, when sent from your
legitimate and (likely) well-known domain, might be quite successful. Or, even worse,
your server can be used to send malicious emails, for example requesting your users share
their login credentials or credit card numbers.
Malware

Attackers commonly use the vulnerabilities of SMTP to spread malicious software to the
recipients of your email but also in your own infrastructure. These can be viruses, Trojan
horses or any other types of worms that are then used to obstruct operations, gain access to
servers, change privileges and access secure data. If not fought with sufficient force,
malware might continue spreading, infecting more and more servers and users.
DoS attacks

If all of the above didn’t seem serious, cybercriminals can also use your SMTP server to
perform a Denial-of-Service (DoS) attacks. This basically means flooding other servers
with a huge amount of emails to affect their performance or even cause a crash. DoS can
also be used to flood an inbox to hide any warning messages about security breaches to a
server. Whatever a DoS attack’s purpose, it’s never good.
Web servers are where websites are stored. They are computers that run an operating
system and are connected to a database to run multiple applications. A web server’s
primary responsibility is to show website content by storing, processing, and distributing
web pages to users.

Web Server Attack:

Any attempt by a malicious actor to undermine the security of a Web-based application is
referred to as a Web Application Attack or Web Server Attack. Web application attacks can
either target the application itself in order to get access to sensitive data, or they can use
the application as a staging area for attacks against the program’s users.
There are some of major Web Attacks:
Denial-of-Service (DoS) / Distributed Denial-of-service (DDoS)
Web Defacement Attack
SSH Brute Force Attack
Cross-site scripting (XSS)
Directory Traversal
DNS Server Hijacking
MITM Attack
HTTP Response Splitting Attack
DENIAL-OF-SERVICE (DOS) / DISTRIBUTED DENIAL-OF-SERVICE (DDOS):
Denial of Service is when an internet hacker causes the web to provide a response to a
large number of requests. This causes the server to slow down or crash and users
authorized to use the server will be denied service or access. Government services, credit
card companies under large corporations are common victims of this type of attack
WEB DEFACEMENT ATTACK: In a Web Defacement Attack, the hacker gains access
to the site and defaces it for a variety of reasons, including humiliation and discrediting the
victim. The attackers hack into a web server and replace a website hosted with one of their
own.
DIRECTORY TRAVERSAL: Directory Traversal Attack is usually effective on older
servers with vulnerabilities and misconfiguration. The root directory is where web pages
are stored, however, in this attack, the hacker is after directories outside of the root
directory.

SSH BRUTE FORCE ATTACK: By brute-forcing SSH login credentials, an SSH Brute
Force Attack is performed to attain access. This exploit can be used to send malicious files
without being noticed. Unlike a lot of other tactics used by hackers, brute force attacks
aren’t reliant on existing vulnerabilities
CROSS SITE SCRIPTING (XSS): This type of attack is more likely to target websites
with scripting flaws. The injection of malicious code into web applications is known as
Cross-Site Scripting. The script will give the hacker access to web app data such as
sessions, cookies, and so on.
DIRECTORY TRAVERSAL: Directory Traversal Attack is usually effective on older
servers with vulnerabilities and misconfiguration. The root directory is where web pages
are stored, however, in this attack, the hacker is after directories outside of the root
directory.
 MEASURES
Keep your system up to date: Not updating the software regularly makes it weaker and
leaves the system more vulnerable to attacks. Hackers take advantage of these flaws, and
cybercriminals take advantage of them to get access to your network.

Prevent connecting to the public WiFi network: An unsecured Wi-Fi connection can be
used by hackers to spread malware. If you allow file-sharing across a network, a hacker can
simply infect your computer with tainted software. The ability of a hacker to put himself
between you and the connection point poses the greatest threat to free Wi-Fi security.
 MEASURES
Install Anti-virus, and update it regularly: Antivirus software is designed to identify,
block, and respond to dangerous software, such as viruses, on your computer. Because
computers are continuously threatened by new viruses, it is critical to keep antivirus software
up to date. Anti-virus updates include the most recent files required to combat new threats
and safeguard your machine. These signature files are provided on a daily basis, if not more
frequently
Backup your data: The fundamental purpose of a data backup is to keep a safe archive of
your vital information, whether it’s classified documents for your business or priceless
family photos so that you can quickly and effortlessly recover your device in the event of
data loss. Backup copies allow data to be restored from a previous point in time, which can
aid in the recovery of a business after an unanticipated occurrence. Protecting against
primary data loss or corruption requires storing a copy of the data on a secondary medium.

Install a Firewall: Firewalls defend your computer or network from outside cyber
attackers by filtering out dangerous or superfluous network traffic. Firewalls can also
prevent harmful malware from gaining internet access to a machine or network.
How To Protect Yourself from Email Attacks?
1. Be cautious when opening emails from unknown sources.
2. Look for signs of phishing, such as spelling errors, suspicious links or attachments,
and requests for personal information.
3. Use strong passwords and two-factor authentication to protect your email account.
4. Keep your computer and software up-to-date with the latest security patches.
5. Use antivirus and anti-malware software to detect and prevent email attacks.
 SECURITY
There are many Email Security Gateway solutions available. Some are targeted towards
enterprise users looking for granular admin controls and advanced functionality. Some are
better suited for smaller businesses looking for an easy to use platform with a good price
point. Email Firm Provides Best Email Security Services for On-Premises or Hosted
Email.
 SPAM
❖ Jumping to the history of the viruses, SQL SLAMMER affected 75000 users
in just 10 minutes. These viruses are disguised in a form like a word doc or a.exe file attachment. When the user tries to open it, he grants access to the
hackers unknowingly.

❖ SIRCAM mentioned in history not only affected the systems but also revealed
personal files, which were confidential. Then comes the most popular virus
CODE RED, this virus affected all the web pages. This virus got inserted and
executed into memory. This virus was said to be the most sophisticated virus.
The history of spam emails can be tracked to 1978, when the first commercial ad was sent
to 400 users of ARPANET. At the time, the total number of users on the network was
2,600, meaning that this email reached 15% of the global online population.

The email was sent by Digital Equipment Corp. marketer Gary Thuerk, who saw this as
an opportunity to promote his company’s computer products. All ARPANET users at the
time were listed in a physical directory and Thuerk’s team used that as a source list.
Although there were some responses, the impression was mainly negative
 SPAM
Spam is most frequently associated with email but can also be sent via social media and
text messages. By definition, it is any type of digital communication that is unwanted or
unsolicited regardless of the channel through which it is sent. Spam emails and messages
are often sent in bulk, usually with a purpose to promote goods or services of dubious
origin and quality.

Besides these relatively harmless but highly annoying ads, there are different types of
scam emails looking to trick you into revealing your personal data to hackers. Due to their
increasingly sophisticated nature, scam emails may not always be easy to identify, and this
is why they are serious threats in the online world.
PROXY :

A proxy is essentially made up of a server that acts as an intermediary force or a “gateway”
between you and the internet connection. So when you are connected to a proxy server,
you are essentially operating a three-way connection that is made up of your computer, the
proxy server, and the destination you are navigating to. Let’s say there is a website that has
limited your access to its domain.

How exactly would a proxy help you?
When you are connected to a proxy server and try to reach a website, your data packets are
initially sent to the proxy server instead of the destination.then this server will act on your
behalf and will send the data over. When the response comes back from the blocked
domain, it also returns to the proxy server, which will then replicate it for you.

The main difference from a VPN here is in the fact that a VPN allows you to fully assume
their server and use it as if it’s your own, whereas proxies are more like middlemen.
Proxy chaining is a more elaborate process that involves using a proxy server to proxy into
another server and doing this multiple times in order to create enough masking and packet
processing and request layers to ensure your anonymity. A proxy chain has two primary
use cases: first, to make the user anonymous, and second, to make them bypass restricted
blockages that can detect and block regular proxies. Remember when I said when you use
a proxy, it’s like a three-way internet connection with the proxy as the middleman?
Well, a chained proxy is the exact same thing, with the notable difference that we now
have a number of servers in-between as opposed to a single one. As the number of these
intermediary servers increases, it becomes increasingly complex for the firewalls to detect
your proxy and block it.
 PHISHING
Phishing
Phishing is one type of cyber attack. Phishing got its name from “phish” meaning fish. It’s
a common phenomenon to put bait for the fish to get trapped. Similarly, phishing works. It
is an unethical way to dupe the user or victim to click on harmful sites. The attacker crafts
the harmful site in such a way that the victim feels it to be an authentic site, thus falling
prey to it. The most common mode of phishing is by sending spam emails that appear to be
authentic and thus, taking away all credentials from the victim.
 PHISHING
The main motive of the attacker behind phishing is to gain confidential information like

Password
Credit card details
Social security numbers
Date of birth
How Does Phishing Occur?

❖ Clicking on an unknown file or attachment:
❖ Using an open or free wifi hotspot:
❖ Responding to social media requests:
❖ Clicking on unauthenticated links or ads
Email Phishing: The most common type where users are tricked into clicking unverified
spam emails and leaking secret data. Hackers impersonate a legitimate identity and send
emails to mass victims. Generally, the goal of the attacker is to get personal details like
bank details, credit card numbers, user IDs, and passwords of any online shopping website,
installing malware, etc. After getting the personal information, they use this information to
steal money from the user’s account or harm the target system, etc.
Roles of email and common types of attacks :
❖ Suspicious email addresses: Phishing emails often use fake email addresses that
appear to be from a trusted source, but are actually controlled by the attacker. Check
the email address carefully and look for slight variations or misspellings that may
indicate a fake address.
❖ Urgent requests for personal information: Phishing attacks often try to create a
sense of urgency in order to trick victims into providing personal information quickly.
Be cautious of emails or messages that ask for personal information and make sure to
verify the authenticity of the request before providing any information.
❖ Poor grammar and spelling: Phishing attacks are often created quickly and
carelessly, and may contain poor grammar and spelling errors. These mistakes can
indicate that the email or message is not legitimate.
❖ Requests for sensitive information: Phishing attacks often try to steal sensitive
information, such as login credentials and financial information. Be cautious of
emails or messages that ask for sensitive information and verify the authenticity of the
request
❖ Unusual links or attachments: Phishing attacks often use links or attachments to
deliver malware or redirect victims to fake websites. Be cautious of links or
attachments in emails or messages, especially from unknown or untrusted sources.
❖ Strange URLs: Phishing attacks often use fake websites that look similar to the real
ones, but have slightly different URLs. Look for strange URLs or slight variations in
the URL that may indicate a fake website.
Anti-phishing Solutions
Anti-phishing Solutions are software that can help users identify phishing content that may

be present in websites or emails, and block that with a warning to the user. They can scan

users’ emails to identify whether they have been spoofed or not.

Best Anti-phishing Solutions :
❖ Avanan Cloud Email Security
❖ Mimecast Email Security
❖ Proofpoint Email Security
❖ SpamTitan Email Security
 STEGANOGRAPHY
Steganography is the technique of hiding secret data within an ordinary, non-secret, file or
message in order to avoid detection; the secret data is then extracted at its destination. The
use of steganography can be combined with encryption as an extra step for hiding or
protecting data. The word steganography is derived from the Greek words steganos
(meaning hidden or covered) and the Greek root graph (meaning to write).
SOCIAL MEDIA & SURVEILLANCE ADVERTISING

Social media companies—and in particular, Facebook—collect vast quantities of personal
data in order to “micro target” advertisements to users. This practice, also known as
surveillance advertising or behavioral advertising, is deeply harmful to privacy, the flow of
information, and the psychological health of social media users.
Social networking sites vary in the levels of privacy offered. For some social networking sites
like Facebook, providing real names and other personal information is encouraged by the site
(onto a page known as a 'Profile'). This information usually consists of the birth date, current
address, and telephone number(s). Some sites also allow users to provide more information
about themselves such as interests, hobbies, favorite books or films, and even relationship
status. However, there are other social network sites, such as Match.com, where most people
prefer to be anonymous. Thus, linking users to their real identity can sometimes be rather
difficult.
An overview of social media analytics
Practitioners and analysts alike know social media by its many websites and channels:
Facebook, YouTube, Instagram, Twitter, LinkedIn, Reddit and many others.

Social media analytics is the ability to gather and find meaning in data gathered from
social channels to support business decisions — and measure the performance of actions
based on those decisions through social media.

Social media analytics is broader than metrics such as likes, follows, retweets, previews,
clicks, and impressions gathered from individual channels. Social media analytics uses
specifically designed software platforms that work similarly to web search tools. Data
about keywords or topics is retrieved through search queries or web ‘crawlers’ that
span channels. Fragments of text are returned, loaded into a database, categorized and
analyzed to derive meaningful insights.
Cyberbullying is bullying with the use of digital technologies. It can take place on social
media, messaging platforms, gaming platforms and mobile phones. It is repeated
behaviour, aimed at scaring, angering or shaming those who are targeted. Examples
include:

spreading lies about or posting embarrassing photos or videos of someone on social
media
sending hurtful, abusive or threatening messages, images or videos via messaging
platforms
impersonating someone and sending mean messages to others on their behalf or
through fake accounts.
Online harassment is also known as cyber aggression, cyberbullying, cyber-harassment,
cyberhate, cyber victimization and deviant online behaviour. It takes place in contexts such as
social media (Facebook, Instagram, Snapchat, TikTok, and Twitter), SMS, instant messaging
(via devices, email provider services, apps, and social media messaging features) and email.
Online harassment can be defined as the use of information and communication technologies
by an individual or group to repeatedly cause harm to another person.
This may involve threats, embarrassment, or humiliation in an online setting. This includes
expressions of discriminatory attitudes and beliefs—such as sexism, racism, It also includes
online sexual harassment, cyberstalking, and image based sexual abuse or other unwanted
online conduct of a sexual nature.
In Cyber Stalking, a cyber criminal uses the internet to consistently threaten somebody.
This crime is often perpetrated through email, social media, and the other online medium.
Cyber Stalking can even occur in conjunction with the additional ancient type of stalking,
wherever the bad person harasses the victim offline. There’s no unified legal approach to
cyber Stalking, however, several governments have moved toward creating these practices
punishable by law. Social media, blogs, image sharing sites and lots of different ordinarily
used online sharing activities offer cyber Stalkers with a wealth of data that helps them
arrange their harassment
How to Manage Your Privacy Settings on Social Media

1. Review Your Current Privacy Settings

2. Check Who Can See Your Posts

3. Check What Others See on Your Profile

4. Update Your Friend List

5. Restrict Access From Third-Party Apps
6. Scrutinize Your Location-Sharing Settings

7. Consider What's in Your Profile and What You Share

8. Add a Calendar Reminder to Review Your Settings Again

9. Read Each Site's Privacy Policy

10. Password

11. Two Factor Authentication
Different Types of Wireless Devices

Wireless technology describes electronic devices that communicate without cords
using radio frequency signals. Wireless technology is used in a variety of modern
device to provide convenience and greater mobility, and wireless devices play an
important role in voice and Internet communications.
 Wireless Router

A wireless router is a device that accepts an incoming Internet connection and sends data
as RF signals to other wireless devices that are near the router. Wireless routers are used to
connect wireless-enabled computers and other devices to the Internet. A network set up
with a wireless router is sometimes called a wireless local area network (WLAN.). Many
routers have built-in security features such as firewalls which help protect devices
connected to the router against malicious data, such as computer viruses.
Wireless Adapters

Wireless adapters are hardware devices installed inside computers that enable wireless

connectivity. If a computer does not have a wireless adapter, it will not be able to connect

to a router in order to access the Internet. Some computers have wireless adapters built

directly into the motherboard while it is also possible to install stand-alone wireless

adapters to add wireless capability to a computer that did not come with an adapter built in.

Wireless Repeater

A wireless repeater is a wireless networking device that is used to extend the range of a
Wireless Phones

Cellular and cordless phones are two more examples of device that make use of wireless

signals. Cordless phones have a limited range, but cell phones typically have a much larger

range than local wireless networks, since cell phone providers use large

telecommunication towers to provide cell phone coverage.Satellite phones make use of

signals from satellites to communicate, similar to Global Positioning System (GSP)

devices.
Other Devices

Anything that uses radio signals to communicate can be considered a wireless device.

Common devices, such as garage door openers, baby monitors, certain video game

consoles and walkie-talkies, make use of wireless technology.
Credit Card Frauds
This era belongs to technology where technology becomes a basic part of our lives
whether in business or home which requires connectivity with the internet and it is a big
challenge to secure these units from being a sufferer of cyber-crime. Wireless credit card
processing is a tremendously new service that will enable an individual to process credit
cards electronically, virtually anywhere. It permits corporations to process transactions
from mobile locations quickly, efficiently, and professionally and it is most regularly used
via organizations that function in general in a cellular environment.

Nowadays there are some restaurants that are using wifi processing tools for the safety of
their credit card paying customers. Credit card fraud can take place when cards are
misplaced or stolen, mails are diverted by means of criminals, employees of a commercial
enterprise steal some consumer information.
Techniques of Credit Card Frauds :
1. Traditional Techniques :
Paper-based Fraud –
Paper-based fraud is whereby a criminal makes use of stolen or faux files such as
utility payments and financial institution statements that can construct up beneficial
Personally Identifiable Information (PII) to open an account in anybody else’s
name.
Application Fraud –
1. ID Theft :
Where a person pretends to be anybody else.
2. Financial Fraud :
Where a person offers false data about his or her monetary reputation to
gather credit.
2. Modern Techniques :
Skimming to Commit Fraud is a kind of crime in which dishonest employees make
unlawful copies of credit or debit cards with the help of a ‘skimmer’. A skimmer is a
gadget that captures credit card numbers and other account information which should be
personal. The data and records held on either the magnetic stripe on the lower back of the
deposit card or the records saved on the smart chip are copied from one card to another.
Challenge In Mobile Device
1. Application based threat:
Malware
Spyware
Privacy
Zero Day Vulnerabilities

2. Web based threat:
Phishing Scams
Social Engineering
Drive By Downloads
Operating System Flaws
3. Network-based threat:
Network exploits

4. Physical Threats:
Loss/Theft:
Loss or theft is the most unwanted physical threat to the security of your mobile
device. Any devices itself has value and can be sold on the secondary market after
all your information is stolen and sold.
❖ Registry Setting for mobile device authentication service security.
If you are an avid Windows OS user, you might be aware of the term Registry. The
Registry or Windows Registry is the database that stores the low-level settings of the
operating system and its applications that support registries.

It contains all the information of the software and hardware installed on the system. Users
can access and configure the settings of Registries by launching the Registry Editor tool of
Windows OS.

❖ The registries can be considered as the DNA of the Windows devices.
❖ Mobile phone camera and microphone hacking.
Update Your Software and Firmware

Updating software and firmware is critical to staying on top of your digital security.
Sometimes manufacturers will roll out updates automatically to help keep consumers safe
when serious flaws are identified. In other cases, you may need to take additional steps to
ensure you’re protected.

“Don’t wait until you hear about a problem to look for updates, and install security updates
immediately,” Feng says. Turn on automatic updates or check for updates frequently.
❖ On screen keyboards keyloggers.

The term Keylogger is a combination of “Key” and “Log”. It is a type of monitoring
software or monitoring hardware which is designed to record keystrokes or keyboard
input made by a user. Keylogger records the user's keystrokes input and sends them to
third party or cyber criminals.
Cryptographic Security for Mobile Devices

LDAP Security for Hand-Held Mobile Computing Devices

LDAP is a software protocol for enabling anyone to locate individuals, organizations and
other resources such as files and devices on the network/ In a network, a directory tells you
where an entity is located in the network. LDAP is a light weight (smaller amount of
code) version of Directory Access Protocol (DAP) because it does not include security
features in its initial version. Centralized directories such as LDAP make revoking
permissions quick and easy.
Media Player Control Security

Given the lifestyle of today's young generation, it is quite common to expect them
embracing the mobile hand-held devices as a means for information access, remote
working and entertainment. Music and video are the two important aspects in day-to-day
aspects for the young generation. Given this, it is easy to appreciate how this can be a
source for cybersecurity breaches. Various leading software development organizations
have been warning the users about the potential security attacks on their mobile devices
through the "music gateways."
There are many examples to show how a media player can turn out to be a source of threat
to information held on mobile devices. For example, in the year 2002 , Microsoft
Corporation warned about this.According to this news item, Microsoft had warned people
that a series of flaws in its Windows Media Player could allow a malicious hacker to hijack
people's computer systems and perform a variety of actions. According to this warning
from Microsoft, in the most severe exploit of a flaw, a hacker could take or over a
computer system and perform any task the computer's owner is allowed to do, such as
opening files or accessing certain parts of a network.
As another example, consider the following news item of the year 2004 : corrupt files
posing as normal music and video files could allow an attacker to gain control of the
downloader's computer. With this happening, there are three vulnerabilities:

(a) files could be created that will open a website on the user's browser (e.g, the user could
be accessing from his/her hand held device) from where remote JavaScript can be
operated;
Attacks On Mobile

❖ Mobile Theft
❖ Mobile Viruses
❖ Bluetooth Attack
Mobile Device
❖ Security implementation for Organization
❖ Managing Diversity and Proliferation of Hand-Held Device
❖ Lost and Stolen Device
❖ Protecting Data and Lost Devices
❖ Importance of Security Policies related to Mobile Computing Device
❖ Operating Guidelines for Implementation Mobile Device Security Policies
❖ Operating Policies for the Use of Mobile Hand-Held Device
Laptops:
❖ Physical Security Countermeasures
Android is the best-selling open-source Linux-based operating system among various
mobile platforms across the globe. Hundreds of millions of mobile devices are powered by
Android in more than 190 countries of the world. It conquered around 75% of the global
market share by the end of 2020, and this trend is growing bigger every other day.
IOS is a Mobile Operating System that was developed by Apple Inc. for iPhones, iPads,
and other Apple mobile devices. iOS is the second most popular and most used Mobile
Operating System after Android.
The structure of the iOS operating System is Layered based. Its communication doesn’t
occur directly. The layer’s between the Application Layer and the Hardware layer will help
for Communication. The lower level gives basic services on which all applications rely
and the higher-level layers provide graphics and interface-related services. Most of the
system interfaces come with a special package called a framework.
A framework is a directory that holds dynamic shared libraries like.a files, header files,
images, and helper apps that support the library. Each layer has a set of frameworks that
are helpful for developers.
Blackberry is communication device that was developed in the year 1999 by Research in
Motion (RIM) company. Blackberry Technology contains games, contacts, clock,
reminders and various applications such as PowerPoint and features of receiving and
sending calls and messages. It allows sending and receiving mails and surfing internet.
Blackberry is integrated into email system of enterprise with the help of software package
called BES or Blackberry Enterprise Server.
Android Architecture
IOS Architecture
Blackberry Architecture
JAILBREAKING

Rooting, cracking, or jailbreaking a mobile device, in practice, is essentially the same
thing. Essentially, rooting is the term used for modifying Androids while jailbreaking is the
term used for iPhones.

Jailbreaking or rooting means removing software restrictions that are intentionally put in
place by the device manufacturer. This process, basically, opens a door of a locked-down
electronic device to install software other than what the manufacturer has made available
for that device. Additionally, when you jailbreak or root your phone or tablet, it allows you
to gain full access to the root of the operating system and access all the features.
ADB & Fastboot Drivers:
If you want to flash or install any file on an Android phone using a PC then you definitely
need both drivers. These driver helps to connect the Phone with the PC. If you haven’t
installed any of the drivers then the Computer will not detect the phone. ADB & Fastboot
drivers are used in the case of:

Unlocking Bootloader
Installing TWRP Recovery
Rooting an Android phone
Flashing any zip file
Installing custom ROMs
Fixing Bootloop issues
Flashing Fastboot ROM
ADB & Fastboot Commands

So if you are looking forward to modifying your Android phone then you should
install ADB & Fastboot drivers first. You can install these drivers on your Windows
7, Windows 8, Windows 10, and Windows 11 very easily.
Where is app data stored on Android phone?

Many users tend to ask this question: Android stores the app data differently than desktop

operating systems. You can find the app data in the /data/data/ in the

internal storage of your Android device. It is also known as shared storage, where you can

access all the apps downloaded from APK files or Playstore. App developers tend to

assign the package names. Hence, if you're searching for a file named magicstar, you can

access it under /data/data/.