OS X Anti-Forensics Techniques 2 - Assaulting OS XContinuing the review of Mac OS X in the context of anti-forensics methodology, the Grugq delves here into file system attacks, in particular focusing on exploitable aspects of HFS+. The researcher provides an analysis of this file system’s components and makes an insight into the essence of B*tree nodes and data forks, singling out the ways to use those while conducting HFS+ attacks.
Source:
OS X Anti-Forensics Techniques 2 - Assaulting OS X
