A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or video game console, everything now connected to Cloud Storage and always in sync.
But there is a limitation, that smartphones can essentially remember deleted information, which poses a huge risk to organizations that issue smartphones to employees and to organizations that don't explicitly disable the use of personal devices for work-related computing.
Researchers at the University of Glasgow found that cloud storage apps that say they send files to the cloud also leave retrievable versions of files on the devices. They tested some cloud-based file storage systems tested included Box, Dropbox and SugarSync on HTC Desire, running Android 2.1, and an iPhone 3S running iOS 3. They found that Smartphone devices which access cloud storage services can potentially contain a proxy view of the data stored in a cloud storage service.
If the cloud storage application has been used to view the files in the cloud and later user has not attempted to clear the cache of recently viewed files, it can potentially provide a partial view of the data without access to the data provider.
As a Forensic Expert, The recovery of cache data from these devices can in some scenarios provide access to further data stored in a cloud storage account.
The results from the experiment have shown that it is possible to recover files from the Dropbox, Box and SugarSync services using smartphone devices. On the HTC Desire, both deleted and available files were recovered. The forensic toolkits recovered nine files from Dropbox, fifteen from Box and eleven from SugarSync. On the iPhone, depending on application and device manipulation either five or seven files were recovered from Dropbox, seven or fifteen from SugarSync and five from Box.
Also meta-data was recovered from all the applications on both devices. This meta-data included transitional logs containing user activity, meta-data related to the files in the storage service and information about the user of the application.
The paper also suggests more research is needed, because the whole point of cloud storage is access from multiple devices and security of those devices is therefore very important.
