Joe T. Sylve, Ph.D. – Digital Forensic Researcher and Educator

In yesterday’s post, we discussed Checkpoint Maps, the simple linear-time data structures that APFS uses to manage persistent, ephemeral objects....

APFS Internals · Part 6

Dec 8, 2022

In our last post, we discussed NX Superblock Objects and how they can be used to locate the Checkpoint Descriptor...

APFS Internals · Part 5

Dec 7, 2022

The NX Superblock Object is a key component of APFS. It stores key information about the Container, such as the...

APFS Internals · Part 4

Dec 6, 2022

APFS is a pooled storage, transactional, copy-on-write file system. Its design relies on a core management layer known as the...

APFS Internals · Part 3

Dec 5, 2022

As we discussed in our last post, objects are the fundamental building blocks of APFS. While there are many different...

APFS Internals · Part 2

Dec 2, 2022

APFS is a copy-on-write file system, consisting of a set of immutable objects that are the fundamental building blocks of...

APFS Internals · Part 1

Dec 1, 2022

As an exercise in self-discipline, I’ve decided to get an early start on my 2023 New Year’s resolution of writing...

Joe T. Sylve, Ph.D. – Blog