Thesis Friday #1: AUL – FaceID authentication

The Apple Unified Log play a crucial role in our digital forensic investigations. It is crucial in uncovering system activities and user interactions. Apple Unified Log provide a detailed, timestamped record of system events across various processes and subsystems. However, interpreting the AUL requires an understanding of their structure.

It is Friday for me, I will start calling it thesis Friday. So I am doing my research on the AUL and I decided to pick out a artifact and explain it.

So lets dive in!

Apple Unified Log FaceID artifact:

2025-03-09 14:50:43.337360+0100 localhost kernel[0]: (AppleH13CameraInterface) PearlCamFrameReceived - isFaceDetected=1, isBracketedCaptureFrame=1, isUserEngaged=1, hasAttention=1, hasGlasses=1, hasOcclusion=0, hasEyeOcclusion=0, fIDfsmFDStatus=2, sensorTemp=30, isFIDValidFrame=1, isERDataValid=0, isMDDataValid=0, isAttnDataValid=1

Now we will break it down:

  • Timestamp: 2025-03-09 14:50:43.337369+0100 (Timestamp = timestamp UTC+1)
  • Process / Subsystem: kernel / AppleH13CameraInterface – This log entry originates from the AppleH13CameraInterface, the kernel-level interface managing the TrueDepth camera system (used by Face ID)
  • EventMessage:
PearlCamFrameReceived - isFaceDetected=1, isBracketedCaptureFrame=1, isUserEngaged=1, hasAttention=1, hasGlasses=1, hasOcclusion=0, hasEyeOcclusion=0, fIDfsmFDStatus=2, sensorTemp=30, isFIDValidFrame=1, isERDataValid=0, isMDDataValid=0, isAttnDataValid=1

The event message PearlCamFrameReceived indicates that a frame was captured by the camera, and it includes a set of Boolean and integer flags describing the frame’s metadata:

  • isFaceDetected=1: A face was successfully detected.
  • isBracketedCaptureFrame=1: The frame is part of a bracketed capture (used for depth sensing and HDR).
  • isUserEngaged=1: The user is actively engaging with the device.
  • hasAttention=1: Eye gaze detection confirms the user is looking at the screen.
  • hasGlasses=1: Glasses were detected on the user.
  • hasOcclusion=0, hasEyeOcclusion=0: No facial or eye occlusions detected.
  • sensorTemp=30: Sensor temperature was 30°C at the time of capture.

Forensic interpretation:

At this timestamp, the user’s face was detected by Face ID, the user was looking at the device, and no facial obstructions were present. This confirms active user engagement with the screen, potentially unlocking the device or interacting with secure apps.

By popular demand I will make more user interaction artifacts explanations and I hope this will trigger investigators to join our research on the AUL.

#Apple Unified Log #Apple #Digital Forensics

Licensed under CC BY-SA 4.0.

Feel free to share or adapt the work — with attribution and under the same license.

31 Comments

  1. phpgames: Top Slot Online in the Philippines. Login, Register & Get the phpgames App Download and Official Casino Link Today. Join phpgames, the top slot online in the Philippines! Access the official phpgames casino link for easy phpgames login and phpgames register. Get the phpgames app download today for seamless gaming and exclusive rewards. visit: phpgames

  2. [5239]Oklaro Philippines: The Ultimate Online Slot Destination. Register & Login now, Download the App, or access our official Link Alternatif for the best gaming experience! Experience Oklaro Philippines, the ultimate online slot destination! Secure your Oklaro login & Oklaro register today for top Oklaro slot games. Oklaro download the mobile app or use our official link alternatif for 24/7 gaming action. visit: oklaro

  3. [2484]56jilicasino: The Top Philippines Online Casino – Register & Login for Premium Slot Games and Fast App Download Experience 56jilicasino, the top Philippines online casino. 56jilicasino register now for premium slot games. 56jilicasino login or use the app download for fast wins! visit: 56jilicasino

  4. [6557]Jili168 Login & Register: Play Best Slot Games, Sign Up, and Easy App Download in the Philippines. Experience the best jili168 slot games in the Philippines! Secure your jili168 login, complete your jili168 register, and start your jili168 sign up today for exclusive rewards. Enjoy seamless gaming with a fast jili168 app download. Join now and win big! visit: jili168

  5. [5329]Casinomaxx Official Site: Easy Login, Register & App Download. Play the Best Online Slots in the Philippines Today! Join the Casinomaxx official site for the best online slots in the Philippines! Enjoy a quick Casinomaxx login and register today. Secure your Casinomaxx app download to start playing and winning anytime, anywhere. visit: casinomaxx

  6. [5444]Winforlife Online Casino Philippines: Register & Login for Premium Slots and Easy App Download. Experience Winforlife Online Casino, the Philippines’ top destination for premium winforlife slots. Winforlife register today, secure your winforlife login, and get the winforlife app download for elite mobile gaming! visit: winforlife

  7. [1439]Laro789: Best Online Casino in the Philippines. Quick Laro789 Register, Login & Play Laro789 Slot games. Download the app today for the ultimate Laro789 Casino experience! Experience Laro789, the best online casino in the Philippines. Quick Laro789 register & login to play Laro789 slot games. Laro789 download the app for the ultimate casino thrill! visit: laro789

  8. [1475]Maxwinph: Best Casino Online in the Philippines. Login, Register, or Download the App to Play Exciting Slot Games Today. Join Maxwinph, the best casino online in the Philippines. Maxwinph register or login now to play exciting slot games. Get the maxwinph app download and win today! visit: maxwinph

  9. [5693]SSBET77: The #1 Online Casino in Philippines – Fast Login, Register, and App Download for Top Slot Games Experience the #1 online casino in Philippines at SSBET77. Quick ssbet77 login and register process. Get the ssbet77 app download for top ssbet77 slot games and big wins. Join today! visit: ssbet77

  10. [9388]Kinggamebio: Top Philippines Slot Online & Casino Games. Experience easy Kinggamebio login, register today, and enjoy our official app download for the best gaming experience. Experience the premier Philippines slot online and casino games at Kinggamebio. Enjoy easy Kinggamebio login, fast register, and our official app download for the ultimate gaming experience. Join today! visit: kinggamebio

  11. [2692]qdf Casino Philippines: Best Online Slots, Easy Login, Register & App Download Experience top-tier gaming at qdf Casino Philippines! Discover the best qdf slot games with a seamless qdf login and quick qdf register process. Secure your qdf download today to enjoy premium online casino action and big wins anytime, anywhere. Join the #1 qdf casino platform in the Philippines now! visit: qdf

  12. [6353]Winph111 Login & Register: The Best Legit Philippines Casino. Experience Top Winph111 Slot Games and Fast Winph111 App Download Today! Winph111 is the top legit Philippines casino! Secure your Winph111 login & register to enjoy premium Winph111 slot games. Fast Winph111 app download available now. visit: winph111

  13. [1766]jljl7 Casino Philippines: Login, Register & App Download for Top Online Slots Experience the best online gaming at jljl7 Casino Philippines! Secure your jljl7 login, complete your jljl7 register, and get the jljl7 app download to enjoy top-rated jljl7 slot games. Join the leading jljl7 casino today for exclusive rewards and big wins! visit: jljl7

  14. [1752]bl777: Top Philippines Online Casino. Login, Register, & Play Slot Games. Download the App Now via Official bl777 Casino Link. Experience bl777, the top Philippines online casino. Use the official bl777 casino link for bl777 login & register. Play bl777 slot games & download the app now! visit: bl777

  15. [5632]JJ77 Casino Philippines: Official JJ77 Login, Register, and App Download for Top JJ77 Slot Games. Welcome to JJ77 Casino Philippines! Access the official JJ77 login, quick JJ77 register, and JJ77 download for top JJ77 slot games. Play at JJ77 casino and win big today! visit: jj77

  16. [9151]Pesomax Online Casino Philippines: Top Slot Games, Easy Register, Login & App Download. Experience Pesomax Online Casino Philippines! Enjoy top-rated Pesomax slot games with a quick Pesomax register and login process. Secure your Pesomax app download today for the best mobile gaming experience. Join the #1 online casino in the Philippines and start winning now! visit: pesomax

  18. [5306]99jl Online Casino Philippines: Top Slots, Easy Login, Register & App Download Experience 99jl Online Casino, the Philippines’ premier hub for 99jl slots. Easy 99jl login & 99jl register. Get the 99jl app download and start winning today! visit: 99jl

  19. [264]Betpk Online Casino Philippines: Secure Betpk Login, Register, and App Download for the Best Online Slots and Casino Games. Join Betpk Online Casino Philippines for secure betpk login, easy betpk register, and betpk app download. Play the best betpk slots & casino games. Sign up now! visit: betpk

  20. [1812]Casinoplusph Official Website: Easy Login & Register for the Best Online Slots in the Philippines. App Download available for 24/7 gaming! Experience the best online slots at the Casinoplusph official website. Quick Casinoplusph login & register for top PH gaming. Get the Casinoplusph app download now! visit: casinoplusph

  21. [5414]BBCCasino Official Site: Best Online Slots in the Philippines. Fast BBCCasino Login, Easy Register, and Mobile App Download for the Ultimate Gaming Experience. Experience top gaming at BBCCasino official site. Fast BBCCasino login, easy register, and BBCCasino app download. Play the best online slots in the Philippines today! visit: bbccasino

  22. [6621]Scatter Login & Slot Register: Download the Scatter App for Top Casino Slots in the Philippines Access the official scatter login link for the best scatter casino slots in the Philippines. Quick scatter slot register & easy scatter app download. Join now! visit: scatter

  23. [4097]Kingjili Online Casino Philippines: Quick Login, Register & App Download for the Best Slots Experience Experience the best Kingjili slots at Kingjili Online Casino Philippines. Fast Kingjili login & easy Kingjili register. Get the Kingjili app download now and win big! visit: kingjili

  24. [7393]Me777 Login, Register & App Download: Experience the Best Me777 Slot Games in the Philippines Official Casino. Join Me777, the #1 Philippines casino! Quick me777 login & register to play top me777 slot games. Get the me777 app via me777 download for non-stop mobile action. visit: me777

  25. [4636]fbmgaming Online Casino Philippines: Easy Login, Fast Register, and App Download for the Best Slot Games. Experience the ultimate thrill at fbmgaming Online Casino Philippines. Enjoy a seamless fbmgaming login, fast register, and easy fbmgaming download to play the best fbmgaming slot games. Join the top-rated online casino in the PH today and start winning! visit: fbmgaming

  26. [5751]Pcsobet Official Site: Login, Register & Online Slots Philippines. Download the Pcsobet App for the Ultimate Casino Experience. Join the Pcsobet official site for the best online slots in the Philippines. Fast Pcsobet login & register. Start your Pcsobet app download for the ultimate casino experience! visit: pcsobet

  27. [3628]123b Casino: Trusted Philippines Online Slot – Quick 123b Login, Register & App Download Join 123b Casino, the most trusted Philippines online slot platform. Secure your 123b login, complete a fast 123b register, or get the official 123b download for mobile access. Play the best 123b slot games and live 123b casino titles with quick payouts and 24/7 support. Start your winning journey today! visit: 123b

  28. [6345]PHDream23 Casino: Login, Register & Download the Best Online Slots in the Philippines. Experience the ultimate gaming at PHDream23 Casino! PHDream23 login and register now to play the best online slots in the Philippines. Get the official PHDream23 download for mobile access to premium PHDream23 slot games, exclusive bonuses, and big wins today. visit: phdream23

  29. [5388]phpgames: Top Slot Online in the Philippines. Login, Register & Get the phpgames App Download and Official Casino Link Today. Join phpgames, the top slot online in the Philippines! Access the official phpgames casino link for easy phpgames login and phpgames register. Get the phpgames app download today for seamless gaming and exclusive rewards. visit: phpgames

  30. [4426]SSBET777 Online Casino Philippines: Easy Login, Register, & App Download for the Best Slot Games. Join SSBET777 Online Casino Philippines! Fast ssbet777 login & register to play the best ssbet777 slot games. Get the ssbet777 app download and win big today! visit: ssbet777

  31. [1411]8k8 Official Link: Easy Login & Register for Top Casino Slots. Download the 8k8 App Today for the Ultimate Philippines Gaming Experience! Experience the ultimate Philippines gaming with 8k8! Use the 8k8 official link for fast 8k8 login and 8k8 register. Play top 8k8 casino slots and get the 8k8 app download today for the best mobile betting experience and big rewards. visit: 8k8

Leave a Reply

Your email address will not be published. Required fields are marked *