Friday, May 29, 2009

Hoffmann Advanced Forensic Sessions, November

Received a note from Robert-Jan Mora this morning that the second Advanced Forensic Sessions from Hoffmann BV in the Netherlands will be held 16th – 20th November 2009. The Sessions are limited to 25 participants but the previous edition was completely booked so early registration is recommended (click here for full details).

Robert-Jan and his colleague Joachim Metz, together with others at Hoffmann, are some of the best in the business and I wish them every success with these new sessions.

Thursday, May 07, 2009

Review - e-fense Live Response

Scot Wesner's review of e-fense Live Response can be read here with follow up discussion here.

Interview with live forensics expert Nick Furneaux

An interview with live forensics expert Nick Furneaux (MD of CSITech & Director at Bright Forensics) is now online at

Thanks to Nick for his time!

Tuesday, May 05, 2009

Infosecurity Europe - Seminars

I managed to catch a few seminars during the first couple of days of Infosecurity Europe, of which I think the following were the most interesting:

Who Should Police The Global Internet - Who Is Ultimately Responsible?
Chair: Mr Philip Virgo, Secretary General, EURIM
Ms Charlie McMurdie, Detective Superintendent, Police Central e-Crime Unit, New Scotland Yard
RT Hon Alun Michael, MP

I'd been looking forward to hearing Charlie McMurdie speak in person for some time, having published snippets from a number of her talks over the past few years. Charlie gave a good overview of current strategy intended to meet the challenges of e-Crime in the UK (forces acting independently of each other, lack of frontline knowledge/training, etc.) and introduced the Police Central e-Crime Unit, together with a sneak peek at their website which is yet to go live. Of most interest was her call (which I understand has been made previously - thanks Si!) for more dialogue and sharing of resources between police and industry in the UK. I managed to grab a few seconds of her time at the end of the talk to pass on my business card and quickly suggest an interview for Forensic Focus - something I intend to follow up on shortly. There's a lot of interest amongst private sector practitioners (both at the company and individual level) in working with the police and I'd like to help Charlie get the word out there about the possibilities for greater interaction.

Security At The Crossroads: Where Are We Headed?
Dr Whitfield Diffie

I expect most people reading this will have heard Whit Diffie speak before but I hadn't and I was keen not to miss him (apologies to all those I pushed out of my way while running to the seminar room!) Whit gave a potted history of cryptography starting a few hundred years ago but unfortunately it wasn't quite potted enough - by the time we got to the present day he'd run out of time and didn't really have a chance to explore the security "crossroads" we're at today in any great detail. That was certainly a shame but he's such an entertaining speaker that nobody seemed to mind too much - at least not those lining up to have their photo taken with him afterwards :-)

The Rising Tide Of Surveillance
Mr Phil Zimmermann, Special Advisor & Consultant, PGP Corporation

Phil Zimmermann made the brave choice to come to the UK and tell the local audience that British society is sleepwalking into a kind of Orwellian police state, with surveillance increasing at an alarming rate. His suggestion was that the Brits need to wake up and mobilise against this insidious evil. By and large this message was met with some approval - I particularly liked the chap who was outraged that our conference badges were being scanned before every seminar - and he also talked about his Zfone project towards the end of the session. If anyone has the chance to hear Phil speak in future, I highly recommend it - he gave us a lot to think about.

Panel Discussion
Chair: Prof. Fred Piper
Panel members: Dr. Paul G Dorey, Mr. David Lacey, Mr. Phil Zimmermann, Mr. Whitfield Diffie, Mr. Dan Kaminsky

This was, without doubt, the most entertaining of the seminar sessions with the topic up for discussion being "What bit of computer security would you get rid of?" (or words to that effect). I really should have made some notes because I've forgotten most of the points raised - including some good one-liners from Whit - but what sticks in my mind most was Dan Kaminsky's thoughts on DNSSEC and its potential for securing our network infrastructure (unfortunately I didn't attend his earlier talk on just this topic but, just to clarify, he was arguing that DNSSEC has real potential, not arguing that we should get rid of it). One of the points he brought up was the failure of PKI as currently implemented to really gain any kind of foothold over the years and I wondered how different things might have been for forensic investigators if encryption - especially for email - had become the norm.