by Sean L. Harrington
"A couple of weeks ago, Brian Glass
posted a very helpful comment, Forensic Toolkit v3 Tips and Tricks — on a
Budget. His comment focused on how to “get close to SSD performance on
the cheap” and he discussed the practice of partitioning a large hard
drive, but using only the outer sectors of the platter, and frequent
defragmentation. In my comment, today, I want to encourage readers to
adopt Glass’ advice, and, if you have the budget, to consider a few
other enhancements to improve performance..."
Read more
Tuesday, November 29, 2011
Is your client an attorney? Be aware of possible constraints (Part 2)
by Sean L. Harrington
"In my first post several weeks ago, I discussed some of the special obligations that digital forensics investigators may have while in the employ of a lawyer. I elaborated briefly on the duty to zealously guard the attorney-client privilege, to correctly apply the work product doctrine, and to conduct investigations in a way that does not compromise the integrity of the case or the rights, privileges, or immunities of the retaining party. In this second part of the series, I will explore another important factor for consideration by examiners: the legality of investigative techniques..."
Read more
"In my first post several weeks ago, I discussed some of the special obligations that digital forensics investigators may have while in the employ of a lawyer. I elaborated briefly on the duty to zealously guard the attorney-client privilege, to correctly apply the work product doctrine, and to conduct investigations in a way that does not compromise the integrity of the case or the rights, privileges, or immunities of the retaining party. In this second part of the series, I will explore another important factor for consideration by examiners: the legality of investigative techniques..."
Read more
iPhone Tracking – from a forensic point of view
Posted by 4rensiker
"iPhoneTracking is sexy! Every mobile forensic suite, at least the ones dealing with iPhones, are providing it proudly. iPhoneTracking also has been a hot topic in the media all around the globe. People stated that there is a way to display every step of an iPhone user ever since the device got bought. Hmm...sounds great for all kind of investigations! Let’s see..."
Read more
"iPhoneTracking is sexy! Every mobile forensic suite, at least the ones dealing with iPhones, are providing it proudly. iPhoneTracking also has been a hot topic in the media all around the globe. People stated that there is a way to display every step of an iPhone user ever since the device got bought. Hmm...sounds great for all kind of investigations! Let’s see..."
Read more
Android Forensics Study of Password and Pattern Lock Protection
Posted by Oxygen Software
"Let’s see what Pattern Lock is, how to access, determine or even get rid of it? We’ll also speak about Password Lock Protection and find out what it has in common with Pattern Lock. And finally we’ll try to understand how these locks are related to forensic investigation process. Generally pattern lock is a set of gestures that phone user performs to unlock his smartphone when he needs to use it. It seems to be complicated, but actually it is not..."
Read more
"Let’s see what Pattern Lock is, how to access, determine or even get rid of it? We’ll also speak about Password Lock Protection and find out what it has in common with Pattern Lock. And finally we’ll try to understand how these locks are related to forensic investigation process. Generally pattern lock is a set of gestures that phone user performs to unlock his smartphone when he needs to use it. It seems to be complicated, but actually it is not..."
Read more
Skype in eDiscovery
by Stuart Clarke, 7Safe
"The EDRM (Electronic Discovery Reference Model) is a widely accepted workflow, which guides those involved in eDiscovery. Typically, the identification and collection phases see email and common office documents harvested, but as technology moves forward is this enough? Many of us are experiencing a rise in audio discovery projects using solutions including phonetics and speech to text. In time this is likely to move onto rich media, in particular video. As a forensic analyst, I know only too well the variety of different data sources which are overlooked in electronic disclosure exercises, yet I appreciate the strong argument of proportionality. Nevertheless, it is relatively straightforward to circumvent some proportionality claims with the appropriate skill sets and techniques. Throughout this article I will discuss proof of concept solutions dealing with Skype in eDiscovery..."
Read more
"The EDRM (Electronic Discovery Reference Model) is a widely accepted workflow, which guides those involved in eDiscovery. Typically, the identification and collection phases see email and common office documents harvested, but as technology moves forward is this enough? Many of us are experiencing a rise in audio discovery projects using solutions including phonetics and speech to text. In time this is likely to move onto rich media, in particular video. As a forensic analyst, I know only too well the variety of different data sources which are overlooked in electronic disclosure exercises, yet I appreciate the strong argument of proportionality. Nevertheless, it is relatively straightforward to circumvent some proportionality claims with the appropriate skill sets and techniques. Throughout this article I will discuss proof of concept solutions dealing with Skype in eDiscovery..."
Read more
Forensic Toolkit v3 Tips and Tricks – On a budget
Posted by Brian K. Glass
"While researching FTK 3X and Oracle, you just recently discovered that the best configuration of your Oracle database would be on a solid state drive (SSD). Solid state drives give the maximum level of performance to Oracle databases and in turn speed up your FTK 3X responsiveness. You are a conscientious analyst and decide to try reinstalling your database on a SSD. You approach your boss, who is not a techno geek, and ask him to purchase a 256GB high performance SSD..."
Read more
"While researching FTK 3X and Oracle, you just recently discovered that the best configuration of your Oracle database would be on a solid state drive (SSD). Solid state drives give the maximum level of performance to Oracle databases and in turn speed up your FTK 3X responsiveness. You are a conscientious analyst and decide to try reinstalling your database on a SSD. You approach your boss, who is not a techno geek, and ask him to purchase a 256GB high performance SSD..."
Read more
Anonymous, what does it mean?
Posted by forens245
"Anonymous, a word which Merriam-Webster describes as: of unknown authorship or origin, not named or identified, or lacking individuality, distinction, or recognizability. There are some in this world that wish to remain anonymous, not named or identified. Sure I am one of these people, but I have my reasons. With the work that I do, clinging to my anonymity is how I keep myself safe, out of harm’s way. There are many people that would like to see me hang for what I’ve uncovered about them..."
Read more
"Anonymous, a word which Merriam-Webster describes as: of unknown authorship or origin, not named or identified, or lacking individuality, distinction, or recognizability. There are some in this world that wish to remain anonymous, not named or identified. Sure I am one of these people, but I have my reasons. With the work that I do, clinging to my anonymity is how I keep myself safe, out of harm’s way. There are many people that would like to see me hang for what I’ve uncovered about them..."
Read more
Subscribe to:
Posts (Atom)