Last week I had the privilege of addressing the attendees of the 2020 SANS DFIR Summit. I spoke about the need to reach out and help those not as fortunate as ourselves. Please take 25 minutes to watch the presentation and then do something about it.
For those of you that know me personally, I try very hard to not minimize other people’s work and accomplishments. In fact, I revel in others’ joy when they achieve things. So, this post will be somewhat out of character for me. I’ve been conducting forensic investigations for around fourteen years. During that time I’ve […]
The US Cybercrime Conference was cancelled last week. My personal feelings about their timing aside, I’ve decided to go ahead and publish my presentation for anyone to watch.
FBI director, James Comey has recently been testifying before various Senate committees that encryption should be significantly weakened so that we can battle terrorist threats.Â Well, that isn’t exactly what he’s saying, at least not according to him, it just happens to be the eventual outcome of what he’s asking. Across the Atlantic the UK Prime […]
“You have zero privacy anyway. Get over it” – I’m sure many remember ScottÂ McNealy, CEO of Sun Microsystems coming out with that controversial phrase inÂ 1999. Yet 15 years later instead of the problem being dealt with it now is hotter thanÂ ever. In Episode 35, Forensic 4cast discussed the events surrounding HBGary,Â having been articulately hacked by […]
Occasionally we all see forensic reports that are as close to perfect as they could be. Where procedures and presentation are clear and concise and where the author has conducted research relevant to the investigation. Sadly this isn’t once of those instances… This is a real report prepared by a real defence ‘expert’. Any references […]
A few weeks ago I posted a picture of Martin Westman just before he jumped out of a plane while hex-dumping a phone. He has been in touch and sent a link to the Youtube video. I asked Martin if he has any more plans to do things like this in the future and he […]
If my work with Volume Shadow Copies has taught me one thing it is that I don’t know anything. I have often said the more I learn, the less I know. Everything that we learn about computer investigations leads to more learning. It never ends. Anyone that thinks they know everything there is to know […]
Simon explains the possible pitfalls of ignoring metadata
Simon discusses current and future methods for phone forensic examination in light of new phone capabilities.