±Forensic Focus Partners
New Today: 0
New Yesterday: 1
±Forensic Focus Partner Links
· DFRWS Europe 2015 Annual Conference – Recap
· DFRWS EU 2015 – Dublin 23rd – 26th March
· SQLite Database Forensics – ‘Sleep Cycle’ Case Study
· Data Recovery As A Medium For Email Forensics
· Carving out the Difference between Computer Forensics and E-Discovery
· Forensic Analysis of SQLite Databases: Free Lists, Write Ahead Log, Unallocated Space and Carving
· How Secure Is Your Password? A Friendly Advice from a Company That Breaks Passwords
· Using SQL as a date/time conversion tool
· Forensics and Bitcoin
InterviewsBack to top Back to main Skip to menu
My role at Sytech predominantly involves the extraction and analysis of embedded devices, such as mobile phones, tablets, satellite navigation systems, games consoles, unknown devices etc. The examinations I am involved in vary considerably and range from indecent images of children (IIOC) to providing assistance in murder investigations. Working for a private organisation, such as Sytech, allows me to experience both prosecution and defence based cases.
What first made you interested in digital forensics as a field?
It was the varied nature of the work accompanied by the opportunity to make a difference that attracted me to the field of Digital Forensics. more ...
The presentation offered an early glimpse into a tool that will allow law enforcement officials to conduct online research. Essentially what that means is every action an official does while researching on the Internet is kept in an audit trail, for example in the cases of files being downloaded, hashed and logged. The presentation also touched upon the fact that, as far as we are aware, there are no overall guidelines within the UK on how Internet evidence should be gathered. Presently, ACPO guidelines only look at dead and live-box forensics, so there’s a real challenge in creating a tool where there is little official guidance. more ...
It's a tool to make life easier for people examining files.
The background of this was that for a Master's research project, I was looking at ways of working with JPEGs with Digiprove, a company that uses digital certificates for files, and they wanted to get a way of building the digital certificate actually inside the file instead of travelling as a separate item. And I did come up with a way of doing that, but I found it frustrating that I had to work a lot with JPEGs, and I was having to use things like hex editors. It's so much hard work. And I just said no, there has to be an easier way of doing this. more ...
My area for the dissertation is to look at continued development, specifically with digital forensics practitioners, because I think when looking at other professions such as medical, legal and teaching, there's a lot of focus on doing continued development or lifelong learning. There's quite a few different names for the same thing; depending on which researcher you speak to, they could have the same or different meanings.
Craiger in 2008 made a distinction between what is defined as 'training' and what is defined as 'education', so there are two trains of thought there. more ...
I think that nowadays there are new challenges related to encryption, anonymity and stuff like that. After a real case in which we had to find evidence of usage of Tor, we decided to go in-depth on the analysis of usage of Tor on that particular device. Not traces of Tor from a network point of view, but traces of Tor left on the device itself, because in our daily work we mainly perform post-mortem analysis of devices. more ...