±Forensic Focus Partners

±Your Account


Forgotten password/username?

New Today: 0
New Yesterday: 1
Overall: 28299
Visitors: 127

±Forensic Focus Partner Links

Join our LinkedIn group

Subscribe to news

Subscribe to forums





Matt Davies, Digital Forensics Analyst, Sytech

Friday April 17, 2015 (11:56:07)   (518 Reads)
Matt Davies
Matt, you're a digital forensics analyst at Sytech. Tell us a bit about your role and what it involves.

My role at Sytech predominantly involves the extraction and analysis of embedded devices, such as mobile phones, tablets, satellite navigation systems, games consoles, unknown devices etc. The examinations I am involved in vary considerably and range from indecent images of children (IIOC) to providing assistance in murder investigations. Working for a private organisation, such as Sytech, allows me to experience both prosecution and defence based cases.

What first made you interested in digital forensics as a field?

It was the varied nature of the work accompanied by the opportunity to make a difference that attracted me to the field of Digital Forensics.   more ...


Joe Williams, PhD Student / Researcher, Canterbury Christ Church University

Wednesday April 15, 2015 (13:08:48)   (646 Reads)
Joe Williams
Joe, you presented an internet research tool at DFRWS. Could you briefly outline your presentation for our readers?

The presentation offered an early glimpse into a tool that will allow law enforcement officials to conduct online research. Essentially what that means is every action an official does while researching on the Internet is kept in an audit trail, for example in the cases of files being downloaded, hashed and logged. The presentation also touched upon the fact that, as far as we are aware, there are no overall guidelines within the UK on how Internet evidence should be gathered. Presently, ACPO guidelines only look at dead and live-box forensics, so there’s a real challenge in creating a tool where there is little official guidance.   more ...


Martin Harran, Developer, Visual JPEG

Wednesday April 08, 2015 (09:03:51)   (448 Reads)
Martin Harran
Martin, you've been demonstrating Visual JPEG at DFRWS. Could you tell us about the concept behind it, and how you came up with the idea?

It's a tool to make life easier for people examining files.

The background of this was that for a Master's research project, I was looking at ways of working with JPEGs with Digiprove, a company that uses digital certificates for files, and they wanted to get a way of building the digital certificate actually inside the file instead of travelling as a separate item. And I did come up with a way of doing that, but I found it frustrating that I had to work a lot with JPEGs, and I was having to use things like hex editors. It's so much hard work. And I just said no, there has to be an easier way of doing this.   more ...


Paul van Ramesdonk, Master's Student, Cape Town University

Friday April 03, 2015 (10:35:20)   (296 Reads)
Paul van Ramesdonk
Paul, you're currently conducting research into continued professional development in digital forensics for your Master's degree. Could you outline your project for our readers?

My area for the dissertation is to look at continued development, specifically with digital forensics practitioners, because I think when looking at other professions such as medical, legal and teaching, there's a lot of focus on doing continued development or lifelong learning. There's quite a few different names for the same thing; depending on which researcher you speak to, they could have the same or different meanings.

Craiger in 2008 made a distinction between what is defined as 'training' and what is defined as 'education', so there are two trains of thought there.   more ...


Mattia Epifani, CEO, Reality Net

Wednesday April 01, 2015 (11:53:20)   (758 Reads)
Mattia Epifani
At DFRWS yesterday you gave a talk about Tor forensics on Windows. Could you briefly outline some of the main challenges associated with Tor forensics for our readers?

I think that nowadays there are new challenges related to encryption, anonymity and stuff like that. After a real case in which we had to find evidence of usage of Tor, we decided to go in-depth on the analysis of usage of Tor on that particular device. Not traces of Tor from a network point of view, but traces of Tor left on the device itself, because in our daily work we mainly perform post-mortem analysis of devices.   more ...