Evaluating Mobile Telephone Connection Behaviour – Part 2

The Basics of Evaluating Connection Records by Sam Raincock, IT and telecommunications expert witness Connection RecordsWithin the UK, details of past telephone connections are stored by the network providers. The minimum storage is advised by the Data Retention (EC Directive)… Read more

Biles’ Hierarchy of Disaster Recovery Needs

by Simon Biles Having failed to keep up with my New Year’s resolution of being more organised (the observant of you might have noticed the absence of a February column), it’s nice to be able to move into a new… Read more

The Question Of Cyber Terrorism

by Robert Murrill rmurrill@verizon.net Executive Summary This paper will take a look at Cyber terrorism and explaining what it is and what it isn’t by showing how closely related Cyber Terrorism and Cyber Warfare are. Although the affects of both… Read more

Personal Branding for Digital Forensics Jobseekers

by David Sullivan Looking at the job adverts here on Forensic Focus shows that after a really sluggish period the number of vacancies available in computer forensics and electronic disclosure is increasing. Many forensics professionals who would normally have changed… Read more

Geotags: Friend or Foe?

by David Benford Director, Blackstage Forensics I recently wrote a research paper, “Geotag Data: The Modification of Evidence on the Apple iPhone”, based around the possibility of modifying geotag evidence on the Apple iPhone. A test was performed as part… Read more

Is the NTSB a model for incident response?

by Sean McLinden Recently, the events surrounding the defacement of the HBGary Web site and publication of sensitive data were being bantered about on a number of forensic, security and incident response sites. As is typical for these kind of… Read more

I’m here! Now what?

by Ken Pryor Working for a small police department in a rural area, my opportunities to do digital forensic work on real cases are much fewer and farther between than those who work in large departments or in the private… Read more

Challenges of Smart Phone Forensics

by Rob Adams ACE, CDIA+ SALIX Mobile devices have become an essential component of our daily lives. These devices keep us connected and act as so much more than the cell phones and portable music players of the 1990’s. It… Read more

My cat did it – honest, Guv!

and he did it via remote access… by Sam Raincock, IT and telecommunications expert witness When evaluating computer forensics cases the tricky part is often not just evaluating what is found but determining how it came to reside there. “It… Read more

Side channel attacks

by Simon Biles Founder of Thinking Security Ltd., an Information Security and Risk Management consultancy firm based near Oxford in the UK Forensics is all about evidence, but the trick is knowing where to find it! Locard’s exchange principle effectively… Read more

Digital Forensics and ‘self-tracking’

by Dr Chris Hargreaves, lecturer at the Centre for Forensic Computing at Cranfield University in Shrivenham, UK This month’s article is based very loosely around a recent 5-minute talk from Gary Wolf (link here) which explores the concept of ‘self-tracking’… Read more

It’s not always what you find…

by Sam Raincock, IT and telecommunications expert witness In digital forensics we are often asked to determine the presence of evidence. However, what happens when we do not find anything? How do we prove something wasn’t there? Proving something is… Read more

A cloud by any other name…

by Simon Biles Founder of Thinking Security Ltd., an Information Security and Risk Management consultancy firm based near Oxford in the UK. “You have to know the past to understand the present” – Dr. Carl SaganIf you have been kind… Read more