F3 Training Day - 9th Dec 2010 (Milton Keynes)

I haven't been able to find the QCC notes, but the CCL ones are located here

CCL F3 Training Day

Ah, excellent! Thats a start.

The Volume Shadow Copy is defo a good one to have! Will keep hunting for it!

Thanks.

It was a good day, and very well attended. Shame the afternoon session wasn't as advertised though - I contacted CCL Forensics to ask why but got no reply.

I agree that it was a really informative and interesting day. It was my first F3 event and I am looking forward to the next.

Hi folks,
Sorry I haven't got the Volume Shadow Copy slides to Ted to put on the F3 site yet, I'll get this done as fast as poss, but my caseload isn't getting any smaller!

In the meantime, you can download the paper we wrote on Volume Shadow Copies here http//www.qccis.com/resources/whitepapers.

Glad you enjoyed the presentation - I'm considering doing something similar looking at the Windows Desktop Search database early next year.

I'll ping a note back here when I've got the various bits & bobs around VSS to Ted at F3.

Kind regards,
John.

It was a good day, and very well attended. Shame the afternoon session wasn't as advertised though - I contacted CCL Forensics to ask why but got no reply.

Hi Jonathan

I'm really sorry to hear you didn't get an answer from us. I am really embarrassed. oops Give me a call anytime - I'm happy to answer any questions (01789-261200) or email me though Forensic Focus.

It's probably worth explaining why the content of our presentation differed from what was advertised! When we were initially approached to do the Training Day we proposed four possible topics -

Apple's new toys (iPhone, iPad, iPod)
Google Android Forensics
General Smartphone Evidential oppotunities (beyond calls, contacts and SMS)
It's Fun to Flash (using flasher boxes for forensic purposes)

We intended F3 to pick one or two but the advertisement went out with all of the proposed topics listed. Unfortunately it was just a breakdown in communication and our fault not F3's. Talking to people we were made to understand that the highest demand was for iPhone training and we went with that.

We are, however, very happy to do futher training sesssions on any of these proposed topics and it would be good to hear what people feel would be the most useful.

Finally - we're talking to F3 about doing a full days introduction to Python Programming for Forensic Practitioners which will be a really interesting and useful day. This should happen early in 2011.

Glad you still enjoyed the day and once again - apologies!!

Mark

If anyone is interested in getting the free XPath tool that I wrote for the presentation I've jammed it onto YouSendIt (it'll expire in 7 days but if you want it after then just drop me a line).

https://www.yousendit.com/download/RlRwd0VNTkw1UjZ4dnc9PQ

I'm glad that people got something out of it, it's always nice to get down to bits and bytes in front of a crowd. So to speak…

Hi Mark, thanks a lot for your reply - understood! These things can happen. I sent my message to the @CCLForensics Twitter feed. Alex's presentation was excellent; I've exchanged a few mails with him since and he's been most helpful.

Funny you should mention Python as I've only just been looking at Python resources - so a day on Python programming would be very welcome indeed!

Regards,

Jonathan

I think one thing for me (us in our office) is finding a good course on Android… With it being everywhere these days I think a good day on this would be very beneficial. I think a lot of people seem to focus on iPhone and iStuff as its the latest craze, but Androids cheap(ish)ness is giving it an immense market share.
One thing we would like to know is how to bypass that bloody swipe / email logon. If iPhones can be bypassed, there must be a good technique for Android!
So my shout would be for an Android course in 2011 (I'll bring the coffee, you supply the Gingerbreads and Cupcakes!) (Sorry…. very poor! D ) lol