If you were on the Laden case...

Jamie,
It is a good article that mentions 12 tools and I did want to share it.

…and casually instead of pointing to the first page of the article

http//www.popularmechanics.com/technology/military/news/the-special-operations-forensic-tool-kit#fbIndex1

I posted a direct link to the 11th page that talked about my product…. roll

Firstly, I posted an apology on this forum. Your comments are unnecessary. Secondly, the article is quite clear that it is about 12 products. I am sure that Forensic Focus readers can figure this out easily.

BTW, and IMHO the whole article looks A LOT like some form of advertising.

Not sure how they do things in Italy (you are listed as being out Florence Italy, so I am assuming you are Italian), but if it was paid advertising, this would be listed explicitly in the article.

I don't buy, with all due respect with Popular Mechanics, that

In fact, teams are now equipped with state-of-the-art kits designed to collect any scrap of material and information from such raids, and PM discovered what's in the tool kits special operations forces carry with them.

Popular Mechanics provided a synopsis on a comprehensive presentation on the USSOCOM Sensitive Site Exploitation program. The tools are divided into different categories (High level Medex, Low Level Medex etc.) and not all operators get to use all tools.

we have (from the actual guys that produce/sell this stuff) that they gave their products to the "special operations forces…."

Again, I am not sure how they do things in Italy (or your neck of the woods), but our Special Forces teams do not depend on free handouts from vendors. Tools selected are subject to tough testing and USSOCOM programs (forensic, site exploitation and otherwise) include very comprehensive training regiments. Not sure what your agenda is but you probably work for or represent a vendor whose tools failed to make the USSOCOM SSE program.

…they simply grab whatever thay can….

"thay"? You might want to run spell check before you post ….

Heck, I don't think the GI's will make a forensic acquisition of a 1 Tb HD on the field, possibly under enemy fire and anyway in a situation where seconds matter, let alone analyze anything, they simply grab whatever thay can, destroy anything they cannot carry back with them and get the hell out of there as soon as they can….

Again, not sure what your agenda here is. Firstly, as stated earlier, the tools are divided into different categories (High level Medex, Low Level Medex etc.) and not all operators get to use all tools. Secondly, you are clearly unaware of what the USSOCOM SSE mission goals and criteria are. Thirdly, i can assure you that USSOCOM is not seeking your ill-informed opinions ….

Well, well I seemingly have stepped on someone toes. (

If I did so, I apologize oops , I was trying to point out the foolishness of the article in the part that Popular Mechanics discovered what Special Operation Forces carry with them during raids.

Now, if the "Special Operation Forces" are as they should be - rather secretive about what they do/use - I doubt that PM could discover anything about them.

So, the only source for the information can come from the other side, the guys who produce the equipment

As said IMHO, and unless there is a new law to prevent expressing publicly one's opinion I should be allowed to do so, the whole article LOOKS like being a form of advertising, and I stand by it.

BTW I never wrote, nor thought about it being "paid" advertising. (the kind that "would be listed explicitly")

More exactly I would describe it as the assembly of 12 (BTW IMHO nice and useful) product descriptions (review is a too big a word for them) quickly assembled together to make use of the hype about the Bin Laden mission/raid.

Since you expressed an opinion, saying that the article is a "good" one, I feel free to express mine that not only it is not a good article, it is not an article at all, but a mere patchwork of 12 known forensic tools pictures accompanied by a few lines of description for each.

As well, within my rights to espress opinions, I think that noone in his right mind is going to wait a couple hours on the field imaging a hard disk in operations like that carried in the Bin Laden case, nor in doing on-the-field triage, etc., etc.

Thank you for your nice correction of "thay" into "they", I try to write as much as I can, being English not my native language, a correct English, though it seems to me that a typo may happen to everyone.

In Italy we have - to describe that - something that can be translated as "typing error"
http//encyclopedia2.thefreedictionary.com/Typing+error
or, since these kind of things happen since the actual use of writing, we also commonly use a latin expression, lapsus calami
http//en.wiktionary.org/wiki/lapsus_calami
that would be appliable also to the fact that you wanted to share a "good article" BUT INSTEAD -undoubtedly by mistake - posted a link to the single page on it sporting your product.

Rest assured that I am not connected in any way with any forensic tool or their commerce, and I have nothing against you, the tools/whatever you produce nor against the other 11 items that were presented in the article, all my comment was aimed towards the - again IMHO - completely void of any possible connection with reality of "PM discovery" AND that Special forces do carry with them some of those tools to do on the field forensics in the course of missions like the "compound raid" the thread is about.

If you want, you can mark one point each in the "pickiness" column, one each in the "miswriting" one, and one each in the "apologies" one.

Still in Italian in these cases we would use an expression that, from the little English I know, could be translated into US English as something like

Oww, come off it! Take it easy, man.

jaclaz

P.S. I apologize in advance for any misspelling I may have produced in the above post

P.P.S. You may want to set your spelling/grammar checker to detect and remove repetitions
http//www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=5585

In response to some request for triage implementation specifics, here is one white paper http//computerforensics.parsonage.co.uk/triage/ComputerForensicsCaseAssessmentAndTriageDiscussionPaper.pdf. The paper provides excellent details on a successful forensic triage program. There is another another presentation by West Mercia (UK) available as well. Please contact me at info (at) adfsolutions dot com and i will send this.

Matthew 73 roll

As said IMHO, and unless there is a new law to prevent expressing publicly one's opinion I should be allowed to do so, the whole article LOOKS like being a form of advertising, and I stand by it.

MHO is the same as yours.

I think that noone in his right mind is going to wait a couple hours on the field imaging a hard disk in operations like that carried in the Bin Laden case, nor in doing on-the-field triage, etc., etc.

Steering clear of the handbags, just a slight point on the triage process. As you say it is highly unlikely that anyone is going to hang around for very long at such a scene doing a triage but it is quite feasible that once back at base a triage would be done in an effort to gather early and actionable intelligence before the items were sent off for a full examination.

H

Steering clear of the handbags, just a slight point on the triage process. As you say it is highly unlikely that anyone is going to hang around for very long at such a scene doing a triage but it is quite feasible that once back at base a triage would be done in an effort to gather early and actionable intelligence before the items were sent off for a full examination.

Undoubtedly ) , again the point I was trying to make was about how much it was UNLIKELY that the G.I.'s would carry with them those pieces of equipment (unless they like to take them out of the lab to let them get some fresh air, of course wink )

As such, what PM assertedly discovered amounts to a fairly huge quantity of the matter that comes from the rear end of large mammals with pointed horns….

jaclaz

Bin Laden's system was built on discipline and trust. But it also left behind an extensive archive of email exchanges for the U.S. to scour. The trove of electronic records pulled out of his compound after he was killed last week is revealing thousands of messages and potentially hundreds of email addresses.

Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer without an Internet connection, then save it using a thumb-sized flash drive. He then passed the flash drive to a trusted courier, who would head for a distant Internet caf[?]

At that location, the courier would plug the memory drive into a computer, copy bin Laden's message into an email and send it. Reversing the process, the courier would copy any incoming email to the flash drive and return to the compound, where bin Laden would read his messages offline.

It was a slow, toilsome process. And it was so meticulous that even veteran intelligence officials have marveled at bin Laden's ability to maintain it for so long. The U.S. always suspected bin Laden was communicating through couriers but did not anticipate the breadth of his communications as revealed by the materials he left behind.

Oh crap! This is why the Intel community is so far skrewed that they don't even recognize how insanely unanswerable the original question was. No offense to the original question…GOOD question, except that it is right up there with "HOW LONG WILL THIS TAKE?", which my reply is usually "HOW LONG DOES IT TAKE TO CATCH A FISH?"

The problem with most of the organizations looking at the hard drives are that they want trained monkeys to follow a court-tested and approved checklist when in actuality, they need people who treat forensics as an ART over the SCIENCE. Great, you know a bit, nibble, shizzle, doohickey, and have your degree from GWU, but Intel is USELESS unless it is actionable. Bin Laden hard drives should have been exploited within days(2 at most). I guarantee there is fighting and backbiting and "WHO WILL GET CREDIT FOR THIS???" conversations going on even as we speak.

The answer to the original question has already been answered. You hook up the drives and run your collection of bad guy keywords(politically uncorrect, but the truth) which you have collected from doing Cyber Counter Terrorism cases for 10 years. You get an idea of the user, you poke around, you find things and be curious to gather Intel.

You can't reproduce that in court, and you really can't script it out for someone who "was barely able to check email 6 months ago"(I actually heard that at one moot court…and he was testifying as an expert)

As a sidenote, I'm not a FOX news conspiracy theorists, I have actually been in these meetings. I no longer work in that capacity and had to leave that area of work(if you couldn't tell from the sheer venom in my post).

Cheers and G'day…

"HOW LONG DOES IT TAKE TO CATCH A FISH?"

Oh, comeon, that's an easy one
http//www.maxwideman.com/musings/task_duration.htm

Q. How much is 5+5?
A. 13

jaclaz

D

That is going to be my new answer…

Me "13"

Them "Hours? Days?"

Me "I. SAID…13"

I have decided to start a new thread every week which will equal the greatness of this thread.

You may add to the tip jar as you deem fit.