What is a push button tool?
Any piece of software you use has to have a file ( you need to know where that file is) and it has to have an output method for the data, also that data needs to be analyzed and reported on. No test is going to help me with VSC's or parsing out files, cutting files with hex and saving them, etc. You also have to know the intricacies of the software as well as switches.
I like practical hands on tests as opposed to questions where 3 answers may be right and one is for sure not right.
If you can do the work, write the report, and articulate the methods to someone else (boss, judge, jury, etc.) then being able to do a multiple choice test seems useless.
You hear far more often a guy has a ton of certs from taking book tests and then gets an actual case and botches it or has no idea what to do than you hear someone takes practicals and has no idea what to do.
But there's also the antithesis - where people can do investigations using the automated tools but wouldn't have a clue what to do if they were forced to do it all by hand. This is why I fully support both written AND practical tests for certification because it gives an indication that the examiner knows the theory behind the automation. Too many people are happy just to press buttons without giving a second thought to what the tool is doing, or whether it is even doing is accurately.
I think organizations which rely too much on "push button" solutions expose themselves to risks easily mitigated with proper training.
But there's also the antithesis - where people can do investigations using the automated tools but wouldn't have a clue what to do if they were forced to do it all by hand. This is why I fully support both written AND practical tests for certification because it gives an indication that the examiner knows the theory behind the automation. Too many people are happy just to press buttons without giving a second thought to what the tool is doing, or whether it is even doing is accurately.
I support this message.
I won't take credit for this description (I first heard it used by Harlan in Fairfax VA years ago), Nintendo Forensics… enough said.
Ya Harlan wears that Nintendo forensics idea out to the bone. PERL, PERL, PERL, command line, command line. I remember Craig Ball also making up an article how to cross experts and not let them get away with saying I loaded up the evidence (black box).
If Nintendo or push button forensics is what it tends to be called, then I hate to tell you but there are only a very small number of you in the world who don't use push button or Nintendo forensics. And having Encase, FTK, X-Ways doesn't make you a Nintendo forensics person
I won't take credit for this description (I first heard it used by Harlan in Fairfax VA years ago), Nintendo Forensics… enough said.
I do not like the "Nintendo forensics" expression. Forensics on Nintendo systems can be quite challenging. mrgreen
Now, for push button forensics - my loose, and ever-changing defininition of "push-button forensics" is when a tool is used without understanding what it is really doing.
Yes, I think one can be doing "push-button forensics" with FTK or EnCase.
In my opinionated opinion, push-button forensics can be accomplished with any and all tools. It is not tool dependent. If the user has no grasp of the basic concepts about the tool, how it functions, how it generates the results - that is push-button forensics to me.
I think a reasonable analogy would be tier 1 help desk support. They are adept at following a prescribed flow, but anything out of norm would trigger an escalation. Push-button help desk . . .
Ya Harlan wears that Nintendo forensics idea out to the bone. PERL, PERL, PERL, command line, command line. I remember Craig Ball also making up an article how to cross experts and not let them get away with saying I loaded up the evidence (black box).
If Nintendo or push button forensics is what it tends to be called, then I hate to tell you but there are only a very small number of you in the world who don't use push button or Nintendo forensics. And having Encase, FTK, X-Ways doesn't make you a Nintendo forensics person
I won't take credit for this description (I first heard it used by Harlan in Fairfax VA years ago), Nintendo Forensics… enough said.
That's not fair to Nintendo.
Nintendo products are well designed, are a pleasure to use and backwardly compatible.
I quite enjoy Tiger Woods Golf on our Wii. 8)
! NES ! forever !