I haven't tried it yet, but from now on I'm planning on going to those sites and using the names I pick up as the basis for a indexed searches in FTK.
D
Getting back to twitter, it's obvious some database is created. How does that work? Is there enough information deposited to make that a database for somebody who asks people to twitter them?
I didn't quite follow that one (probably too soon after breakfast), could you rephrase?
Jamie,
There were two thoughts expressed here
The first had to do with a computer forensic examination. We use FTK 3.0.4 and almost always conduct a full indexing. It is also our practice to ask our client for anything and everything they know about the subject. Of course, we are picking up a lot of names of contacts during our analysis, but as you know, not every name comes up in the overt address book. One technique we have used is to look at Facebook contacts and start looking at their contacts. This sometimes gives us leads. What I am considering doing now is taking results of that manual Facebook search, and using dTsearch run those names back through and determine if there is a relationship I should know about. Because dTsearch is so fast, this is the type of thing that can be done in less time than it's taken to reply to you.
As I was writing this I recall that for password cracking access data previously recommended going to subjects website and including that data in preparing a dictionary for attacking passwords. They don't recommend that anymore. However it would seem to me that it would cost very little in time to manually input Facebook contact names into the PRTK dictionary maker. Just a thought.
The second issue I was thinking about had to do with twitter. I don't know anything about it, but I guess that somehow if you twitter a person they pick up some sort of identification of you. I speculate that that information is stored in some sort of database. I was curious to know what the data actually consisted of and where it was stored. All this getting to the underlying question which is is there anything of intelligence value being stored and if so where it is stored and how can I get it?
The short answer is that intelligence is being generated and presumably stored someplace. I would like to know where it is kept and how I could get it if I wanted it,
Good questions. I must confess I know next to nothing about uncovering data from Twitter usage - perhaps someone else could comment? Presumably whether the subject is using Twitter solely through a browser or is using one of the apps (e.g. TweetDeck) will make a difference to any data stored locally.
New recommendations-
Eric J. Huber- @ericjhuber
Happy As A Monkey- @happyasamonkey
Jamie,
There were two thoughts expressed here
The first had to do with a computer forensic examination. We use FTK 3.0.4 and almost always conduct a full indexing. It is also our practice to ask our client for anything and everything they know about the subject. Of course, we are picking up a lot of names of contacts during our analysis, but as you know, not every name comes up in the overt address book. One technique we have used is to look at Facebook contacts and start looking at their contacts. This sometimes gives us leads. What I am considering doing now is taking results of that manual Facebook search, and using dTsearch run those names back through and determine if there is a relationship I should know about. Because dTsearch is so fast, this is the type of thing that can be done in less time than it's taken to reply to you.
As I was writing this I recall that for password cracking access data previously recommended going to subjects website and including that data in preparing a dictionary for attacking passwords. They don't recommend that anymore. However it would seem to me that it would cost very little in time to manually input Facebook contact names into the PRTK dictionary maker. Just a thought.
The second issue I was thinking about had to do with twitter. I don't know anything about it, but I guess that somehow if you twitter a person they pick up some sort of identification of you. I speculate that that information is stored in some sort of database. I was curious to know what the data actually consisted of and where it was stored. All this getting to the underlying question which is is there anything of intelligence value being stored and if so where it is stored and how can I get it?
The short answer is that intelligence is being generated and presumably stored someplace. I would like to know where it is kept and how I could get it if I wanted it,
May want to check out the TweepFreeze project
http//
@copgeek018
Social Media Archiving
http//
Interesting ….
Great lists.
Thanks
http//
Add if you like