Nuix upgrades philanthropic product Proof Finder

Nuix has released Proof Finder 4.2, delivering advanced new features for eDiscovery and investigation professionals. This upgrade extends Nuix’s partnership with Room to Read, a global non-profit organization that seeks to transform the lives of children in Asia and Africa by focusing on literacy and gender equality in education.

Proof Finder is an advanced eDiscovery and investigation software tool which was released by Nuix in December 2011 as a philanthropic venture. Proof Finder is priced at only $100 per year, with 100% of the proceeds from all sales going to Room to Read.“Every day investigators and legal professionals buy Proof Finder licenses to access Nuix’s world-leading eDiscovery and digital investigation capabilities. The feedback we have received tells us that most are surprised at the huge range of features that they are getting at this price point, and that they are proud to be part of our philanthropic effort,” said Eddie Sheehy, CEO of Nuix.

Ongoing sales of Proof Finder have enabled Nuix to donate a further $35,000 to help Room to Read build a school in Sri Lanka and $7,500 to sponsor 30 girls to complete secondary education. This follows an April 2012 donation of $44,000 toward the construction of a school in Nepal and the publication of local-language school books. Details on these projects can be found at www.prooffinder.com/projects.

“Every Proof Finder license sold makes a tangible contribution toward improving opportunities and quality of life for children in Asia and Africa,” said Room to Read Founder, John Wood.

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Proof Finder 4.2 matches many of the capabilities in the latest version of Nuix’s eDiscovery and investigation products, but is limited to a maximum case size of 15 gigabytes.
New sought-after features include:

– Mobile device forensics with support for Cellebrite and Micro Systemation XRY mobile images File system forensics including carving out full and partial deleted files and slack space
– A hex viewer to examine the binary structure of files
– Expanded clustering and near-deduplication capabilities.

“We initially made Proof Finder available for a limited time, but its popularity with the investigation and eDiscovery community and its outstanding philanthropic results have convinced us to retain it as an ongoing project,” said Sheehy.

About Nuix

Nuix (www.nuix.com) is a worldwide provider of information management technologies, including eDiscovery, electronic investigation and information governance software. Nuix customers include the world’s leading advisory firms, litigation support providers, enterprises, government departments, law enforcement agencies, and all of the world’s major corporate regulatory bodies.

About Room to Read

Room to Read (www.roomtoread.org) is a global organization seeking to transform the lives of millions of children in Asia and Africa by focusing on literacy and gender equality in education. Room to Read works in collaboration with local communities, partner organizations and governments to develop literacy skills and a habit of reading among primary school children and to ensure girls have the skills and support needed to complete their secondary education. Since 2000, Room to Read has impacted the lives of more than seven million children in Asia and Africa and aims to reach 10 million children by 2015.

Leave a Comment

Latest Videos

Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS

Forensic Focus 22nd June 2022 5:00 am

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run. 

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems. 

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run.

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems.

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_i0zd7HtluzY

A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems

Forensic Focus 21st June 2022 5:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...