Employment and Career Issues: Looking for a winter internship.
Hello, My name is Casey Klein, I recently finished my second year as an undergraduate at Bloomsburg University of Pennsylvania studying Digital Forensics. In the past two years I have taken an intro to...
View ArticleMobile Phone Forensics: State of iPhone and iPad forensics (physical & logical)
Coligulus wrote: The only problem with this approach is if you fine tune it too much and the password you are cracking doesn't follow the assumed pattern then once it completes without finding the code...
View ArticleForensic Software: The X-Ways Forensics Practitioner's Guide
Publishing date has been moved up to August 2, 2013. Much earlier than the planned Feb 2014 print date Book details at: https://xwaysforensics.wordpress.com Eric and I just reviewed the entire book...
View ArticleMobile Phone Forensics: Android DDMS Vulnerability
The article states "The flaw is located in an Android component known as the Dalvik Debug Monitor Service (or DDMS), the virtual machine that runs software on Android devices. The vulnerability affects...
View ArticleEducation and Training: Ensript not producing any results
any message found in the console?
View ArticleMobile Phone Forensics: iPad 2 locked
Yeah, if you have the pairing key for the device which can be found at either: Mac OSX - /var/db/lockdown (deviceUDID.plist) Windows - The location of the key file varies depending on the version....
View ArticleEducation and Training: Help gathering requirements for a crime scene search sim
Hello all, I’m currently writing my dissertation for a Masters in Digital Investigations & Forensic Computing, and I've chosen to design a crime scene search simulator for training students &...
View ArticleForensic Software: GMail Header Information / IP Locations
Similar to Bulldawg's suggestion, there is also wigle.net for Wifi Wardriving. Aside from the keyword search for IP addresses (Using RegEx) - Is or was Skype installed on the hard drive? If so, check...
View ArticleGeneral Discussion: are old floppy disks(diskettes) erased with a few passes?
mobileforensicswales wrote: Microwaves and fires are good too. Big magnets. Scissors. Pretty easy to distroy
View ArticleGeneral Discussion: Sections of Unallocated Space Filled with 0xFF
laura4458 wrote: What explanations are there for sections of unallocated space being filled with 0xFF's? The simplest is probably use of one of those tools that wipe free disk space. Which one ... if...
View ArticleGeneral Discussion: Totally erasing pc before reinstalling Op.System?
electronic_x wrote: a)However, I am not sure of this: If I use HDDERASE and reboot from a pendrive and erase all, I suppose I will totally lost in the future the option "System Recovery" and always I...
View ArticleMobile Phone Forensics: Burner - Disposable Phone Numbers (Android/iOS) App
This post was the first time I heard about the Burner app. I recently took a look at the artifacts left on an iPhone by the Burner app which is designed to provide disposable ‘burner’ phone numbers. I...
View ArticleForensic Hardware: Motherboard Recommendations
davepawlak wrote: Went with another ASUS RIVE and added 64GB of Corsair 1866 RAM. Everything works fine EXCEPT I can not get Windows to report the full 64GB of RAM in the System window. The UEFI BIOS...
View ArticleGeneral Discussion: Question on ext3/ext4 filesystem forensics
Hello, I just read the SANS institute paper: http://www.sans.org/reading_room/whitepapers/forensics/advantage-ext3-journaling-file-system-forensic-investigation_2011 In summary, the author recovers a...
View ArticleGeneral Discussion: Totally erasing pc before reinstalling Op.System?
electronic_x wrote: Regarding #3 -Are installing S.O using System Recovery similarly effective in wiping since Vista, or only installing fro CD does he job? It depends. Some "recovery partitions" are...
View ArticleGeneral Discussion: Question on ext3/ext4 filesystem forensics
Carving does not produce file names, file dates, or handle fragmented files. Enough differences?
View ArticleGeneral Discussion: Translating Windows7 Registry Data Name/Value
Thank you guys so much! I tried for 2-3 days to reply back to the responses but FF kept trying to get me to log in, even though I was already logged in here. Then when I would log in "again", it would...
View ArticleGeneral Discussion: Detection of Forged Documents
All have mostly similar features. However I would suggest VSC-6000 and Forensic XP4010D (not in the order of my preference). Just check the specification of both, choose the one which is suitable as...
View ArticleGeneral Discussion: can't get physical image from HPFS/NFTS partition
No HP present. I'll try dd, thanks.
View Article