I can’t brain properly so I’ll just tell you what I’ve done this week

I just spent a good few minutes staring into the middle distance in my office, trying to work out how to theme this post and what to write at the beginning of it. Then I opened my notebook and flicked through it absently. Then I clicked on my WhatsApp window and scrolled down a couple of conversations I’ve had with friends.

Then I snapped out of it and just started to write.

Normally I open these weekly round-ups with a spiel about something that’s been on my mind over the last few days, but very little has been in my head this week except a constant spinning to-do list, rolling down into an eternal deep.  Read more

Matt McFadden on the Psychology of Child Exploitation Investigations

As most of you know by now, I’m currently training to be a psychotherapist, because I don’t have enough strings to my bow already. I know I want to practise existential psychotherapy but I’m not yet clear on whether there’s a particular group of clients I’d like to work with. I’ve recently been thinking, however, about working with law enforcement officers, particularly those who are engaged in investigating cases of child exploitation, human trafficking and counter terror. I have the advantage of understanding these industries from the inside, and hopefully with the benefit of psychotherapy training I’ll be able to make a difference to the field by helping people to deal with some of the things they’re seeing.  Read more

Have Your Say In The House Of Lords’ Select Committee On Science And Technology

Controversy has been raging around ISO 17025 ever since the standard was adopted for digital forensics back in October 2017. Although many people who work in the industry agree that standardisation is advisable and probably necessary if we are to keep moving forward, there have been many criticisms of ISO 17025 and its effectiveness when it comes to digital forensics.

The baseline of the problem seems to be that ISO 17025 was not specifically designed for digital forensics; instead, it takes the standards of ‘wet’ or traditional forensics and applies them to computing devices. This has a number of issues, not least the fact that technological advances are constantly happening; in a field where most large apps are being updated a couple of times per month as a minimum, it becomes very difficult to properly standardise tools and methodologies.

Another concern for many people is the cost associated with accrediting a lab and keeping up with ISO 17025. Reports of accreditation costing in excess of £50,000 have made some practitioners nervous about applying.

Read the full article on Forensic Focus

SQLite Forensics by Paul Sanderson

SQLite forensics is an important part of many digital forensic investigations. Most smartphones and computer operating systems use SQLite, with each device often including hundreds of databases. Despite this extreme proliferation, SQLite forensics is often overlooked in conversations about current trends in digital forensics. Paul Sanderson’s book attempts to redress the balance and bring attention to the importance of SQLite forensics. Read more

How Do Criminals Communicate Online?

Flashpoint, a business intelligence agency specialising in the deep and dark web, recently published a report on the economy of criminal networks online. The report looks not only at where criminals go to communicate on the internet, but also how their communications are structured, and the ways in which online communication has changed the criminal landscape.

Far from the kind of jack-of-all-trades portrayed in TV dramas, today’s cybercriminals structure their operations much like a business, each person having their own specialisms and reporting to the people above them. This helps to ensure that every member of the network takes on tasks that don’t overwhelm them, and often also ensures that the level of communication is kept to a minimum. Each party is only in contact with the level directly above, thus decreasing the likelihood of breaking up the entire network if a single individual’s identity is uncovered by law enforcement.

Read the full article on ForensicFocus

Windows 10 Live Online Training From AccessData – A Review

From the 1st to the 3rd of November 2016, AccessData ran a live online training course to help forensic investigators understand the specific challenges presented by Windows 10, and how they can be overcome.

The course was aimed at people who already had a level of familiarity with both forensic investigation generally and with AccessData’s products, and took participants through all aspects of investigating a Windows 10 system.

Read more