Review: Analyze DI Pro From Griffeye

Those of you who know about my work in digital forensics will probably be aware that I got into the field because I’m very passionate about child protection, so anyone who champions that cause is someone I’m probably going to like. Magnet Forensics has been doing this for years, but recently I became aware of Griffeye, whom I somehow hadn’t heard of before.

A while ago they asked me to review their Analyze DI Pro solution as part of my work over at Forensic Focus, so I did.  Read more

Where Do You Write?

Each person’s writing process is different, which is why you still might fail to write a book even if you’re following all the advice you’ve found on people’s blogs. So much of writing life, and freelance life, and life in general, is finding what works for you. And that might be very different from what works for someone else.

A lot of freelancers like coworking spaces because it helps them not to get lonely, for example. Personally, I don’t get lonely. I can’t remember ever having the feeling. So I don’t do coworking, because about 80% of why I’m a freelancer is so that I don’t have to talk to Other Humans all day.

Recently, however, I have discovered that a change of scenery from time to time can be helpful. So I haven’t started coworking, but I have started working from the garden centre café.  Read more

Have Your Say In The House Of Lords’ Select Committee On Science And Technology

Controversy has been raging around ISO 17025 ever since the standard was adopted for digital forensics back in October 2017. Although many people who work in the industry agree that standardisation is advisable and probably necessary if we are to keep moving forward, there have been many criticisms of ISO 17025 and its effectiveness when it comes to digital forensics.

The baseline of the problem seems to be that ISO 17025 was not specifically designed for digital forensics; instead, it takes the standards of ‘wet’ or traditional forensics and applies them to computing devices. This has a number of issues, not least the fact that technological advances are constantly happening; in a field where most large apps are being updated a couple of times per month as a minimum, it becomes very difficult to properly standardise tools and methodologies.

Another concern for many people is the cost associated with accrediting a lab and keeping up with ISO 17025. Reports of accreditation costing in excess of £50,000 have made some practitioners nervous about applying.

Read the full article on Forensic Focus

MacQuisition From BlackBag Technologies

A few weeks ago I met up with a representative from BlackBag Technologies in a Breather room in London. He showed me how MacQuisition works and talked me through some of its capabilities.

Then I flew off to various conferences around Europe and the USA, and I finally got back last week so I have posted my review of the product. You can find it on Forensic Focus.

Also, sorry for the lack of posts recently. I’m trying to do about a million things but it’s 35 degrees in London today and they’re predicting it’ll reach 37 on Friday. I cannot brain in this heat.

Why You Might Want A Co-Author, And How To Find One

Cropped image of two people's hands at a table with coffees and pastry snacks, one person picking up their espresso while the other is writing in a notebook, possibly taking down an interview

The other day someone on Twitter asked me how I’d found a co-author for Windows Forensics Cookbook and I realised it might make a good blog post.

I hadn’t planned on co-writing a book. I hadn’t even planned on writing a book about digital forensics, but the publishers who approached me really wanted me to. I said no several times before eventually saying yes on the condition that I could have a co-author to write it with me.  Read more

SQLite Forensics by Paul Sanderson

SQLite forensics is an important part of many digital forensic investigations. Most smartphones and computer operating systems use SQLite, with each device often including hundreds of databases. Despite this extreme proliferation, SQLite forensics is often overlooked in conversations about current trends in digital forensics. Paul Sanderson’s book attempts to redress the balance and bring attention to the importance of SQLite forensics. Read more