I can’t brain properly so I’ll just tell you what I’ve done this week

I just spent a good few minutes staring into the middle distance in my office, trying to work out how to theme this post and what to write at the beginning of it. Then I opened my notebook and flicked through it absently. Then I clicked on my WhatsApp window and scrolled down a couple of conversations I’ve had with friends.

Then I snapped out of it and just started to write.

Normally I open these weekly round-ups with a spiel about something that’s been on my mind over the last few days, but very little has been in my head this week except a constant spinning to-do list, rolling down into an eternal deep.  Read more

Executing Windows Command Line Investigations by Hosmer, Bartolomie & Pelli

I met Chet Hosmer at DFRWS in Providence, Rhode Island, earlier this year. Over lunch I explained my upcoming digital forensics book to him, and he was very supportive. When I arrived back in England a copy of one of his books was waiting for me, along with an encouraging note.

Well, the DFIR book project has taken a backseat over the last few months due to me taking on a new psychology of religion research project, but maybe it’ll come back. In the meantime I thought I’d take a look at Chet’s book and write a quick review of it.  Read more

Review: BlackLight from BlackBag

When I had a meeting with BlackBag a while ago, I was pleasantly surprised by how knowledgeable and enthusiastic the representatives seemed about their products. Not only were they open to showing me all sorts of things the tools could do, they also knew the back stories to how they were created, and why they’re necessary for the field.

So when I got the chance to review the latest version of BlackLight, I decided to go for it.  Read more

How Do I Fit It All In? Six-Month Roundup

A few months ago, tired of people going “How do you fit it all in?!”, I started a blog series to answer that exact question. It was partly for other people but also partly for me; I wasn’t sure how I fitted it all in either. The answer used to be “I barely sleep” but these days I’m often in bed by 8pm, sometimes significantly earlier, so I knew it wasn’t that.

But apparently I still manage to live many lives and do loads of things. So how do I do it? This week marks week 21 of my ‘How Do You Fit It All In?’ series so I thought I’d go back through them and work out if there’s a direct answer to that question.  Read more

Review: Analyze DI Pro From Griffeye

Those of you who know about my work in digital forensics will probably be aware that I got into the field because I’m very passionate about child protection, so anyone who champions that cause is someone I’m probably going to like. Magnet Forensics has been doing this for years, but recently I became aware of Griffeye, whom I somehow hadn’t heard of before.

A while ago they asked me to review their Analyze DI Pro solution as part of my work over at Forensic Focus, so I did.  Read more

Have Your Say In The House Of Lords’ Select Committee On Science And Technology

Controversy has been raging around ISO 17025 ever since the standard was adopted for digital forensics back in October 2017. Although many people who work in the industry agree that standardisation is advisable and probably necessary if we are to keep moving forward, there have been many criticisms of ISO 17025 and its effectiveness when it comes to digital forensics.

The baseline of the problem seems to be that ISO 17025 was not specifically designed for digital forensics; instead, it takes the standards of ‘wet’ or traditional forensics and applies them to computing devices. This has a number of issues, not least the fact that technological advances are constantly happening; in a field where most large apps are being updated a couple of times per month as a minimum, it becomes very difficult to properly standardise tools and methodologies.

Another concern for many people is the cost associated with accrediting a lab and keeping up with ISO 17025. Reports of accreditation costing in excess of £50,000 have made some practitioners nervous about applying.

Read the full article on Forensic Focus

MacQuisition From BlackBag Technologies

A few weeks ago I met up with a representative from BlackBag Technologies in a Breather room in London. He showed me how MacQuisition works and talked me through some of its capabilities.

Then I flew off to various conferences around Europe and the USA, and I finally got back last week so I have posted my review of the product. You can find it on Forensic Focus.

Also, sorry for the lack of posts recently. I’m trying to do about a million things but it’s 35 degrees in London today and they’re predicting it’ll reach 37 on Friday. I cannot brain in this heat.