Brett's Blog

Just some ramblings.

Bio-hacked humans and digital forensic issues...

Bio-hacked humans and digital forensic issues...

If you thought The Grudge was the scariest thing you’ve seen on screen, you must have not yet watched Showtime’s ‘The Dark Net’.  In short, the series show how humans are procreating less and merging digitally into technology with bio-hacks. That makes for a bad combination on a few different levels.

Without getting into non-techical issues (such as moral, ethical, or legal), I have a technical question: How the heck are we going to going to do a forensic analysis of a bio-hacked…human?

Before the human race ends up looking like robots, we are already in the era of implanting electronic data devices in our bodies.  Check out http://dangerousthings.com to find how you too can jab an injection device into your hand and shoot a RFID under your skin…all by doing it yourself. As for me, I don't think I'll be joining in that movement anytime soon.

RFID (http://en.wikipedia.org/wiki/Radio-frequency_identification) tags store data. Data such as medical, financial, personal, or any type of information can be stored on a RFID tag, although the amount is quite limited currently (2-10 kilobytes?).  That's not much data, but depending on the content, it may be more than enough to cause a war or bankrupt a company.

...
Continue reading
1230 Hits
1 Comment

Imaging with X-Ways Forensics

The current (and free) issue of eForensics Magazine has an article on imaging with X-Ways Forensics.   Of course, the XWF Guide is more detailed, but to get an idea of some of what XWF can do with imaging,  take a look at the article.

eForensics_17_2013-11 http://eforensicsmag.com/jumpstart-3-free/
 

 

453 Hits
0 Comments

Creating distributable test images

I'm in the process of creating working materials to go along with the XWF Guide in the form of exercises and test images.  I expect to be finished in 2014 or 2015 or ...(it all depends on time available).  The materials will be freely available but will really only work best with the XWF Guide.  And yes, I know I can use images already available, like at http://digitalcorpora.org/corpora/disk-images, but these datasets will be made to demonstrate all the neat things detailed in the XWF Guide.wipe

One thing I'd like to point out regarding an issue with creating forensic images when giving images to students that contain data may violate the EULA if distributed. Files like commercial programs and operating systems.  Anyone that deals with this in training will be happy with how XWF can be used to address this problem.

With the "Cleansed Image" option of XWF, simply exclude/hide any and all files that would violate any privacy concerns or EULA violations before creating the image. Then create the image :)

This gives you a complete (minus excluded files) disk image without worrying about violating a EULA.  You could do this the hard way by using WinHex to overwrite every single file in question.  Or you can mass exclude files in one fell swoop with XWF and bam.  Image done.  Now you have something to give out to your class.

I've always wondered why some instructors give out complete images of a single system and make the student "promise" not to distribute the files...that is a bit too trusting in my opinion.   And come on, you know who you are...

<and I'll leak a little information from the book on the cleansed image feature.  you can use this technique to remove private/privileged/protected data from an image to comply with a court order but can't produce specific protected data on the image.  an example being a civil case where you need to turn over an image to the opposing expert but have privileged files on the image. don't hex edit it, cleanse it!>

The XWF Guide has dozens of these kinds of tips and tricks, but you get one today for free.  Get the book for the rest of the tips and tricks, you will without a doubt, find something worthwhile that will save you hours or days of work.

380 Hits
0 Comments