Archives

Pages:

• About
  • Schedule
• About Me
• About this blog
• Archives
• Blog
• Contact a Forensic Scientist
• Resources

Categories:

• Administrivia
• Computing theory
• CSI
• Digital forensics
  • Code forensics
  • Host forensics
• Forensic tools
• Fundamentals
• Miscellaneous
• Self replicating code

Authors:

• Mike (41)

Monthly:

• April 2010
• February 2010
• December 2009
• October 2009
• September 2009
• February 2009
• April 2008
• July 2007
• May 2007
• March 2007
• January 2007
• December 2006
• November 2006
• October 2006
• September 2006
• August 2006
• July 2006
• June 2006

Recent Posts:

• If Apple did computer forensics…
• Outlook PST (Personal Folder) File Format Now Available From Microsoft
• Site Updates
• Microsoft to Release the .PST File Format
• Computer Forensic Exam of Najibullah Zazi’s Laptop
• The Meaning of LEAK Records
• The Single Piece of Evidence (SPoE) Myth
• Sometimes the answers are enough, sometimes they’re not
• The admissibility vs. weight of digital evidence
• CitySec meetup in Los Angeles
• Recovering a FAT filesystem directory entry in five phases
• The five phases of recovering digital evidence
• How forensic tools recover digital evidence (data structures)
• Evaluating Forensic Tools: Beyond the GUI vs Text Flame War
• Copying 1s and 0s
• Exhibits from deposition of RIAA’s expert available online
• Transcript of deposition of RIAA’s expert available online
• Planting evidence
• Caught in the act…
• How digital forensics relates to computing
• The basics of how programs are compiled and executed
• Digital forensics in a comic
• Self replicating software – Part 4 – The difference between worms and viruses
• Two tools to help debug shellcode
• Site move
• The basics of how digital forensics tools work
• Digital Forensics Documentation
• What CSI does right
• Deductive and Inductive reasoning
• Information Context (a.k.a Code/Data Duality)
• Silence…
• “Forensically Sound Duplicate” (Update)
• “Forensically Sound Duplicate”
• Self replicating software – Part 3 – Other methods
• Self replicating software – Part 2 – Recursion theorem proof
• Self replicating software – Part 1 – The Recursion Theorem
• Naming structure of recycle bin files
• Base+Offset notation (or why we start counting with zero)
• Argument for MD5
• The switch to Levenger
• About this blog