Thu, 1 December 2011
This special episode of CyberSpeak is an interview with Ken Privette with NUIX about their new tool release this morning called Proof Finder. They are releasing 1,000 copies for $100 each of this new tool. Go get a copy before they are all gone at www.prooffinder.com. This special limited edition tool is limited to 10G of data. What does 10G of data look like, Nuix says it is an average of 241,165 Emails or 20333 Documents or 7069 Spreadsheets or 25514 Images. It can ingest all major forensic images (E01, DD, etc)
Listen to the show for more details. 100% of all sales go to charity "Room to Read", an organization that works in collaboration with communities and local governments in developing countries to develop literacy skills and a habit of reading among primary school children, and support girls to complete secondary school with the life skills they’ll need to succeed in school and beyond.
ALERT-Download and install on the computer you want it registered to. Initial installation will lock it to that computer.
Sun, 25 September 2011
This week on CyberSpeak I interview Andrew Case, one of the developers of Registry Decoder, a National Institute of Justice sponsored application. Find it at www.registrydecoder.com
Sun, 28 August 2011
This week on CyberSpeak, a quick thanks to everyone for pitching in on the ForensicsWiki - I saw over 100 new entries on everything from Sticky notes, mounting images, jump lists to people's BIOS. Jim Emailed asking who the mystery voice was in out CyberSpeak Sweepers - Karl over from CyberCon Security Solutions said wrote in to say he just ran across this site today and thought it might be a great resource for the listeners. It is not focused on Cyber Security but the concepts are the similar to help prepare for trial. LAW 101: LEGAL GUIDE FOR THE FORENSIC EXPERT. Shout out to Charles. Finally, Loren Wrote in and said during the interview, Keith Jones mentioned preparing for court by asking others for their opinions. Are there any ramifications of bringing others into the case like that?
In the News, Google, The Company with the motto - DO NO EVIL - agreed to forfeit $500 million to the U.S. Government for allowing -- and assisting in many case -- online Canadian pharmacies to place AdWords ads targeting customers in the United States resulting in the unlawful importation of controlled and non-controlled prescription drugs into the United States.
This weeks interview is with Chris Pogue, Mr. Sniper Forensics!
Thanks to Dan Website of the week is Workflowy https://workflowy.com/
Sun, 21 August 2011
CYBERSPEAK Notes - Aug 21st, 2011
I attended a nice Apple Forensic Event this week in Reston VA - Saw a lot of friends and had a good time. Ryan gave a great presentation on Apple forensics. Ryan runs the AppleExaminer.com
Paraben's Forensic Innovation Conference
PFIC is fast approaching and you know, it's becoming one of the the must attend conference each year for digital forensic and eDiscovery professionals. This year, there are seven pre-conference bootcamps that are included in your conference registration fee of $399.00. You can attend any single bootcamp and then the rest of the conference tracks and labs for this rate. This is all being brought to you by our friends over at the Paraben Corporation (Amber Schroader).
You can register by heading over to pfic-conference.com
http://www.forensicswiki.org - We all should go check this site out, sign up for an account and start contributing. This is the way we can all give back to the community. Write a How-To or something to give back to the forensic community.
Listener Email -
Richardo from Navada Concerned about those performing collateral duty of doing digital forensic examinations. Frustrated to read article after article in digital forensic publications that cover the deconstruction of a complicated piece of malware. he would rather have articles that rehashed digital forensic basics and covered free automated/low cost tools that help me do my job efficiently and reliably.
London Police are using Flicker to allow the public to help identify people involved in the looting following riots in London.
Welcome back to the show Drew Fahey, VP of Products at Blackbag Technologies.
Web Sites of the Week-
http://t.co/vEmtzCA - A guide to FaceBook Security
KEEP THE EMAILS COMING to CyberSpeak@gmail.com
Sun, 14 August 2011
This week on CyberSpeak, Luby and Jared Save the GMail Planet, Detective Garcia uncovers Fraud on Sesame Street. Congrats to the Secret Service and FBI on a great investigation of a 26 year old Brooklyn man who plead guilty in U.S. District Court in Alexandria, VA for his role in managing a credit card fraud operation that operated throughout the East Coast of the United States. California Prosecutors will not file charges against Gizmodo for its purchase of an iPhone 4 prototype (boo). Interview this week is Keith Jones, Co-Owner and Senior Partner at Jones Dykstra and Associates Inc., about the do's and don'ts of testifying. Tech topic, MoonSol's Dumpit released for FREE. Perfect for imaging RAM on 32 or 64 bit Windows System. It just does not get any easier than this-Check it out. Web pick of the week is http://Infosecupdate.com. KEEP THE EMAILS COMING!
Mon, 8 August 2011
Chris Hanesn caught cheating...on his mistress Launch of the CDFS www.cdfs.org, DFirst starts this week and more.
Sun, 17 July 2011
A quick show with George Starcher discussing his experience with password cracking using Access Data’s DNA and Amazon’s Elastic Compute Cloud. Check out his video tutorials at https://www.georgestarcher.com/?tag=amazon-ec2. We also discussed his Crowbar tool, https://www.georgestarcher.com/?page_id=256,
Sun, 26 June 2011
This week on CyberSpeak, a listener alerted me to my faux pas with the names on the Casey Anthony case, the two that testified about computer forensics were Sandy and Kevin (not Steve) and of all things, I called the Bresident of Access Data Brian Carrier instead of Brian Karney. Sorry guys!
This weeks interview of Josh Goldfoot, an attorney and author of the recent paper titled ”The Physical Computer and the Fourth Amendment” published in the Berkley Journal of Criminal Law. This paper discusses how the forth amendment applies to computer forensics and how we may be hurting ourselves by using certain words and explanations.
Web site of the week is a neat little web browsing and twitter application called A+ that give you your feeds on the left and browser on the right. Click on any twitter message the web page they linked to shoes up in your browser window automatically. Check it out at http://www.aplus-app.com
Sun, 19 June 2011
This week (OK, this quarter) on CyberSpeak, FTK 4 coming out using Postgres database rather than Oracle. During listener email we discuss if special language is needed for search warrants when collecting volatile data, imaging RAM or conducting on scene triage. Imaging SSD drives using the WinFE boot disk solution (
In the news, A computer repairman was arrested for allegedly planting spyware on dozens of computers he fixed and remotely taking hundreds of photos of women in their homes partially clothed or naked. If you see the message "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor." DONT take your laptop into the shower. Check it out at
I got fooled into readng an article because of a Miss-leading article about Seals using forensic tools on Osama Bin Ladin's compters.
Interview this week is with Mike and Mike about Carbon Black.
An absolutly MUST read article "The Physical Computer and the Fourth Amendment" by Josh Goldfoot. Awesome document that is Brilliantly referenced. It is a long read but a MUST read. We will discuss next week. Read up before next podcast (who thought you would get Home Work from CyberSpeak?).
Website of the week:
Steve Gibson’s password checker – how long would it take to crack your password and the best HTML5 webpage I have seen. Check out this personalized music video staring any address you tell it to. http://TheWildernessDowntown.com
I will be teaching another SANS 408 Forensics-Windows in Depth VLIVE course starting Tuesday August 23rd (Every Tuesday and Thursday Night for 3 hours a night)
DONT FORGET TO USE OUR DISCOUNT CODE OF COINS-OC for 10% off.
But wait, sign up before this week, before June 22, you can get a 16 gig iPad2. The codes are 0526_iPad2BLK (for a black iPad) or 0526_iPad2WHT (for white)
Tue, 5 April 2011
Interview with Scott Moulton, leading forensic authority on Solid State Drive Forensics