Listener Email
- Lots of email this week regarding the DECAF product and Interview
- Ovie is not against transparency, just wants responsible disclosure

Exclusive Interview
Michael, one of the creators and developers of DECAF product spills the beans to Ovie.

News and Commentary
DECAF
There's been a lot of coverage of this, most of it bad. But we've compiled a list of accurate stories for ya:
    - Lots of media coverage, most bad, but a few good sources:
    - Harlan Carvey's Windows IR
    - Forensics Focus
    - Digital Forensic Investigator
    - Praetorian Prefect
        - Reactivating DECAF in two minutes

Collection of Evidence From the Internet
Todd Shipley over at DFI News has a great article about collecting evidence from the Internet.

Scientific Working Group on Digital Evidence (SWGDE)
The folks over at SWGDE have done some great work on creating standards and strenthening the handling of digital evidence.  Check out their recommendations and responses to other industry movments at their website.

Also check out the Forensics Certification board at http://www.ncfs.org/dfcb.


Website of the Week
 Ovie: http://www.mint.com/ - Best free way to manage your money. Basically an online Quicken
 Bret: http://www.dfinews.com/ - Great resource for forensic news

Check out Friends in Tech's Geek Christmas Story!

Full interview of Developer of Decaf

Only 9 shopping days until Christmas!!. In today's show Ovie lets slip details from his latest incident response job, Bret interviews Simson Garfinkel, and lots of great forensics talk. And at the end, Ovie tells you how you can save your marriage! Website of the Week Ovie: http://www.familylife.com - Check out great holiday romance ideas Bret: Check out the Digital Forensics wave on Google Wave, search for "with:public forensics"

Show Notes for December 6th 2009, we have a great show for you today. Today we have an interview with Brian Karney the COO of AccessData.  Brian talks with us about FTK 3.0 and support for Helix.

Ovie makes a stunning confession, listener email, new important changes to Rule 41 of Search and Seizure, Passware Kit 9.5 Decrypts BitLocker Hard Drives, Supports PGP, and Windows 7.

Web Sites of the Week:
http://www.zagg.com/accessories/zaggsparq.php
http://ralphlosey.wordpress.com - great resource for legal cyber information
http://audiko.net/

CYBERSPEAK Notes - November 29, 2009 This week in Listener Email, we talk about an alternative way our friends in DOD can listen to the show - Just call (510) 495-6339 and you will hear the latest podcast over the phone. Twitter as a life line for information during Ft Hood shooting, more on Internet connected jury members and online recon when choosing juries. In the news we discuss Virus planting porn and there is nothing wrong with working with defense. This weeks Interview with Drew Fahey - formerly from e-Fense, maker of Helix, now with BLACKBOX. **************Web Sites of the Week: Ovie: http://sixminutes.dlugan.com - A great public speaking website Bret: www.lala.com - listen to any song full length...one time Â

Show Notes Here Soon..

Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is November 14st 2009, and we have a great show for you today.  We have a short show for you this week.  Ovie's on vacation but we are trying not to miss another week so we thought we would bring you a shorter show rather than missing a week.
 
**************Administrative

Ovie
That's right, as we speak I am touring around in the mountains of North Carolina and Tennessee.  me the wife and the dog  

 
**************Listener Email
 
Jim - What affect do you see the buzz word "Cloud Computing" having on computer forensics.
Incident Response
Identify Social Networking, chat clients (twitter and others) web based email, file storage space, etc
identify and issue preservation order


**************News  

http://www.star-telegram.com/local/story/1719591.html
The Texas Department of Public Safety plans to reduce its "unacceptable" backlog of computer examinations that are crucial in child pornography investigations, agency Director Steven C. McCraw announced Wednesday.  Currently, 45 examinations are pending at the crime lab, and about half of those involve possible child pornography, according to DPS.
Each examination takes 30 days to several months, depending on the caseâs complexity.

The agency has not set goals on how quickly it hopes to complete examinations because each is different, said Tom Vinger, a DPS spokesman.

Some agencies are actually outsourcing some of their forensic work which i think can be a good thing.

www.google.com/dashboard
 

**************Tech Topics  

File Saving saving process.
See Documentation at the following links:

Documentation of Creating File 1

Documentation of Creating File 2

See Chart of File Creation

Watch the movie of how I did it.
 
**************Web Sites  

www.bringfido.com

www.informationleak.net

Today on Cyberspeak we have an interview with Matt Shannon from f-Response about the new, soon to be released Tactical edition of f-Response. Ovieâs on Google Wave - but no one else is. Listeners email, Windows 7 sold over 200% more in first week of sales than Vista. Sofoâs lab says you still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3." Firefox 3.6 Beta (for Mac Win & Lin) is out for those who like living on the edge and for those forensic examiners that like testing new versions to identify .  Forensic Evidence Secures Death Penalty-Gang Members use Social Networking Too.  IC3 reports increase in compromise of user's online banking credentials target commercial bank accounts

The Personal Data Privacy and Security Act was approved by the Senate Judiciary Committee by a vote of 15-5 The bill would required notifications of not just individuals affected by a data breach, but also, in some cases, credit reporting agencies and the U.S. Secret Service (not FBI). It would establish a new Office of Federal Identity Protection within the FTC. Let's get ready to Rumble earns 400 million in IP revenue.

Web Sites of the Week:

http://statbrain.com

http://www.searchlores.org/defpasslist1.htm 

Today Ovie and Bret talk about SANS What Works in Incident Detection, SSD Drives, Data Breach Notification Laws, Rob Lee in Computer World, Tips for the Courtroom, Interview of Joseph Mykytyn from Sky Catcher Solutions, and Linux Boot Disk Forensics Research. Web Sites of the Week: http://www.zdziarski.com/projects/amberalert/ http://ceevee.com/ http://www.bing-vs-google.com/

We're BAAAACCCKKK! After a summer hiatus we are back in the studio again. Catch up on what we have been doing while we were gone, why Bret did this podcast in the nude, how Bret used F-Response to boot a LiveView image across the network, FTK 3.0, some iPhone apps, and web sites of the week. We missed you and glad to be back. Send us email at cyberspeak at gmail dot com. SPECIAL THANKS to George Starcher for doing our audio!!!

Our live show from SANS What works in Incident Response and Forensics 2009 if here!!!   Lost in a freak Snow Leopard accident involving several rolls of duct tape and a back of Frito's - it has be resurrected!   Audio quality still sketchy but it is here.

So, now you can stop with all of the emails...   Enjoy.

Bret

BACK!!!

Bret and Ovie discuss SANS What Works in Forensics and Incident Response Summit 2009, Drive Hell, Firefox 3.5, U.S. Supreme Court ruling on lab analysts in court, and new data breach notification laws on the books.

This week on CyberSpeak, Autographed Washington Wizards Basketball for sale to support charity Samaritans Feet, www.samaritansfeet.org, SANS Forensic Summit Discount CodeCYBERSPEAK10, new EnScripts at 42LLC http://42llc.net/index.php?option=com_myblog&Itemid=39, Digital Forensic Challenge www.dfrws.org, discussions about the 2009 Cyber Security Act, Philly RCFL gets ASCLAD, Ft Smith Police Dept overwhelmed with Child Porn cases, Ikena's new video forensics software http://www.matek.co.uk/#/ikena/4532507196, and web picks are:

http://www.trapcall.com/

http://www.google.com/insights/search/#

http://www.msisac.org/dashboard/Show Notes... Hey Ovie... Show notes got wasted fixing the feed.. I think they were messing it up somehow... Good news.. Feed Fixed... Bad news... Notes are gone.. :(

Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is March 22, 2009

*****Administrative*****
The Sans Forensic Summit is now on the books and scheduled for July 7-8 2009 in Washington DC and SANS new Sec 408 Computer Forensics Course.  Also check out the Sans Forensic Blog for some GREAT forensic reading.

*****Listener Email*****

*****News***** 

Reading keystrokes with a laser....

*****Interview*****
Mark Menz on MFT Ripper â Send email to markmenz@mykeytech.com
2009 HTCIA Conference â www.htcia.org or www.htcia2009.com

*****Tech Topics*****
VOOM TECH HARD COPY III

LOGICUBE DOSSIER

*****Web Sites******
www.getsatisfaction.com
http://www.newseum.org/todaysfrontpages/

Show notes for March 15, 2009
Welcome back CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is March 15, 2009.

*****Administrative*****
The new Windows Forensic Analysis DVD Toolkit, Second Edition (Paperback)
by Harlan Carvey (Author) is available for preorder through Amazon.

http://www.amazon.com/gp/product/1597494224?tag=multimecom-20]Windows

Put it on your calendar - The Sans 2009 Forensic Summit is now on the books and scheduled for July 7-8 2009 in Washington DC.  Ovie will be there speaking about Current Trends and the Future of Forensics.

*****News***** 

The Digital Forensics Certification Board (DFCB) founded by the National Institute of Justice through a Cooperative
Agreement at the University of Central Florida's National Center for Forensic Science are accepting applications for Founders certification.
For a limited time, March 2, 2009 through August 30, 2009 experienced members of the digital forensics community can achieve these certifications through the Founders Process. Go to http://www.ncfs.org/dfcb/index.html for more information.

The New version of iLook PI is available at http://www.perlustro.com/

*****Interview ***** 

Interview With Drew Fahey, Chief Technology Officer for e-fense about the new Helix3

*****Web Sites***** 

http://www.google.com
http://www.adrive.com/

Windows powershell 2.0 http://www.microsoft.com/downloadS/details.aspx?familyid=60DEAC2B-975B-41E6-9FA0-C2FD6AA6BC89&displaylang=en

Welcome back to CyberSpeak. Bret and Ovie are back in the country. This show we have an interview with the developers of Highlighter, a new log analysis tool, Jed Mitten - Senior Consultant and Jason Luttgens - Principal Consultant from Mandiant. Check out this free tool at www.mandiant.com/software/highlighter.htm. Also, check out the Mandiant blog for some other tools. In listener email we discuss U3 thumb drives and encryption and schools doing data recovery without a private investigatorÃs license. Helix pro is being released and the Polytechnic University in Brooklyn has discovered a digital fingerprint that will allow you to tie a digital image to a specific made and model of camera. Web picks are www.tineye.com and www.spokeo.com .