Posted by: Frederick Lane
on 22 October 2009
Early last year, Microsoft Corporation announced that it was developing the Computer Online Forensic Evidence Extractor (COFEE), a USB thumb drive loaded with approximately 150 tools for conducting live forensics on a suspect computer. After an eighteen-month, limited test run with Interpol, Microsoft is now making the device widely available to law enforcement agents across the United States.
Posted by: Frederick Lane
on 12 November 2008
There is growing awareness that the trend towards inclusion of a "private browsing" in Web browsers may make it more difficult (or at least less fruitful) to conduct computer forensic examinations in the future.
On the TechRepublic website, Tom Olzak, Director of Information Security at HCR Manor Care in Ohio, has a new blog posting entitled "How do new private browsing capabilities affect forensics?" He provides a brief overview of how the new feature will work in the various browsers and then discusses some of the implications for computer forensic examiners and corporate IT departments.
Posted by: Frederick Lane
on 25 October 2008
According to computer forensic experts at the
SANS WhatWorks in Forensics and Incident Response Summit, there is a growing interest in software that can capture the volatile data and memory in so-called "live systems." Such data is often lost forever when computer systems are turned off as part of typical forensic procedure.
Digital Dirt Blawg
