Home | DF News | Web Links | Submit a Proposal | Issues | Press Releases | Subscribe | Login
Aug | July | June | May | April | March | Jan | Dec 09

Digital Forensics Magazine is out now...what are you waiting for?

Welcome to the Digital Forensics Magazine Monthly Newsletter - January 2010

The last month has been an exciting one in the field of digital forensics. As well as our web site redesign and launch, we've seen...

3G encryption cracked in less than two hours

In a jaw-dropping piece of research, a trio of researchers have published a paper explaining how the A5/3 encryption system – which is being phased in on many 3G cellular networks around the world – can be cracked in less than two hours.
 
The revelation by Orr Dunkelman, Nathan Keller and Adi Shamir, details of which have been published on the internet, comes hard on the heels of a very public cracking of the A5/1 encryption system widely used on GSM handsets the world over. Read more...

RockYou hack reveals most common password

A recent analysis of 32 million passwords, obtained in the RockYou.com hack, has revealed that the most commonly used password on the site was ‘123456,' according to database and application security vendor Imperva. After analyzing the data, researchers at Imperva Application Defense Center determined that 290,731 individuals used ‘123456' as their password. The second most common password, used by 79,078 individuals was ‘12345,' and the third most popular password, used by more than 76,790 individuals, was ‘123456789.' . Read more...

PGP whole disk encryption approved for MoD / Armed Forces usage

After several months of tests, PGP Corporation has announced that the Ministry of Defence has approved the use of its Whole Disk Encryption (WDE) technology. Whole Disk Encryption approval was granted by the INFOSEC Product Co-operation Group (DIPCOG) and comes just a few months after receiving baseline approval under the CESG Assisted Products Service (CAPS), allowing usage by the UK government and its agencies. Read more...

(ISC)2 EMEA director warns about DIY cloud computing

According to (ISC)2 director, John Colley, despite the fact that security professionals are getting to grips with new technologies, companies are set to stumble into new areas for putting data at risk with the do-it-yourself (DIY) accessibility of cloud computing.
Coupled with a recovering economy, the (ISC)2 director warns about companies moving into new IT initiatives such as cloud computing before they can be properly resourced
 
"After the cut-backs in 2009, most businesses will be eager to re-engage business initiatives. They should beware of rushing in without giving proper consideration to the security requirements however especially since security teams and projects have been pared back to minimum requirements it will take time to build them back up", he said. Colley added that, adding to this dynamic is the concern that cloud computing will make it very easy for people to get around the internal limitations of their IT department. Read more...

F-Response TACTICAL released!

The F-Respone product line enables forensic investigators and incident responders to mount hard drives from suspect systems in a read-only manner. It includes support for numerous operating systems, including Windows, Linux, Mac OS X, HP-UX, AIX, and Solaris. Under Windows, physical memory can be mounted and analyzed.

What makes TACTICAL groundbreaking is not amazing technical advancements in the product itself, but its ease of use. Essentially, it will enable just about anyone to use the product with little effort, yet yielding powerful results. All of the software and licensing is prepackaged in a pair of USB flash drives labeled Examiner and Subject. Unlike the Consultant and Enterprise Editions, there is no need to run a license management server.

To use it, you plug the Subject USB drive into the machine you want to examine and run the TACTICAL Subject software. Read more...
We're now available in print
Competition Winner
Digital Forensics Magazine announced the winner of the Archos405 Media Player competition, as seen in Issue 1. Readers will remember that in Issue 1, there was a competition to win an Archos media player; the winner of the first competition was Lawrence Gray, a second year Forensic Computing BSc student at the University of the West of England, Bristol in the UK. The team at Digital Forensics Magazine congratulates Lawrence and wish him well in his studies. Look out for more great competitions coming up in Issue 2.
Issue 2 of Digital Forensics Magazine...out on Feb 1st, 2010
A new bigger version of Digital Forensics Magazine will be out in February, so don't forget to subscribe to make sure you don't miss out on the great features and articles that we've brought together.
Digital Forensics Lab
Counter Forensics
Noemi Kuncik & Andrew Harbison continue their look at the world of Counter Forensics. Up to a couple of years ago we would rarely see sophisticated attempts to dispose of evidence, such as “file shredding” and “evidence eliminating” tools. In the last couple of years things have begun to change. Electronic discovery and IT forensic support of litigation have become far more common, together with the use of sophisticated “counter forensic” techniques to inhibit the recovery of valid evidence from computers. Find out what Noemi and Andrew have to say in Issue 2 of DFM.
Virtuall Forensics
Forensic Investigation of the Virtual Environment
If you are responsible for collecting and analyzing digital evidence, you’re already aware of how virtualization is changing the way organizations deliver, store, and manage content. With the growing momentum towards a cloud-computing environment, gone may be the days that forensic practitioners collect an image of a hard disk and head back to the office to analyze the forensic evidence. High performance, distributed file systems, like Google FS, store and deliver data from wide area storage clusters that will span across legal and geographic boundaries. Investigators and forensic practitioners need to have processes in place to address forensic recovery and analysis in the cloud and virtualized environments. We explore some of the legal and technical considerations when undertaking an investigation that has gone virtual.
A subscription to Digital Forensics Magazine - a great gift
Looking for a birthday or Valentine’s gift for someone special? Why not get a subscription to Digital Forensics Magazine? For less than the price of your typical professional quarterly you can make sure you're not missing a trick in the world of digital forensics, either online or in print. Find out more about our subscriptions rates - a great gift for loved ones.
20% discount on Oxygen Suite 2
ElcomSoft Offer
We've teamed up with ElcomSoft to bring readers a really special offer. Within Issue 2 of Digital Forensics Magazine, you’'ll find a voucher for the highly rated ElcomSoft Distributed Password Recovery software, valid from February 1 until April 1 and gives 20% discount. Find out more about ElcomSoft's product

 

Find out how to get your discount, as the offer ends April 1st 2010.
Digital Forensics Magazine
Keeping you in the know. Here's just a few more of the great things coming up in Issue 2, bigger and better and out on February 1st.

Intro to Forensics

For those starting out on their Digital Forensics journey...

 

Just imagine you’re a system administrator for a mid-sized company and you are awoken by your pager at 3am. You call the night time operator who is frantically stating “we’ve been hacked, we’ve been hacked!” You rush into the office to discover that someone had defaced the company website. The perpetrators had apparently hacked into the web server and were displaying their politically charged message all through the web site. Not knowing the extent of the intrusion you start to look through firewall and web server logs. Clearly a crime has been committed here, and not knowing what to do next, you call the police. The dispatcher advised you not to touch anything and that they will send out a uniformed officer and a digital forensic investigator. You comment to yourself, “digital forensic investigator, what’s that...”


The article introduces the world of the digital forensics investigator and the increasingly important role they play in modern crime detection and and prevention.

 

Data Centric Integrity

It does not matter if you are a multi-national corporation, an SME, or a home user; at some point in the future you may need to prove the integrity of an electronic file (be it a document, drawing, voice recording or email).

 

We feature an article by Robert Aynsworth, Head of Software Development at Tru Data Integrity Ltd., who examines the emergence of data-centric information integrity.

 

EU Data Retention Act

 

We feature an article which examines the EU Directive on Data Retention and provides the reader a clear view of the data items that need to be stored on a protocol-by-protocol basis. The article views the directive from a UK perspective.

 

EU Directives always cause debate. Think of the problems caused by the working-hours directive or the data protection directive. But the EU data retention directive has caused more than most. The title and reference is: “Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC”.

Win a great Sony Digital Recorder in Issue 2 of Digital Forensics Magazine

Win a Digital Dictaphone in Issue 2

Our friends at Sony have kindly offered up a state-of-the-art digital recorder for us to give away in issue two's competition.


The Sony Digital Recorder (Windows and Mac compatible) has MP3 stereo recording and playback, as well as advanced dictation features like Digital Pitch Control and Voice Operated Recording, Make sure to get your copy of issue two in order to enter our prize competition.

We get under the hood of Google Android

When the world’s largest search company moved into the mobile application platform business, the lines between cell forensics and traditional computer forensics became even blurrier. Until recently, most cell phones have awkwardly tried to participate in both the voice and data worlds, devices where phones first and data applications were a kludge add-on. However, Android was built from the ground up as a data-aware device and as such provides a wealth of information about how it was used and ultimately the user. The article in Issue 2 provides an overview of the Android platform including supported hardware devices, the structure of the Android development project, implementation of core services such as wireless communication, data storage and other low-level functions, strategies to forensically acquire an image of the device and finally techniques effective in the analysis of the file systems.

 

Find out more about Android...

It's in the Faraday Bag


The ‘Faraday’ bag is intended to shield a mobile phone or similar small device to prevent unwanted applications being invoked remotely, such as wiping the memory, or to prevent possible problems with veracity of evidence. This article presents some of the preliminary results on Faraday Bag testing, including a short introduction to the mode stirred reverberation chamber.

 


Difficulties of a Mobile Phone Practitioner

 

For a long time digital forensics has mainly focused on the computer side of the forensics industry, with mobile phones being more of a secondary industry. This is due to the mobile phone’s lack of abilities, unlike the modern day handsets that are starting to adopt computer elements i.e. iPhone, Android and Windows Mobile. For anyone entering the mobile arena in forensics today would find the array of knowledge and solutions available in mobile phone forensics to be far less than the computing equivalent.

 

Regular Features

360 from DFM

360 – The letters page and IRQ - A regular column on the Forensics Conundrums by Angus Marshall, in his column he discusses the issue of triage.

 

Save 10% with an Annual Subscription

 

A 4-issue subscription gives you access to Issue 1 free of charge, then 4 subsequent, consecutive issues of Digital Forensics Magazine for only £54.

 

Sign up for the annual subscription and you'’ll be saving 10% on the cover price of each individual issue. If you'd like a printed copy of the magazine then you can contact us directly and we'll arrange this for you as soon as we can. More>>

 

 

See you in February with the next next newsletter and hope you enjoy Issue 2 out in February.

 

The DFM Team

 
De Montfort University faculty of technology

This email was brought to you by Digital Forensics Magazine - Supporting the Professional Computer Security Industry