But I really need to stay on top of stuff. A lot has happened that I did not blog out!
I spoke at Shmoocon about my forensic memory analysis for passwords. Yep, what you think - I develop passwords out of the billions of possible strings on your forensic image. It was pretty cool and the presentation is posted on the shmoo site.
I got an idea from one of my mailing lists to go a bit deeper on. Detecting time travel in the non-Time Cop way. I am going to write a paper on detecting document alterations with changing of system time clocks.
I know the forensic perception - a cat and mouse game where bad guy can make a change, good guy develops a way to detect the change, so bad guy makes a change a different way. On and on, with the doubt of detection on the good guy, because maybe he just has not developed a way to detect the latest change.
That's my next project, feel free to steal the idea and run with it - just give me a copy of the results!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment