In 2008, I wrote a blog entry, Simple Techniques That Fool Forensic Tools, that included an introduction to Alternate Data Streams. Now, I’d like to go into more detail, so that you can better understand the use and danger of
Alternate Data Streams

In 2008, I wrote a blog entry, Simple Techniques That Fool Forensic Tools, that included an introduction to Alternate Data Streams. Now, I’d like to go into more detail, so that you can better understand the use and danger of
If Dark Data is hidden, how can it be dangerous? How much of a threat can it possibly be? Dark Data is everywhere. It’s hidden in the firmware of the smallest devices, like survelance cameras, printers, TV streaming devices, your
What does Dark Data mean? We use this term on our website, as if it is obvious. In the most basic terms, Dark Data is information that is difficult to find. So, in effect it is sitting in the dark.
Recently, I’ve given some presentations on Dark Data. Back in May, I talked about “Dark Data in Live Forensics“, for the TechPoint – New Economy New Rules breakfast. Last month, I covered the topic in more detail with a presentation called, “Dark
The best approach to a Digital Forensics (aka Computer Forensics or Cyber Forensics) investigation has been to perform a “Dead” analysis of the data storage devices. This requires the imaging (or copying) of hard drives, flash drives, discs, etc. for
Why do people encrypt their data? Well, to protect their information from getting into the wrong hands, of course. But, what if the “wrong hands” is law enforcement, the court system or even your boss? Should they have the right
Aren’t Electronic Discovery and Computer Forensics the same thing? Some people would say that they are, but many practitioners strongly disagree. Here are some definitions that I found for Electronic Discovery: Gartner said that “E-discovery is the production and presentation of