In 2008, I wrote a blog entry, Simple Techniques That Fool Forensic Tools, that included an introduction to Alternate Data Streams. Now, I’d like to go into more detail, so that you can better understand the use and danger of
Alternate Data Streams
Unstructured Data
Unstructured Data sounds like files that store disorganized data or simple text, but I see it as more of a classification term than the description of a file’s lack of internal data structures. Some examples, provided in an article by
What Is Dark Data?
What does Dark Data mean? We use this term on our website, as if it is obvious. In the most basic terms, Dark Data is information that is difficult to find. So, in effect it is sitting in the dark.
Dark Data Is Invading Our Lives
Recently, I’ve given some presentations on Dark Data. Back in May, I talked about “Dark Data in Live Forensics“, for the TechPoint – New Economy New Rules breakfast. Last month, I covered the topic in more detail with a presentation called, “Dark
The Push for Live Forensics
The best approach to a Digital Forensics (aka Computer Forensics or Cyber Forensics) investigation has been to perform a “Dead” analysis of the data storage devices. This requires the imaging (or copying) of hard drives, flash drives, discs, etc. for
Killer App: Data Wisdom
What is a Killer App. (aka Killer Application)? Wikipedia says it’s software that is so necessary, or desirable, that it drives sales of the software/hardware necessary to run it. Investopedia defines it as “a buzzword that describes a software application that
Data Classification and the MER Conference
Data Classification seems to mean different things to different people. In our File Investigator products, we classify each file by Platform it is typically found on (ex: Macintosh, MS Windows, Linux, …) Storage method(s) used (ex: Archive, Digital Audio, Vector,