In last five weeks, since August 19th I've done 3 separate 5 day training on 4 different commercial digital forensics platforms. So I feel all hell of digital forensic standardization, compatibility issues.
Basically it is always the same thing to do (even on the same evidence files :) ) but with deliberately different terminology, methodology a nightmare actually.
We are asking question why current state of IT security is such shamble, how things are done now are really good example of how not to do things. This is really material for a good scientific research why such important part of life is in such horror.
I'll add some thoughts later, at the moment amuses me parallel with maths before introduction of Indian (Arabic) numbers with 0.
30.9.2017
As tools mentioned before
Basically it is always the same thing to do (even on the same evidence files :) ) but with deliberately different terminology, methodology a nightmare actually.
We are asking question why current state of IT security is such shamble, how things are done now are really good example of how not to do things. This is really material for a good scientific research why such important part of life is in such horror.
I'll add some thoughts later, at the moment amuses me parallel with maths before introduction of Indian (Arabic) numbers with 0.
30.9.2017
As tools mentioned before
- Magnet Forensic Interent Evidence Finder
- Encase v7 and v8
- X-ways
- MobileEdit Forensic Express
- and some references to F-Response
So you can imagine the differences and consistency problems ...