A Geeks Guide to Digital Forensics

I came across this presentation on the GoogleTechTalks YouTube channel – A Geeks Guide to Digital Forensics;

http://www.youtube.com/user/GoogleTechTalks#p/u/2/rPd-HiEvhhw

This is a very interesting talk and highlights some great open source tools for imaging hard drives and dealing with hard drive errors when imaging.  Also highlights the Sleuth Kit by Brian Carrier which is an excellent piece of open source software for analysing file systems that even has a graphical interface called Autopsy.

Several other tools and their uses are also discussed – check that talk out ūüôā

K

Code war era

I’m sure it is not a new turn of phrase, but I came across the term ‘Code war’ as in code war era in a recent¬†Businessweek article titled ‘Cyber Weapons: The New Arms Race’ that can be found here;

http://www.businessweek.com/printer/magazine/cyber-weapons-the-new-arms-race-07212011.html

From Google¬†accusing¬†the Chinese government of trying to hack it’s systems and threaten it’s employees to the Stuxnet worm causing massive damage to Iran’s nuclear program cyber warfare is clearly real and here to stay – This is¬†truly¬†the era of the code war..

One of the big differences between cyber warfare and traditional warfare are the levels of secrecy involved.  Traditional weapons such as guns, fighter planes or even nuclear missiles still work both in use and as a deterrent even when many details about how they work.  In the cyber world once an exploit is known about and understood countermeasures can quickly render it useless.

To highlight just how real this threat is, in 2009 the US created the US Cyber Command, and the US military has been given the all clear to us ‘cyber’ weapons.

Various firms, such as Endgame and Appin Technologies that provide various security services including creating exploit code are reporting ever increasing profits due to the demand for this kind of service. ¬†These companies while shrouded in¬†secrecy¬†are the public face of this¬†industry; there are many more ‘black’ companies whose activities and work for governments is considerably more hidden and less visible.

Definitely interesting times in the world of IT security..

K