Brett's Ramblings

Books written by practitioners are many times better than those written by those who 'never done it'
Brett Shavers
Books
Many of Syngress published books I’ve read are those written by people simply writing about how they do their job…while they are doing their job.   They are probably not writing while they are physically doing their work, but you know what I mean. With my first book, Placing the Suspect Behind the Keyboard, I was consulting on a crim...
Bio-hacked humans and digital forensic issues...
Brett Shavers
Digital Forensics
If you thought The Grudge was the scariest thing you’ve seen on screen, you must have not yet watched Showtime’s ‘The Dark Net’.  In short, the series show how humans are procreating less and merging digitally into technology with bio-hacks. That makes for a bad combination on a few different levels. Without getting into non-techical issu...
Tech Talk Can Get You Lost in Lingo
Brett Shavers
Digital Forensics
    Every career and academic field has its own “lingo” to the extent that a conversation buried deep in lingo sounds like a foreign language. I have experienced military lingo, law enforcement lingo, and technical lingo in my life to the point that I practically dream in acronyms, speak with words not recognized by Webster’s Di...
What is this thing "privacy" you speak of?
Brett Shavers
Privacy
  I luckily missed being born into the Internet generation.  Facebook creeped me out with the amount of information demanded to create an account.  It took me all of 1 minute to create an account, 5 minutes to decide to delete it, and then two hours to figure out how. That was years ago and I still receive email remind...
The best part of writing a book is finishing the book.
Brett Shavers
Digital Forensics
I choose the title of my latest book (Hiding Behind the Keyboard) to be provocative, although the book may not completely be what you would expect if you think that it is a manual to hide yourself on the Internet. Being from Syngress, this is technically a technical book in that it discusses how to uncover covert communications using forensic analy...
RegRipper
Brett Shavers
Digital Forensics
The short story-if you want RegRipper, get it from GitHub (don't download it from anywhere else) http://github.com/keydet89 What is RegRipper? RegRipper was created and maintained by Harlan Carvey.  RegRipper, written in Perl, is the fastest, easiest, and best tool for registry analysis in forensics examinations.  RegRipper has been downl...
Massive Government Surveillance - Not a new thing
Brett Shavers
Books
I'm close to wrapping up my latest book, Hiding Behind the Keyboard. One of the more interesting things I found while researching the electronic surveillance chapter is a historical note of massive electronic surveillance...way back in the early  1890s.  Considering that government surveillance is one of the hottest topics today...
Libraries and the Tor Browser
Brett Shavers
Digital Forensics
A few weeks ago, I was asked by a librarian for my opinion on library patrons using Tor in public libraries. My initial reaction, based upon having done more than a few cybercrime cases, is that Tor in public libraries is a bad idea. How can law enforcement track criminals who use library computers when the Tor browser is being used?  And libr...
Teaching Digital Forensics at the University of Washington
Brett Shavers
Digital Forensics
Several years ago, I taught at the UW Digital Forensics Continuing Education program before taking a break. Now I'm back at it.  A new course with new material, including mobile device forensics.  A change in the program is that the course is offered online as well (not on demand, as the classroom will be broadcast in real-time). A c...
A little update coming for Mini-WinFE
Brett Shavers
Digital Forensics
     The developer of Mini-WinFE will be adding a script that will install EnCase Forensic Imager into Mini-WinFE. Misty is a little busy right now, but in a few weeks, should be a reality.  So, you'll have another imaging tool option in WinFE that is freely available to use.    You'll notice that WinFE hasn't had much...
Tor is perfect! (except for the user....)
Brett Shavers
Digital Forensics
I have been spending so much time with the Tor browser over the past months that I have forgotten just how seamlessly it uses a complex network of global servers, and encryption to provide a near perfect level of online anonymity. The Tor browser is extremely effective in providing near 100% anonymity that if not for one little flaw, it would be pe...
I had a blast presenting for ICAC at Microsot
Brett Shavers
Speaking
I gave two presentations today at the NW ICAC conference hosted by Microsoft in Redmond, Washington on the same topic in two parts. I met some great folks in the field doing so really awesome work to protect children. Plus, I got to see some people that I have not seen in a long time. All the sponsors set up a great conference with Micros...
Book Review: Windows Forensic Analysis Toolkit, 4th Edition
Brett Shavers
Digital Forensics
I’ve been waiting until I received the hard copy of this book to write the review. I had the fortune of being the tech editor for this book and enjoyed every minute of it. Although I do not have an ongoing financial interest in this book, I do have a vested personal interest based on the reasons Harlan Carvey lays out in many chapters. I’ll get to ...
X-Ways Online Training Course
Brett Shavers
Digital Forensics
X-Ways Online Training Course I will be publishing an X-Ways Forensics Online Training Course on June 30, 2014.  The course is based off the X-Ways Practitioner's Guide, the X-Ways manual, and a decade of experience using X-Ways...it is not the official X-Ways training course, but it also does not come with the price tag of the official course...
Is it worth the time to figure out WinFE?
Brett Shavers
Digital Forensics
Yes, no question about it.WinFE is one of those things in forensics you hear about and move on to something else because you don't want to spend the time to "build an ISO" (maybe you've not