Forensic Blogs

An aggregator for digital forensics blogs

by

Network Scanning + Update 2

Introduction

As November comes to a close, we are nearing the end of our project. With the script complete, all we have left to do is finish up a final report and a few more scans. Due to some yet to be solved bug in our code, the script fails when run from the physical Pi. As a temporary workaround, we’ve been scanning solely from our virtual machine, or VM. Our team is doing their best to solve this problem before the end of the week.

Problem Solving

Due to time restrictions, we were unable to automate our script. However, this is not really a setback, as all we have to do is manually start the scanner. So while this is not desirable, it is in no way a catastrophe. Of course, if we had more time, our team would have found a way to automate our script, and add other features. The ability to utilize WiFi, while not necessary, would make our scanner much more convenient to use. A cleaner looking output would have also been a nice touch. Most of the features we would have added are superficial, and only serve to add convenience.

As for the bug in our script, we so far have no idea what is causing it. The scanner starts correctly and runs for a couple of hours before shutting down. There is no output on the console and no printed report. This has happened to well over five scans. Since we’ve encountered this issue, we have been unable to get a scan to run properly on the physical Pi. However, the script runs perfectly on the VM so we’ve been using that for scans instead. Other than trying to solve this, most of our time and energy is going towards our final report.

Conclusion

We have spent most of November in the home stretch of this project. From completing our script to working on the final report, we are wrapping up rather nicely. We did encounter an issue with running our script on the Pi which set us back, but we’ve managed despite the issue. While we are attempting to fix it, we will not be at a complete loss in this project if our attempts are unsuccessful.

The post Network Scanning + Update 2 appeared first on The Leahy Center for Digital Investigation.

by

How to succeed as a startup

Book, in Firefly, once said “Out here, people struggled to get by with the most basic technologies; a ship would bring you work, a gun would help you keep it. A captain’s goal was simple: find a crew, find a job, keep flying.”

The startup version is:

“As a startup, people struggle to get by with the most basic resources; an idea will bring you attention, passion will help you keep it. A founder’s job is simple: build a team, find revenue, survive.”

by

Windows Fall Creator Final Update

Introduction

The Windows Fall Creator team has concluded their research and have finalized their project. In the past two weeks, they have been working on writing their final report about Windows 10’s newest feature: Pick Up Where I Left Off, or PWILO. They are happy to announce that they have finished their report and are excited to reveal their findings. Included below is an excerpt from the Windows Fall Creator team’s final report.

Report Excerpt

The Windows Fall Creator update to Windows 10 was released to the general public in the Fall of 2017, and included a vast number of new features. One of these features was coined “Pick Up Where I Left Off”, or PWILO. This feature is designed to create a smooth transition between devices and power states for the everyday Windows user.  It does this by restoring closed apps and web pages at the convenience of the user. Windows put off releasing this feature with the Fall Creator Update. It was delayed until the Redstone 4 Update that was scheduled for release in Spring of 2018. As a result of this features purpose and the delay in release, the security, storage, and collection of data involved with PWILO is questioned. The Windows Fall Creator Team investigated these aspects of this feature. The goal of this project was to be able to state with some level of certainty the security implications that PWILO includes, as well as the impact it has on system performance.

Conclusion

Over the course of the past 12 weeks, the Windows Fall Creator Team has worked hard to answer the research questions posed in the introduction of their report.  They have also overcome many obstacles that stood in their way. Read the Windows Fall Creator team’s final report to see what struggles they overcame and the conclusions that they drew.  You will also find a sneak peak of what is coming down the pike for future research that will be conducted on PWILO. Follow us on twitter @ChampForensics, Facebook at ChamplainLCDI, and Instagram @ChampForensics.

The post Windows Fall Creator Final Update appeared first on The Leahy Center for Digital Investigation.