lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050120155527.36384.qmail@web42108.mail.yahoo.com> From: jmark2099 at yahoo.com (j mark) Subject: Re: [ISN] Book Review: Forensic Discovery Anthony Zboralski wrote: > > On 19 Jan 2005, at 14:55, InfoSec News wrote: > >> <snip> >> of digital forensics. > > > Source: http://hert.org/story.php/58 > > After reading the review of Dan Farmer and Wietse's Forensic Discovery, you should hear about > The Grugq who got fired from @stake after writing a Phrack Article in which he exposed numerous > flaws in The Coroner's Toolkit by Dan & Wietse. > > Before you read this book, check out the video (bittorrent) of The Grugq on The Art of Defiling and > see how to defeat "industry grade" forensic tools and techniques . > > You can also meet him at a hacker convention near you (in March at BCS2005 in Jakarta, in April > at Black Hat in S'pore and Amsterdam and at HITB2005 Bahrain. > > Video of the Grugq's Speech, The Art of Defiling: > http://www.hert.org/z/grugq.torrent (Courtesy of HITB2004) > > Presentation Slides: > http://packetstormsecurity.com/hitb04/hitb04-grugq.pdf (from HITB2004) > > Phrack article: > http://www.phrack.org/show.php?p=59&a=6 (Phrack 59) > > Grugq's Profile: > http://www.bellua.com/bcs2005/asia05.speakers.html#grugq > > The Grugq has been researching anti-forensics for almost 5 years. He has presented > to the UK's largest forensic practitioner group where he scared Scotland Yard. > Grugq has worked to secure the networks and hosts of global corporations, and > he's also worked for security consulting companies. His work as a security consultant > was cut short temporarily following the publication of an article on anti-forensics. > > P.S. Is it illegal to talk about anti-forensics under the Patriot Act? > > gaius > This article in Phrack is being cited as this guys qualifications for conducting a security seminar? Getting fired for writing an article (an article so clueless --devoid of substance-- as this one) is cited as a good thing (just because it appeared in phrack)? Phrack Editors: please apply some standard in choosing articles, because people do think that having an article published in phrack amounts to something, and mostly your articles are superb (except when you plug articles like this because your friend wrote it) Just because one tool does not check bad cluster, doesn't mean that you can use this method of data hiding to defeat forensics as a whole. Encryption as an anti-forensics technology. <sarcasm>Wow. who knew that?</sarcasm> Logging to a different Syslog server. <sarcasm>Wow. who knew that?</sarcasm> Anthony Zboralski: We would expect yot to plug some article with substance when you promote your speaker and conference in a lot of security mailing lists. Oh yeah and you are going to jail if you talk about anti-forensics in US, you stupid promoter. jmark __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250
Powered by blists - more mailing lists