May92008
“To all those who don’t like the license: you don’t have to use it. Just write your own code.” Shouts to guys at
gpl-violations.org!
May72008
Congratulations to
Matthieu Suiche on getting his presentation accepted to
Black Hat. You could probably even convince him to discuss recent GPL violations! While legal recourse is being pursued, maybe this will provide extra motivation for violators to respect the legal system and the community. Matthieu is doing some interesting work and has been a great help with some of the new functionality being added to
Volatility 1.3. If you are in Vegas, you should check out his presentation!
May62008
“Research maxims: 1) Pay attention to details. (2) Don’t make stuff up.”
Prof. Roy A. Maxion, Carnegie Mellon University,Computer Science Department.
May52008
The program for
DFRWS 2008 has been posted. There are a number of papers discussing important advancements in memory forensic analysis that you won’t want to miss. In particular, I want to congratulate
Andreas Schuster ,
Brendan Dolan-Gavitt ,
Dr. Michael Cohen for getting their papers accepted. The great work these gentlemen are doing is helping to make
Volatility the most advanced memory forensics framework. It’s encouraging to see people who are actually contributing to the open source community be rewarded for their hard work! Stay tuned for more exciting DFRWS announcements!
May12008
“But it’s just about impossible to prevent secrets from being written to memory—presumably, your program needs access to the data at some point.”
Chess, Brian and Jacob West. “Secure Programming with Static Analysis”. Addison-Wesley. 2007.
April302008
For any of our Italian readers,
PTK now includes support for
Volatility. Once PTK is released, Volatility users will have the option of using PTK or
PyFlag. Thanks for the email Michele!
2PM
You would hope that those same forensics companies claiming to help people enforce the law would at least respect the legal system. There is truly an amazing story going on behind the scenes. I want to give my respect to all those people that are attempting to “empower the community” as opposed to “exploit the community”!
April282008
This is a very interesting post by Andreas Schuster. You should definitely take some time to check it out! I’m sure we will see a lot more of this activity with respect to volatile memory forensics software. Especially, as vendors are desperately trying to catch up to the research community! Nice work Andreas and others ;)!
April252008
NoVA Sec: Memory Analysis and Acquisition
I want to take this opportunity to thank Mr. George M. Garner Jr. for making a guest appearance at my NoVA Sec presentation this evening. Once my talk was finished, George gave an insightful impromptu discussion of the challenges of memory acquisition. George, thanks for stopping by!