Life is about to become more difficult for countries trying to censor access to foreign websites. A system dubbed Collage will allow users in these countries to download stories from blocked sites while visiting [...]]]>

Good news for opponents of censorship. But embedding data in sites such as Flickr could also make it challenging for forensics.

Life is about to become more difficult for countries trying to censor access to foreign websites. A system dubbed Collage will allow users in these countries to download stories from blocked sites while visiting seemingly uncontroversial sites such as Flickr.

Collage relies on a well-established technique known as digital steganography, in which an image file is changed to encode the hidden message without obviously affecting the appearance of the image. A prototype version is due to be unveiled on Friday, 13 August.

via Hiding files in Flickr pics will fool web censors – tech – 09 August 2010 – New Scientist.

Ladies and gents, this is a 3TB hard drive. Let that sink in. Three effin terabytes. That’s a whole lot of data on one hard drive. Seagate previously stated that the drive would be out by year’s end, but here it is and it’s barely summer.

The FreeAgent [...]]]>

Our digital evidence vault audibly groaned with this update!

Ladies and gents, this is a 3TB hard drive. Let that sink in. Three effin terabytes. That’s a whole lot of data on one hard drive. Seagate previously stated that the drive would be out by year’s end, but here it is and it’s barely summer.

The FreeAgent GoFlex family is Seagate’s first product line to sport the gigantic hard drive. USB 3.0, USB 2.0 and Firewire 800 via Seagate’s GoFlex adapters are tasked with the job of transferring the data to and fro the connected computer. The USB 2.0 flavor is available right now with the MSRP $249.

The real story, however, isn’t that Seagate managed to stuff 3TB into one 3.5-inch hard drive. It’s that Seagate is actually bringing it to market amid so many potential problems.

via Seagate Makes Good On Its Promise, Outs The 3TB FreeAgent GoFlex Desk External Hard Drive.

The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after [...]]]>

Anyone up for a challenge?

The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. federal police returned the equipment to Brazil in April.

According to the report, the fed only requested help from USA in early 2009, after experts from the National Institute of Criminology (INC) failed to decode the passwords on the hard drives. The government has no legal instrument to compel the manufacturer of the American encryption system or Dantas to give the access codes.

via G1 – Not even FBI was able to decrypt files of Daniel Dantas – notícias em English.

The WORM (write once, read many) card is “tamper proof” and data cannot be altered or deleted, SanDisk said in a statement. The card is designed for long-time preservation of crucial data like legal documents, medical files and forensic evidence, SanDisk said.

The media comes with capacity of only [...]]]>

New SD card designed to store forensic data:

The WORM (write once, read many) card is “tamper proof” and data cannot be altered or deleted, SanDisk said in a statement. The card is designed for long-time preservation of crucial data like legal documents, medical files and forensic evidence, SanDisk said.

The media comes with capacity of only 1GB. SanDisk determined the media's 100-year data-retention lifespan based on internal tests conducted at normal room temperatures.

via SanDisk’s SD card can store data for 100 years – Computerworld.

In mid-2009, an employee at the California firm clicked on a link in an e-mail message and ended up at a malicious [...]]]>

While it’s often the large corporations that make the headlines when their security has been breached, it’s the smaller companies that are often subject to the greatest harm from malicious attacks and data theft.

In mid-2009, an employee at the California firm clicked on a link in an e-mail message and ended up at a malicious website. The site, run by online thieves, used a vulnerability in Internet Explorer to load a Trojan horse on the employee’s system. With control of the machine, which was used for much of the firm’s accounting, the thieves gathered data on the firm and its finances. A few days later, the thieves used 27 transactions to transfer $447,000 from Ferma’s accounts, distributing the money to accounts worldwide.

“They were able to ascertain how much they could draw, so they drew the limit,” said Ferma president Roy Ferrari in an interview at the time.

Ferma did not go out of business, but many small companies have as a result of a hack. The consequences of an attack should make small and midsize businesses (SMBs) sit up and notice, says Bernard Laroche, senior director of SMB product marketing for security giant Symantec.

via Lack Of Security Focus Puts SMBs In Harm’s Way – DarkReading.

Enter viaForensics. Our services aren’t just for large corporations trying to protect themselves against lawsuits. We can protect small and mid-sized businesses as well. Our services, including liveForensics, driveForensics and threatForensics, can be tailored toward the needs of any size business.

While it is common for companies to use automated data-collection software and hardware, some corporate litigants [...]]]>

Electronically stored information (ESI) in involved in almost all litigation these days. Currently, there are few rules governing the collection of ESI. However, there is growing debate over the practice of manual collection methods as opposed to using automated methods:

While it is common for companies to use automated data-collection software and hardware, some corporate litigants opt for more informal, “manual” collection methods (i.e., searches performed by individual records custodians) when responding to ESI requests. Companies may choose the manual collection of ESI to reduce costs, particularly if they have limited levels of litigation or lower risk levels posed by the litigation itself.

But, is this a defensible practice? What happens when the requesting party challenges the results of a production based on manual collection methods? An analysis of Ford Motor Co. v. Edgewood Properties Inc., 257 F.R.D. 418 (D.N.J. 2009), litigated in the District of New Jersey and guidance from The Sedona Conference® provide some guidance and insight. However, this is an evolving issue, and other courts may have varying views.

via ARMA International: The Association for Information Management Professionals – News: ARMA International Information Updates: IMN.

In a recent blog on e-discovery 2.0, Dean Gonsowski discusses this issue. He argues that it’s not very likely for manual collections to be deemed “less defensible” in the long run — as long as they are carried out properly:

From the foregoing, it’s probably too early to call the skepticism over manual collection a trend per se.  Certainly, lobbing a preservation notice over the proverbial wall to custodians without the requisite level of supervision is a recipe for disaster.  Education (about the matter and the required tasks), compliance (with the preservation instructions) and ongoing monitoring (to ensure that compliance continues over time) are all critical responsibilities that must be thoughtfully undertaken by counsel for a defensible ediscovery process.

The question then becomes, is the problem here really about the “manual” collection efforts by the custodians or more simply the fact that they aren’t supervised with the requisite degree of care?  If this is the case, which I’d opine that it is, then “properly executed” manual collections should be fine (i.e., defensible).

But, as Ford indicates, if your company is going to rely upon a manual collection modus operandi, then it may be advisable to let the opposition in on the use of this tactic.  This approach may be mandated by local rule or it may just be the type of transparent cooperation that’s all the rage these days.

via Manual Collections of ESI in Electronic Discovery Come under Fire.

tazzbit writes: “The storage vendors have been crowing about data deduplication technology for some time now, but a new open source project, Opendedup, brings it to Linux and its hypervisors — KVM, Xen and VMware. The new deduplication-based file system called SDFS GPL v2 is scalable to eight petabytes [...]]]>

Just something to keep an eye on…

tazzbit writes: “The storage vendors have been crowing about data deduplication technology for some time now, but a new open source project, Opendedup, brings it to Linux and its hypervisors — KVM, Xen and VMware. The new deduplication-based file system called SDFS GPL v2 is scalable to eight petabytes of capacity with 256 storage engines, which can each store up to 32TB of deduplicated data. Each volume can be up to 8 exabytes and the number of files is limited by the underlying file system. Opendedup runs in user space, making it platform independent, easier to scale and cluster, and it can integrate with other user space services like Amazon S3.”

via Slashdot Linux Story | Open Source Deduplication For Linux With Opendedup.

Why are courts placing so much emphasis on this ministerial step in preservation of issuing a written litigation hold? It appears that patience is running thin for [...]]]>

A recent article on Law.com (part one of a seven part series) discusses the importance of legal holds for the preservation of electronically stored information (ESI) and other documents.

Why are courts placing so much emphasis on this ministerial step in preservation of issuing a written litigation hold? It appears that patience is running thin for lost ESI in federal court. More importantly, ignorance of litigation hold requirements is no excuse. Also, the days of he-said-she-said litigation hold arguments are numbered. Courts want to see a transparent and credible process by simply looking at a few documents such as the written hold notice, distribution list, follow-up interview reports or logs, as examples.

As articulated by Judge Scheindlin in Pension Committee v. Banc of America, courts definitely do not want to wade through stacks of motions papers and days of hearings to determine if preservation efforts were sufficient to prevent the destruction of ESI and other documents. As a result, it is imperative for an organization to have in place a litigation hold policy and adequate procedures necessary to avoid going down the litigation “detour” of discovery sanctions motions.

via Law.com – Step 1 for Legal Holds: Trigger Events.

Contact: Andrew Hoog Chief Investigative Officer viaForensics Phone: +1 312-283-0551 http://viaforensics.com/contact-us

viaForensics’ CIO, Andrew Hoog, earns Certified Computer Examiner designation

Chief Investigative Officer of viaForencis, Andrew Hoog, recently obtained his (CCE)® certification from the International Society of Forensic Computer Examiners

Chicago, Feb 19, 2010 –  The CIO of the computer/mobile forensic and e-discovery firm viaForensics, Andrew Hoog, has earned [...]]]>

FOR IMMEDIATE RELEASE

Contact:
Andrew Hoog
Chief Investigative Officer
viaForensics
Phone: +1 312-283-0551
http://viaforensics.com/contact-us

viaForensics’ CIO, Andrew Hoog, earns Certified Computer Examiner designation

Chief Investigative Officer of viaForencis, Andrew Hoog, recently obtained his (CCE)® certification from the International Society of Forensic Computer Examiners

Chicago, Feb 19, 2010 –  The CIO of the computer/mobile forensic and e-discovery firm viaForensics, Andrew Hoog, has earned the Certified Computer Examiner (CCE) designation awarded by the International Society of Forensic Computer Examiners, an internationally recognized professional organization dedicated to upholding standards in the computer forensics community.

CCE certification is awarded to individuals who demonstrate knowledge and proficiency of skills related to the practice of digital forensics. Applicants for certification must complete an approved amount of training or professional experience and pass a four-part test.

Mr. Hoog adds this recognition to his list of credentials which includes the Global Information Assurance Certified Forensic Analyst (GCFA) designation and membership in the International High Technology Crime Investigation Association (HTCIA).

About viaForensics

viaForensics is an innovative computer/mobile forensic and e-discovery firm focusing on providing proactive services to corporations, law enforcement and law firms. Andrew Hoog is a computer scientist, computer/forensics researcher and Chief Investigative Officer at viaForensics.

# # #