Re: Researchers: Forensics Software Can Be Hacked

[Gadi Evron <ge () linuxbox org>]

Wow. No kidding!!!@111

On Wed, 25 Jul 2007, Paul Ferguson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Via InfoWorld.
>
> [snip]
>
> The software that police and enterprise security teams use to investigate
> wrongdoing on computers is not as secure as it should be, according to
> researchers with iSEC Partners.
>
> The San Francisco security company has spent the past six months
> investigating two forensic investigation programs, Guidance Software's
> EnCase, and an open-source product called The Sleuth Kit. They have
> discovered about a dozen bugs that could be used to crash the programs or
> possibly even install unauthorized software on an investigator's machine,
> according to Alex Stamos, a researcher and founding partner with iSEC
> Partners.
>
> [snip]
>
> More:
> http://www.infoworld.com/article/07/07/25/Forensics-software-can-be-hacked_
> 1.html
>
> - - ferg
>
> p.s. Interesting premise for a Hollywood movie: "...bugs that
> could be used to crash the programs or possibly even install
> unauthorized software on an investigator's machine..."
>
> :-)
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.2 (Build 2014)
>
> wj8DBQFGp4RDq1pz9mNUZTMRAgOUAJ9fLcmHfCGZ0bzh6O0uEotyKXNHaACeOpAS
> /ZgmK9+7K3Iy6MNYHbSxQyA=
> =XJl3
> -----END PGP SIGNATURE-----
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.