funsec mailing list archives

Re: Researchers: Forensics Software Can Be Hacked

From: "Don Blumenthal" <dmblumenthal () gmail com>
Date: Thu, 26 Jul 2007 20:50:20 -0400

On 7/26/07, Jordan Wiens <numatrix () ufl edu> wrote:

It's worth noting that the metasploit antiforensics stuff is
different than the research discussed in the article.

The new stuff is actually exploiting the code in the forensics
software directly, not just mangling the data to make it hard to
analyze forensically.  The best part of that is the chance for code
to jump out of a drive being imaged and onto the analysis workstation
itself.  Fun stuff.


FWIW, Guidance Software posted a reply to the ComputerWorld/IDG
article on SecurityFocus this afternoon.

www.securityfocus.com/archive/1/474727/30/0/threaded.

There's already one hostile response.

Don

--
Don M. Blumenthal
Technology, Law, and Policy
dmblumenthal () gmail com
734-997-0764        202-431-0874 (c)
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Researchers: Forensics Software Can Be Hacked Paul Ferguson (Jul 25)
- Re: Researchers: Forensics Software Can Be Hacked Gadi Evron (Jul 25)
  - RE: Researchers: Forensics Software Can Be Hacked Hubbard, Dan (Jul 25)
    - RE: Researchers: Forensics Software Can Be Hacked Gadi Evron (Jul 25)
    - Re: Researchers: Forensics Software Can Be Hacked Jordan Wiens (Jul 26)
    - Re: Researchers: Forensics Software Can Be Hacked Don Blumenthal (Jul 26)
    - Re: Researchers: Forensics Software Can Be Hacked Jordan Wiens (Jul 26)
    - Re: Researchers: Forensics Software Can Be Hacked Valdis . Kletnieks (Jul 26)
- Re: Researchers: Forensics Software Can Be Hacked rms (Jul 25)