I don’t really go in for “New Year, New Me,” partly because I think it’s probably futile and also because there’s not a lot about myself I’d like to fundamentally change. I do have some plans for the year, and a couple of things I’d like to do more of, but no resolutions as such.
Relatedly: I’ve been thinking about this tweet. (more…)
I met Chet Hosmer at DFRWS in Providence, Rhode Island, earlier this year. Over lunch I explained my upcoming digital forensics book to him, and he was very supportive. When I arrived back in England a copy of one of his books was waiting for me, along with an encouraging note.
Well, the DFIR book project has taken a backseat over the last few months due to me taking on a new psychology of religion research project, but maybe it’ll come back. In the meantime I thought I’d take a look at Chet’s book and write a quick review of it. (more…)
SQLite forensics is an important part of many digital forensic investigations. Most smartphones and computer operating systems use SQLite, with each device often including hundreds of databases. Despite this extreme proliferation, SQLite forensics is often overlooked in conversations about current trends in digital forensics. Paul Sanderson’s book attempts to redress the balance and bring attention to the importance of SQLite forensics. (more…)
I read a lot. I write a lot. I work a lot. Sometimes these things coincide. One of the ways they coincide is through writing books about my day job, for which I also read books other people have written.
Here are a few of my favourite digital forensics books I’ve read over the past few years, which I’d recommend if you’re looking for relevant reading material. (more…)
Any book that begins with a foreword by Eoghan Casey is almost guaranteed to be a vital and immensely useful read in the field of digital forensics, and Practical Forensic Imaging is no exception.
The need to securely preserve digital evidence is of the utmost importance to any investigator, particularly in criminal cases where findings may need to be upheld in a courtroom situation. Despite the huge impact of this subject matter, however, there have been precious few books on the topic to date. Luckily, Practical Forensic Imaging steps in now to fill the gap.
Read the full review on Forensic Focus
iOS Forensics Cookbook was written by Bhanu Birani and Mayank Birani with the aim of providing a resource to help forensic practitioners to handle and extract data from iOS devices.
It is important to note that this book is aimed at people who already have a significant level of technical knowledge. While it does explain where data are stored, for example, it does so only in brief and as part of practical exercises. Anyone who has a low level of familiarity with the subject or is put off by the idea of reading through lines of code will have difficulty understanding the majority of this book.
Considering that there are separate books – indeed, whole genres – devoted to Android and iOS forensics specifically, writing a single tome that covers mobile forensics in a meaningful way is an ambitious task.
Learning Android Forensics was written by Rohit Tamma and Donnie Tindall, and aims to provide a thorough introduction to the forensic analysis of smartphones running the Android operating system, from the initial setup of a forensic workstation through to analysing some of the more important artefacts. With input from highly experienced reviewers in the digital forensics field, the book is an excellent resource for students and practitioners alike.
I reviewed Learning iOS Forensics, by Mattia Epifani and Pasquale Stirparo, for Forensic Focus.
Learning iOS Forensics is a practical textbook that aims to help digital forensics examiners of all levels to get to grips with the procedures involved in forensically analysing iOS devices.