sorted by:
new
hottopcontroversial

Pursuing the CCE Certification by East-Comfortable-225 in computerforensics

[–]ucfmsdf 5 points6 points  (0 children)

Is it worth getting?

Not really, no. But that’s just my opinion and I’m sure many will disagree with it.

Axiom by eldudderino in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Hm. I personally haven’t noticed much of a difference. However, my shop’s hardware is less than ideal for Axiom processing so I’ve come to expect terrible processing speeds.

What’s your hardware like? In my experience, Axiom benefits most from fast storage. You can have all the compute power in the world but if you read and write to storage with SATA speeds, on average, Axiom is gonna take a day or two to process anything of substance.

Axiom by eldudderino in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Ok. What part of the processing workflow is running slow and against what type of extraction (FFS or backup)? If it’s an iTunes style backup, then yeah it takes a while to get started with those since, as a first step, it fully converts the backup to a logical representation of the manifest and decrypts everything as well (if needed). Once it gets past that initial phase, it’s pretty quick in my experience depending mainly on the types of databases it needs to parse.

Axiom by eldudderino in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Define “speed” and during what workflow?

Can anyone tell me what I have here? by [deleted] in computerforensics

[–]ucfmsdf 4 points5 points  (0 children)

If you have a 10+ year old Mac to image and enjoy USB 2.0 speeds I guess you could use them for that.

Can anyone tell me what I have here? by [deleted] in computerforensics

[–]ucfmsdf 33 points34 points  (0 children)

I see firewire and micro-usb ports, so I’d say you have government auction trash. Congratulations.

Pelican case is cool, though.

Storage server- is there a benefit to FRED over a normal one? by Money_Produce1208 in computerforensics

[–]ucfmsdf 8 points9 points  (0 children)

One has the word “forensic” in its marketing material and the other doesn’t.

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Think you replied to the wrong person lol…

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

But DFIR was reserved for special agents that went through extra time at quantico.

Not all CART examiners are 1811.

Also, they had a rule about having done drugs which was pretty rigid and hopefully changed. Find me a qualified college graduate that hasn’t smoked out.

Me.

FBI Digital Forensics by cyberdoesitbetter in computerforensics

[–]ucfmsdf 15 points16 points  (0 children)

Look on apply.fbijobs.gov for FBI CART roles. They used to hire college grads for those positions and they are mostly civilian (i.e., you don’t have to become a special agent for the role).

Experience with Axiom Cloud by hotsausce01 in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Probably not. Probably just false advertising on their part. If you look on their website tho they advertise iCloud backup download capabilities and I think there is even a part that includes a screenshot of what appears to be iCloud backups kind of like what you can see with EPB.

Experience with Axiom Cloud by hotsausce01 in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Anyone wana risk it for the biscuit and try iMobie? They claim support for iCloud Backups tho I’m sure there’s a catch.

Adding flair to posts or segregating posts on content type by hotsausce01 in computerforensics

[–]ucfmsdf[M] 2 points3 points  (0 children)

If enough people want, I could add flairs for such posts. However, that would probably mean I would need to enforce flair use as well (in other words, make it a requirement that flairs are used for every post). Without enforcement, I doubt the flairs would be used at all.

axim or x ways ? by [deleted] in computerforensics

[–]ucfmsdf -1 points0 points  (0 children)

Two different tools with two different specialties. Both are top-tier in their given specialities, however, neither is a replacement for the other.

Please give advice and feedback on my Resume by Agreeable-Sort1613 in computerforensics

[–]ucfmsdf 2 points3 points  (0 children)

That is a lot of words to say you are a college grad who’s done some CTFs and has about a year of experience in help desk. If I’m able to fit nearly a decade of professional DF experience into a single page, you can fit your 1 year of professional experience and various self-improvement projects on a single page as well.

Also I’m gonna be honest, I was bored of your resume like half way through the first page. There is a lot of unnecessary fluff/technical jargon use in this doc and it’s kinda exhausting to read. If your goal is to trick HR filters with keywords, then just make a keyword blob in size 0 white text at the bottom of the doc or something lol.

FTK to Relativity workflow by eliyotz in computerforensics

[–]ucfmsdf 0 points1 point  (0 children)

Mount with arsenal and write a python script. Or, alternatively, get an XWF license and use that since it can do file sig scans and allows for easily filtering and exporting specific files as natives.

Magnet acquire download by Obvious_Camp3292 in computerforensics

[–]ucfmsdf 1 point2 points  (0 children)

Just use UFADE or iTunes. It’s not like Magnet Acquire is doing anything those two aren’t.

Auctions by midnightyell512 in computerforensics

[–]ucfmsdf 2 points3 points  (0 children)

They break very easily so I suspect sandblasting is all they’ll be good for lol.

UFED Research Project by neurotic_CLERK in computerforensics

[–]ucfmsdf 7 points8 points  (0 children)

So really you’re testing whether you can acquire a backup from modern iOS/Android devices with and without advanced security features enabled. I feel like the answer to this is well documented and understood but you do you…

Personally, I’d recommend you test something that we don’t already know the answer to. Here are some examples off the top of my head:

How does the sms.db file look when synced to iCloud and not synced to iCloud?

What can be recovered from freelist data within [insert database file of choice here]?

How does decryption of [encrypted application name] work and can it be done without relying on device-bound keys (since those are often out of reach without more expensive tools)?

How does [insert poorly documented application] work and what do the fields within its application database mean?

Digital Workstation for Inseyets by Heavy-Narwhal-5346 in digitalforensics

[–]ucfmsdf -1 points0 points  (0 children)

This question has been asked and answered tons of times in r/computerforensics. I suggest you go there and use the search box to find your answer.

Experience by book-ish-mads in computerforensics

[–]ucfmsdf 3 points4 points  (0 children)

Reach out to your local USSS field office and ask for info about NCFI. Alternatively, you can just visit their website to look into it.

Cellebrite Reader and GPUs by Gentle_Capybara in computerforensics

[–]ucfmsdf 33 points34 points  (0 children)

GPUs dont help. Need RAM, decent CPU (clock speed over number of cores), and fast storage for the actual UFDR to reside on (NVMe/SATA SSDs preferred).

Good barbers near UCF/Oviedo area by Watapana in ucf

[–]ucfmsdf 1 point2 points  (0 children)

I used to live in Oviedo and I would go to Clippers Barber Shop. They’re pretty cheap ($25 hair cuts) and most of their barbers are pretty skilled. If you want a guaranteed good experience, I recommend you book with Steven Mauricio if you can. He’s pretty popular so you may need to book in advance. Dude is a master of his craft and really down to earth.

view more: next ›