Frittmann Forensics

Blending Robert Frittmann's computer and security careers into computer forensic investigation.

  • Archive

  • Categories

  • Recent Posts

  • RSS Intellisec

    • Duel of the Designers: New Industrial Espionage War Zone 8 November 2009
      Economic and commercial espionage has a much lower profile than it deserves – dangerously low. It’s an area where many companies remain unaware of their vulnerability, believing that unless they’ve invented something like a cure for the common cold, no one is likely to be interested in what they’re doing. That’s definitely not the case, [...]
      admin
    • The Cyberspace Explosion: Five Tips for Survival 4 November 2009
      The new digital world of easy communications and social networking is so surprisingly open that many no longer see the problem as one of Big Brother watching us. It’s more a matter of us being obsessed with watching each other. And sharing, too. As The New York Times put it in September, “Your parents probably [...]
      admin
    • McKinsey Partner’s Arrest Spotlights White-Collar Crime 2 November 2009
      The elite US consulting firm of McKinsey & Company, long known for its prudence and caution, must have been low on anybody’s suspect list of those likely to be involved in financial crime. Even the suspect himself was shocked when federal officers arrived at his California home recently to arrest him on charges of conspiracy [...]
      admin
    • McScam: Fast Food Customers Fleeced 30 October 2009
      Australia’s Daily Telegraph reported on October 21 that McDonald’s – the largest fast food chain in the country – will overhaul security on its EFTPOS machines after customers were stripped of $A4 million. Criminals had snatched the devices at McDonald’s outlets across the Western Australian state capital of Perth, a city of more than one [...]
      admin
    • FBI Operation Catches Online Bank Fraudsters 27 October 2009
      In what the FBI is calling Operation Phish Phry, it has arrested 53 people on charges of conducting a vast financial fraud based on phishing. Numerous Internet users have been tricked into revealing vital information, according to an 86-page indictment filed in the US District Court in Los Angeles. The New York Times reported on [...]
      admin
    • Saab, US Company Accused of Bribery in South Korea 25 October 2009
      The Korea Times in Seoul reported on October 6 that an investigation into bribery cases involving foreign defence firms is widening as more evidence of illegal lobbying activities emerges. The move comes as the country’s authorities conduct a probe into the Swedish defence and aerospace firm, Saab, whose Seoul office has been raided on suspicion [...]
      admin
    • ‘Canadian Madoff’ sentenced to jail for 200 fraud charges 21 October 2009
      This week in a Montreal Court saw former Norbourg CEO Vincent Lacroix sentenced to 13 years in jail after he recently plead guilty to nearly 200 fraud charges in relation to the financial collapse of the Norbourg Group. The charges included multiple counts of fraud, conspiracy to defraud, conspiracy to commit forgery, fabricating documents and [...]
      admin
    • Japanese Banks Call Gangs to Account 15 October 2009
      If your company is about to go into business in Japan it will pay to know where gangs – referred to as yakuza – fit into the scene. In more ways than one, Japan has the most overt, upfront gangs in the world. They hold annual general meetings and are sometimes seen on TV. But [...]
      admin
    • If Fake Anti-Virus Software Doesn’t Get You, Something Else Will. 11 October 2009
      A Russian security researcher who heads Canada’s virus lab, Sophos, has recently shown how most spam on email, search engines and social networking sites originates with ‘affiliate networks’. These networks pay generous commissions to geeks who refer unsuspecting web users to their illegal products. Not only are they selling fake anti-virus software but also […]
      admin
    • Cyber scams and cheats target job seekers: Six tips to protect yourself 7 October 2009
      As more and more job seekers turn to the internet looking for positions, scammers are finding ways to dupe them of their money. Cyber fraud, money laundering and scams are confronting online job seekers. Authorities have reported a large rise in online scams targeting those looking for a new job or part time position. Investigators [...]
      admin

  • RSS Discerning e-Discovery

    • Bringing Order to Chaos: “Be quick but don’t hurry” during project crisis 8 October 2009
      John Wooden, the famous UCLA basketball coach, had many famous quotes as part of his pyramid of success.  One of my favorites is “Be quick but don’t hurry.”  The quote means (1) do the right things, (2) learn to do them quickly, but (3) never be out of control.  This quote also has application for project managers facing a crisis. As project managers, we all […]
      Tom Mighell
    • “That Proclamation and a Dollar Will Get You a Cup of Coffee Down Here in the Valley, Son” 10 September 2009
      by Dennis Kiker - Director, Professional Services, Fios, Inc. I’ve noticed a theme in many of my conversations with outside counsel recently when the topic of the Sedona Cooperation Proclamation comes up.  First there is a tightening around the mouth and the eyes narrow just a bit.  It is not dissimilar to the look my daughters would give me when I asked whe […]
      Tom Mighell
    • Building an e-Discovery Team - Part 3 3 September 2009
      by Nancy Patton, Professional Services, Fios, Inc. In the first two posts in this series, I’ve emphasized that Legal and IT are the core building blocks of any Discovery Response Team. Representatives of other departments can be added to the team as required; depending on the organization’s structure, individuals from records management and compliance […]
      Tom Mighell
    • Building a Discovery Reponse Team - Part 2 27 August 2009
      by Nancy Patton, Professional Services, Fios, Inc. In my first post in this series last week, I discussed why a Discovery Response Team is a critical component to an effective e-discovery response.  This week, let’s talk about the steps you must consider in order to assure the greatest success in building your Discovery Response Team: Establish a team […]
      Tom Mighell
    • Improving Review Efficiencies 26 August 2009
      by Richard Wersinger, Technical Trainer, Fios, Inc. In their August 2009 Law Technology News article, Robbery?: Are we cheating clients if we don’t purge duplicates? (Law Technology News, August 2009, Vol 16 No. 8, ) authors Anne Kershaw and Joseph Howie suggest it is possible to gain review efficiencies by deduping across multiple custodians.  They wrote: W […]
      Tom Mighell

  • RSS SANS Forensics

    • How to Disrupt a Botnet 8 November 2009
      The following note is inspired by the steps the folks at FireEye Malware Intelligence Lab took to disable the Mega-d/Ozdok bot network. People often wonder what it takes to shut down a botnet. Here are the key steps, which apply to “traditional” botnets, which don’t rely heavily on peer-to-peer protocols for their command and control [...]
      Lenny Zeltser
    • 3 Lists for Investigating Malware Incidents 7 November 2009
      When investigating an incident that involves malicious software, it helps to understand the context of the infection before starting to reverse the malware specimen. Some of the ways to accomplish this involves: Examining the websites that may be associated with the incident, often because they are suspected in hosting exploits that acted as the infection ve […]
      Lenny Zeltser
    • An Analysis of SpyKing 3 November 2009
      In this post, I am going to touch on several methods of analysis used in discovering how a potentially malicious program functions. In this case, I have selected a covert surveillance program called SpyKing. The marketing hype concerning this program states: “SpyKing Vista Spy secrectly logs all keystrokes, web sites, emails, chats & IMs: MSN Messenger, […]
      craigswright

  • RSS Where is my data?

    • DNA Rention Limits – More of the Same 11 November 2009
      DNA - 6 years retention
      585
    • PunterNet, PR, and Bad Driving 5 October 2009
      Harriet Harman is not having a good time. She is accused of failing to stop at road traffic accident, she was embroiled in the  expenses claims fiasco, and she is the deputy leader of a party that just got dropped by the biggest selling paper in the UK. But, this is not why she is [...]
      585
    • Electronic Discovery: MS and Autonomy 3 October 2009
      If the rummors are true, this would be big news in the ED world, Full Article If Microsoft, as rumored, were to buy Autonomy, there would be a seismic ripple felt through eDiscovery-related markets.  First, Microsoft would own two of the leading search products in the market (Autonomy and FAST).  Second, Microsoft would have applications to provide [...]
      585

  • RSS Data Triage

  • Pages

  •  

    November 2009
    M T W T F S S
    « Jun    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  

  • Archives

  • Meta

  • RSS Wired: Threat Level

    • Convicted Murderer Sues Wikipedia, Demands Removal of His Name 11 November 2009
      Wikipedia is under a censorship attack by a convicted murderer who is invoking Germany’s privacy laws in a bid to remove references to his killing of a Bavarian actor in 1990. Lawyers for Wolfgang Werle, of Erding, Germany, sent a cease-and-desist letter (.pdf) demanding removal of Werle’s name from the Wikipedia entry on actor Walter Sedlmayr. [ […]
      David Kravets
    • Government Will Pay $3 Million in Coffee Table Spying Suit 10 November 2009
      The U.S. has agreed to pay $3 million to a former government worker who accused officials with the CIA and State Department of spying on him with a bugged coffee table. Rather than comply with a court order to provide lawyers in the case with what the U.S. government says is classified information, the government has [...]
      Kim Zetter
    • Feds Charge $522K for FOIA Request 10 November 2009
      The Treasury Department wants more than $500,000 to comply with a Freedom of Information Act request, a fee an attorney on the case suggested Tuesday might be one of the largest bills of its kind. “I have not seen one that has been larger,” said Noah Wood, a Missouri attorney suing the government to comply with [...]
      David Kravets

Frustration

Posted by Robert Frittmann on 22 June 2009

I am still waiting to hear from the University of Auckland (UofA) as to whether I have been accepted on their BSc programme for semester two, 2009. Today I received my student ID card from Massey University (MU). They seem to be much more organized than UofA. However, I am still holding out for a placing with UofA as transportation to and from class will be much easier if I am studying there than at MU.

One thing that I really appreciated was finding that UofA have a public iCalendar for the important academic dates, including semester start and end dates, study breaks, etc. I have added the UofA iCal to my Google Calendar. I have also sent an email to MU, Unitec, and AUT to enquire whether they also have an academic dates iCalendar. I’d like to collect them all in my Google Calendar.

In the meantime, I have been organizing payment of fees and my living expenses. I started the application process for a student loan using the StudyLink website, and have gotten up to the stage of deciding on living expenses. This is something that I cannot decide on alone, as it affects my wife as well, so I am trying to arrange an appointment with WINZ for my wife and I, to discuss the options available to us. This presented itself to be more difficult than I thought it would be. Just trying to arrange the appointment! I called WINZ to request the appointment, but got the third degree from their officious operator, Makelita (of the Wellington Contact Centre), who would not listen to what it was we were trying to achieve, and only wanted to follow her prescribed script to sign us up as a new beneficiary. As soon as I mentioned that my wife has a permanent disability, this Makelita woman didn’t want to speak to me at all any more, and would only speak to my wife, who according to her script would now become the “primary beneficiary”. Oh, give me a break! We haven’t even decided whether we want to be on a benefit yet, and whether it would be financially viable for us or not, considering that my wife is still working. All I wanted to do was to make an appointment to come in to a WINZ office with my wife, and discuss the options available to us. We may end up signing up as beneficiaries after that discussion, or we may find some other way to meet the living costs while I study. My wife is considering studying as well, and this would also need to be considered in any discussion of living expenses. I am waiting now for Makelita’s manager Susan to contact the local WINZ branch to arrange a suitable time slot for an appointment for us.

Talk about frustrating!

Posted in Uncategorized | Leave a Comment »

Application

Posted by Robert Frittmann on 19 June 2009

I am starting to get feedback now about my applications to study next semester. I have applied to the University of Auckland and to Massey University for semester 2, 2009, and to AUT University for semester 1, 2010. Massey have just accepted me for semester 2, and I am waiting to hear back from Auckland Uni. I would prefer to be going to Auckland uni, only for the fact that my wife works at AUT, which is within walking distance of Auckland Uni, so travel would not be a problem. To go to Massey, I will end up catching the bus every day. Bummer! The other option is that perhaps my wife could move to Massey as well, as long as she could get a comparable position there. I think that is stretching it a bit though, but worth a try if things don’t pan out with Auckland Uni.

Posted in 01. Undergraduate preparation, 01.01 Programme selection | Tagged: , | Leave a Comment »

Amalgamation

Posted by Robert Frittmann on 2 June 2009

Today is Queens Birthday weekend. Not that it means that much to me, as I am on paid leave already, and a public holiday doesn’t alter things much in my present situation. So, rather than going out to enjoy the fine (if a little chilly) weather, I decided to spend the day working on my blog instead. This news, of course, was greeted with a rather chilly reception from my wife. She did manage to drag me away for a short while during the day, but most of it was spent here at the computer.

While assessing the direction that my blog has been taking since I started it a week ago, I was alarmed to find that I have been straying seriously from the focus, which is computer forensic investigation. Admittedly, my studies have not started in earnest yet, and I am still very much in preparation mode. To keep things on target in my blog, I have therefore decided to spawn sister-blogs for my other interests. Today I created a new blog for my interest in online identity, privacy, internet safety, and online presence issues, which I call Cyber Presence (cyberpresence.wordpress.com). I have also created a blog to keep track of my informal studies in cyberpsychology, cyberculture, online behavior, and human-computer interaction issues, which I will call Psyber Psychology (psyberpsych.wordpress.com). My fourth WordPress blog is about my current project of creating a personal ontology of my life, and issues relating to mindmapping, the semantic web, and social semantic desktops. This blog will be called Personal Ontology (personalontology.wordpress.com).

I guess this may all sound more like separation, rather than amalgamation, at first. But in the process of separating out the various strands I have been able to get a better picture of how they all fit together. Computer forensic investigation is about detecting criminal activity as it relates to computers. Cyberpsychology will help the forensic investigator to “know thy enemy” as Sun Tzu would say. Tracking a cybercriminal across the ‘net requires a certain amount of “getting inside their head”. This also links in with my interest in online identity, privacy, and online presence. A cybercriminal could easily have a secondary presence that shines with ethical meekness. Issues relating to emerging frameworks for online authentication may well impact on how cybersleuths track down the bad guys. I haven’t developed my theories on personal ontology well enough yet to link that in as well, but I know that it is related somehow.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , , , , | Leave a Comment »

Classification

Posted by Robert Frittmann on 1 June 2009

My wife, with over eight years of close observation of my personality, has come to the conclusion that I must have Asperger’s Syndrome. A quick look over the diagnostic criteria for Asperger’s reveals some consistencies with her assertion. Of particular note is the “Imposition of routines and interests on self, in aspects of life”. My recent efforts in creating a personal ontology, using the PersonalBrain mindmapping software, may have contributed to my wife’s diagnosis. Sure, there may have been one or two other criteria in the list that collude also. Those who know me almost as well as my wife might even find other propinquity.

Creating a personal ontology is something that I have been considering for a long time now. A visual platform, such as a graphical mindmap, is much more alluring to me than trying to force an existing textual platform, such as DAML or OWL (or a knowledgebase or a wiki) to conform to my own understanding of what a personal ontology should be. So, what exactly is a personal ontology? I found this little gem on the gapingvoid website…

An ontology as defined by dictionary.com is:

“An explicit formal specification of how to represent the objects, concepts and other entities that are assumed to exist in some area of interest and the relationships that hold among them.”

A personal ontology by extension is simply one persons ontology as opposed to a global, all encompassing ontology [...]. A personal ontology on the other hand is more relevant to the individual.

In simple terms, I am trying to create a classification of myself, and anything and everything to do with myself. Does this sound like a particularly Asperger’s thing to do? Well, maybe, I guess, but I do have a good reason for doing it. I am finding it harder to keep track of everything going on around me, both in real life and in cyberspace. Maybe this is a symptom of my steadily advancing age. Maybe it is to do with the rapid advancement of technology. Whatever the reason, I think that traditional solutions such as memory improvement, stress management, and time management will not be as effective as practical creativity.

The outcome of such an undertaking must be effective in reducing the chaos that surrounds me. What I expect to get out of my personal ontology is a logical, easily traversed, searchable, and portable catalog of my life, with both online and offline components. The ideal goal is to have a mindmap on a PDA or Tablet PC that contains navigable links to my documents, links to websites I frequent, metadata, secure login credentials and personal private data. This information will be collated from, and relevant to, all aspects of my life.

To begin my personal ontology, I have downloaded the latest version of PersonalBrain, from TheBrain Technologies website. The home thought of my brain is my own name, and fanning out from that starting point are the major aspects of my life, which after some brainstorming came to:

  • Citizenship
  • Creativity
  • Culture
  • Education
  • Employment
  • Ethics
  • Faith
  • Family
  • Finance
  • Friends
  • Goals
  • Health
  • Interests
  • Perspective (Worldview)
  • Recreation

While this is not an exhaustive list for an ontology, it is a starting point. I will no doubt add to this list as I go, and possibly rename some of them. From there I created a new thought under each one, for the goals of each aspect, and then linked them all back under the Goals aspect itself. So I can define goals for each aspect of my life, which are then accessible as a single collection under the aspect of Goals. I have also begun to add extra thoughts under each aspect.

Employment Mindmap

Employment Mindmap

Educational Mindmap

Educational Mindmap

I don’t see this project as having an expected completion date, as it will require constant modification, like a wiki or knowledgebase. There is currently no Mobile version of PersonalBrain, but I anticipate a Java-based version in the not-too-distant future. Either way, if I can get my personal ontology to achieve what I plan for it, while at least running on a laptop or Tablet PC, it should help to unscramble the pandemonium in my bookmarks / favorites, My Documents, and other aspects of both my online and real-world lives.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , , , , , , | Leave a Comment »

Capitulation

Posted by Robert Frittmann on 28 May 2009

A couple of posts back, I mentioned that “I am now taking control over how I am perceived on the Internet.” This has been what I have spent most of my time doing over the last 24 hours. I have been “coming out”, so to speak. No, I am not gay, but I have been coming out of the closet in another way.

For a long time now, I have been hiding behind aliases when surfing the Internet. I have hundreds of accounts on a variety of popular social networking sites, forums, IM Chats, IRC, newsgroups, in fact all over the Internet (not just the world-wide-web). But hardly anywhere did I exist as myself. I have today been remedying that, and have begun creating a whole screed of new accounts with my own, real name on them. I will continue to use all of my other aliases for their various purposes, but these new accounts are specifically for how I want to be know as myself on the Internet.

I have, for instance, a new Facebook account that my family, my workmates, and my classmates will be able to actually find me on. They could be forgiven for thinking that I don’t know anything about the Internet, as I didn’t really exist on it before, as far as they were concerned. That also is the predicament I faced with potential employers. While my experience on the ‘net is vast, I don’t exactly want prospective employers or their PR people looking me up as “cyberbob” or whatever. So now I am me.

I wrote on someone’s wall recently that “if I were to friend myself, with all my different aliases, I would have a huge network!” My online paranoia has even extended to my wife, and I had previously advised her to follow my online security precautions and create aliases for herself. Now that I am coming out, she wants to friend me, naturally. However, I have asked her to not friend me from her alias accounts, as they are friended to my alias accounts, and that would give the game away, so to speak. Oh, what a tangled web we weave.

I have also been setting up new Twitter, Digg, and Delicious accounts, and linking them to my new Facebook account.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , , , , | Leave a Comment »

Recreation

Posted by Robert Frittmann on 28 May 2009

Yesterday I spent the day out and about, running errands. I took some time to visit my local public library, and as always, found my way to the computer section. I came across a series of books that I had heard of before but had not read yet, but always wanted to. The series is called “Stealing the Network”. Each book in the series is a collection of short fiction stories about computer security incidents. While they are fiction works, the technologies related in the stories are real, and the tales give some great insights into computer security, electronic crime, and e-discovery issues. Each short story is written by respected computer security professionals within the industry, and draw from their own experiences, covering a wide range of disciplines within the INFOSEC community. I am currently reading the first book in the series, “How to own the box”, and I have immediately found common ground in the forward to the book. As Jeff Moss of Black Hat, Inc. states…

In movies, Hollywood tends to gloss over this fact about the time involved in hacking. Who wants to watch while a hacker does research and test bugs for weeks? It’s not a visual activity like watching bank robbers in action, and it’s not something the public has experience with and can relate to. In the movie Hackers, the director tried to get around this by using a visual montage and some time-lapse effects. In Swordfish, hacking is portrayed by drinking wine to become inspired to visually build a virus in one night. One of the oldest hacking movies, War Games, is the closest to reality on the big screen. In that movie, the main character spends considerable time doing research on his target, tries a variety of approaches to breaking in, and in the end, is noticed and pursued.

But what if …? What would happen if the attackers were highly motivated and highly skilled? What if they had the guts and skills to perform sophisticated attacks? After a few drinks, these authors of the book you are holding in your hands are/were quick to speculate on what would be possible. Now, they have taken the time and effort to create ten stories exploring just what it would take to own the network.

When the movie War Games came out in 1983, it galvanized my generation and got me into hacking. Much like that fictitious movie introduced hacking to the public, I hope this book inspires and motivates a new generation of people to challenge common perceptions and keep asking themselves, “What if?”

I remember when War Games came out. That computer synthesized voice asking the question “would you like to play a game?” still haunts me. While visiting the Auckland University science faculty recently, I saw an IMSAI 8080 microcomputer in their display case and remembered it as being the type of computer that Matthew Broderick’s character David Lightman had at his home in the movie. It looked like such a dated system even back then, with its acoustic coupler modem. I was already dialling into BBSes when the movie came out, and had long since replaced my old acoustic coupler with a more modern 1200 baud modem that plugged directly into the telephone line. Those were the days!

This is me with an IMSAI 8080.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , | Leave a Comment »

Identification

Posted by Robert Frittmann on 26 May 2009

MeezI have finally added a photo to my blog. However, as you can see, it isn’t exactly a photorealistic image of me. For a long time now I have been using the Meez website to create my avatars. I have been fairly paranoid about Internet security in the past, and a current search of Google Images for my name reveals no results at all. While my conscientious attention to personal safety on the world-wide-web has resulted in a certain degree of anonymity online, it has had the negative effect of allowing others to speak for me. I am now taking control over how I am perceived on the Internet. I still have many aliases online, and will no doubt add to my e-schizophrenia in the future also. But I must now fill the void that has been left about my real personality before someone else fills it for me.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , | Leave a Comment »

Exhaustion

Posted by Robert Frittmann on 26 May 2009

One of the benefits of being on paid leave is that, if I get a little carried away with my preparation work, I don’t need to be worried about not being fresh for the next day’s work. I stayed up all night last night, till 6am the next morning, doing some prep work. My wife drifted off to bed at her normal time, but I was huddled over the laptop in the lounge all night. I didn’t even hear her the next morning when she went out to work. Just because life stops for me, it doesn’t for my wife.

My marathon effort on the Internet last night produced some great results. I have added 8 new requests for contacts to join my LinkedIn network. I have found a marvelous free program for bibliographical management, BiblioExpress from Biblioscape. I have also loaded it up with a collection of the top 100 results from a Google Scholar search on the term “Computer Forensics”, just to get used to the features of the program. It imports the EndNote files easily from Google Scholar, provides an SQL query and saved searches that leverage the database nicely, and exports the results in APA citation format (which my previous tertiary study required) as well as ACS and MLA. I can see that BiblioExpress will become another essential tool in my arsenal during my studies.

Also last night I got the definitive answer to my question about whether or not to take a conjoint degree BSc and LLB. The reply that I received from seanmcl, a senior member of the Forensic Focus community, is worth quoting here in full.

The benefit of Law Enforcement experience is knowing how to conduct an investigation, collect and analyze evidence, etc. This includes knowledge of the law but not knowledge sufficient to be a practitioner.

In the US, anyway, unless you are planning to provide legal advice or advice to other attorneys on computer forensics, a law degree can actually be a handicap. I was actually involved in a case where the other expert was a lawyer and most of his report was excluded from the case because the judge decided that it was not expert forensic evidence but simply legal opinion. Also, when working on cases involving lawyers, you’ll be taking direction from the legal team. This might be a problem if your professional legal opinion or strategy differs from that of your client’s attorneys.

As an expert, discussions with your client will not be protected by the attorney client privilege however, there are at least theoretical problems if you are wearing both hats.

Finally, there is the issue of marketing and cost. If you are selling your services as a CF expert, then the law degree can create product confusion issues. Are you a failed lawyer who got into forensics or a Cf expert who wants to practice law? Am I, the client, paying for your legal expertise or your expertise in forensics?

I’m not saying don’t do it. I am saying that you need to think through what you really want to do with your training and expertise in order to determine whether a law degree makes sense.

I am only at the start of my career in computer forensics, and haven’t really thought through what I intend to do with it yet. I know that I would like to work in Law Enforcement, or at least work in the private sector consulting to Law Enforcement. I am definitely not interested in pursuing kiddie porn rings though. My previous experience as a forum moderator, fighting off spam attacks, has forced me to see more than enough sick pictures like that. I don’t know how Law Enforcement officials can do that type of work without it affecting them psychologically. Making the Internet a safer place is a noble thing, and I take my hat off to those who do it, but that is definitely not the type of computer forensic investigation that I want to aspire to.

That said, my decision about whether or not to take a conjoint degree here at the start of my career path is much clearer with the help of seanmcl and others who replied to my posts. Such astute advice I could not gain locally! I have recently visited four university campuses (admittedly, only one offers a recognizable qualification in computer forensics per se), and none of their student advisers were able to offer such wisdom and clarity as I have seen here on the net. The wonders of this information age!

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in 05.05 Bibliographies | Tagged: , , , | Leave a Comment »

Preparation

Posted by Robert Frittmann on 25 May 2009

Sitting back and relaxing on my paid leave for four weeks is not in my plan at all. Even though semester two doesn’t begin until June, I have a lot of preparation to do. Today I made an appointment with the course counselor at AUT, as I need to ensure that the papers that I’m intending to do at Auckland University will be suitable for entrance to the Master of Forensic IT (MFIT) postgraduate course once I graduate. I’d hate to spend three years studying at Auckland Uni just to find that my academic transcript is not going to help me secure a place on the MFIT programme at AUT.

I have also been working on my LinkedIn profile today, and have gained my first network contact. Aaron Bhashkar of Soft Solutions has added me. He was a software vendor back when I started in the computer industry. I hope to get a lot more contacts in my LinkedIn network and maybe even get some recommendations. I have added many of my previous positions from both my time in the computer industry and in the security industry, so hopefully I’ll gain some recommendations to boost my reputation on LinkedIn.

Also today I’ve been posting the question, about whether I need to study Law as part of my undergraduate programme, on some security and forensics forums. I have posted on Forensic Focus, security-forums, and Computer Forensics World. I hope to get some good advice about my study options before I go to the course counselor on Friday.

I try to ensure that I am as prepared as possible for my studies, and I have spent some time today building a collection of book titles related to computer forensics, using Google Book Search. Later I will also create a list of articles using Google Scholar. By the time I begin my studies I will have a good collection of reference material that I can call on. I will be reformatting my 2Gb thumb drive and loading it up with my PersonalBrain data and my KeePass password database, two essentials that I can use both in Windows and Linux. I use The Brain to keep track of all my information, linking course information, reference material, class timetables, and favorite websites all in a single graphical “mind map” environment. I use KeePass as a secure repository for all my passwords. There is just so much to prepare, and I only have four weeks to do it.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in 05. Study Tools | Tagged: , , , , | Leave a Comment »

Introduction

Posted by Robert Frittmann on 25 May 2009

On Thursday 21 May 2009 my life took another major change in direction. On that day I enrolled at Auckland University for the second semester of 2009, beginning my studies towards the Master of Forensic IT (MFIT) qualification. I intend to complete the Masters at Auckland University of Technology (AUT) in about five years time, but my undergraduate work will be done at Auckland University. That is, of course, unless Auckland University come up with an equivalent postgraduate qualification in computer forensics in the meantime. At the time of writing, the only tertiary institution that offers such a postgraduate qualification in computer forensics in Auckland is AUT.

My name is Robert Frittmann, I am currently 39 years old and I have a work history that has been divided between the IT industry and the security industry. With my plan to study computer forensic investigation, I intend to merge these two sides of my professional life into one. This blog is here to document my progress towards that goal, and to bring together the knowledge that I glean along the way. Maybe it will be of help to others pursuing a similar course.

My first dilemma along the way is deciding whether I need to include Law as part of my studies. I know that I can follow the BSc in Computing directly with an MFIT, but I am thinking more about the prospective employer at the end, rather than just the qualification. I feel that I would be more employable in the future if I also have some Law papers behind me, particularly in criminology. I am asking this question on the web to see if I can get some advice. I will come back with the results of that question, and make my decision later. I expect to be 45 years old by the time I graduate, so spending the extra time gaining a Law degree as well is quite an undertaking.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in 01.01 Programme selection | Tagged: , , | 1 Comment »