Frittmann Forensics

Blending Robert Frittmann's computer and security careers into computer forensic investigation.

  • Archive

  • Categories

  • Recent Posts

  • RSS Intellisec

    • Another US Ponzi Scheme Hits the Dust 21 December 2009
      As The Wall Street Journal reported on December 3, a Minnesota jury has found the operator of a $US3.65 billion Ponzi scheme guilty of all 20 counts of wire fraud, mail fraud, money laundering and conspiracy, potentially consigning him to life in prison without parole. The racket dates back at least a decade. At the time [...]
      admin
    • Guarding Against Corporate Fraud 13 December 2009
      The Indian outsourcing firm, Satyam Computer Services, which was the subject of the country’s biggest corporate fraud scandal in January 2009, has been hit with a tranche of supplementary charges. According to India’s Central Bureau of Investigation, the extent of the total fraud now stands at around $US3 billion. What the Bureau has revealed provides [...] […]
      admin
    • Open Slather on Corporate Secrets 10 December 2009
      A new trans-Atlantic survey has confirmed what many suspected: staff moving on to another job will often take much more than their payout with them. While you can’t stop employees carrying your company’s intellectual property out in their heads, there is something you can do to protect yourself before they leave. Call in a team [...]
      admin
    • Seven Danger Areas To Watch For In A Hi-Tech World 2 December 2009
      With new technologies being introduced into your business environment at a dazzling pace, it’s easy to overlook the extent to which the divide between your employees’ work time and their private lives and ambitions is increasingly blurred. Some corporate managers wonder whether they can any longer define where it is. One American CEO recently observed [...] […]
      admin
    • Hackers: Barbarians at Your Corporate Gate 29 November 2009
      The risk of hackers penetrating your company’s database and exposing your commercial secrets – if not some dirty linen as well – was brought home recently when the internal musings of Britain’s leading climate science research centre were laid bare. Thousands of private emails between top climate change scientists were made public, revealing the bitter [...] […]
      admin
    • Guarding Your Company’s Customer Records 22 November 2009
      Mid-November brought an embarrassing admission from a mobile phone company in the UK. T-Mobile had to inform Commissioner Christopher Graham, Britain’s watchdog responsible for safeguarding personal information that staff had passed on millions of records from thousands of customers to third party brokers. Graham, whose office is currently preparing a case f […]
      admin
    • Ten Ways to Protect Against Payroll Fraud 17 November 2009
      Australia’s Daily Telegraph ran a useful report in mid-November on payroll fraud, a form of financial crime that is often particularly difficult to detect. One victim, a whitegoods and electrical retailer, managed to retrieve the $A20 million stolen by its payroll officer, but most companies never see their money again. And the crooks involved don’t [...] […]
      admin
    • The Contagion of Fraud: Best Nipped in the Bud 15 November 2009
      Only a few months ago, mention of the name Bernard Madoff brought to mind America’s biggest-ever Ponzi scheme. The sheer scale of the financial fraud involved and the audacity with which it was carried out dazzled most people. Fast forward to now and Madoff as an individual has largely faded from sight. Instead, it’s the [...]
      admin
    • Duel of the Designers: New Industrial Espionage War Zone 8 November 2009
      Economic and commercial espionage has a much lower profile than it deserves – dangerously low. It’s an area where many companies remain unaware of their vulnerability, believing that unless they’ve invented something like a cure for the common cold, no one is likely to be interested in what they’re doing. That’s definitely not the case, [...]
      admin
    • The Cyberspace Explosion: Five Tips for Survival 4 November 2009
      The new digital world of easy communications and social networking is so surprisingly open that many no longer see the problem as one of Big Brother watching us. It’s more a matter of us being obsessed with watching each other. And sharing, too. As The New York Times put it in September, “Your parents probably [...]
      admin

  • RSS Discerning e-Discovery

    • Collecting Gumballs 17 December 2009
      by Dennis Kiker, Director of Professional Services, Fios, Inc. I am fortunate in that I work out of my home, which has decided advantages at times, particularly at this time of year when I can look out my window on the neighborhood and enjoy the autumn colors.  In Virginia, as in much of the Southeastern United States, we have a tree we call the “gumball” tr […]
      Tom Mighell
    • Delivering on an E-Discovery Project: Is Gold-Plating Necessary? 8 December 2009
      By Aaron Pippin, Senior Project Manager, Fios, Inc. In our industry, individuals often want to provide value by delivering more than what was actually asked for.  In the Project Management world, this is known as “Gold Plating.”  Providing value is always a good thing; however, gold plating can lead to undesirable issues. For example, if a client asks […]
      Tom Mighell
    • Buddy, Can You Spare a Dime? 16 November 2009
      by Dennis Kiker, Esq., Director, Professional Services, Fios, Inc. Cost containment continued to be the most recurrent theme on day two of the Georgetown Advanced E-Discovery Institute.  And by a pretty wide margin (with no disrespect to any of the other excellent speakers), Ralph Losey and Jason Baron’s presentation on advanced search had to be the most ent […]
      Tom Mighell
    • Lions and Tigers and Bears (Oh My!) 13 November 2009
      by Dennis Kiker, Esq., Director, Professional Services, Fios, Inc. I’ve often heard colleagues ask prospective clients, “What keeps you up at night?”  Or, “What worries you about e-discovery?”  After all, that is what we, as vendors, want to know: how can our products or services ease your concerns, so that you’ll purchase our products or services.  Thus, it […]
      Tom Mighell
    • Waiting for Georgetown 12 November 2009
      by Dennis Kiker, Esq., Director, Professional Services, Fios Inc. Last night was cold, rainy, and rather gloomy here in Washington, D.C.  It was also Veteran’s Day, so sensible people had chosen to join their government colleagues and stay home or retire early for the day.  So what else would someone facing a two-day e-discovery marathon choose to do on such […]
      Tom Mighell

  • RSS SANS Forensics

    • NTFS: Attributes Part One 24 December 2009
      In the previous post in this series on NTFS file systems, we were just dipping our feet in the complicated waters by examining the output of fsstat. Let’s pick up where we left off. Below is the $AttrDef Attribute Values section of fsstat’s output from the previous post: $AttrDef Attribute Values: $STANDARD_INFORMATION (16) Size: 48-72 [...]
      trustedsignal
    • Learn To Investigate Data Breach Incidents 23 December 2009
      Computer Forensic Training is becoming more critical to your organizations incident response plan due to some of the current threats that are being discovered.  Organizations will find more and more that they will need a team of trained incident responders and computer forensic analysts.  Your organization needs to be prepared on how to handle sophisticated […]
      sansinstitute
    • NTFS: An Introduction 18 December 2009
      Earlier this year, a life time ago in internet years, I published a series of posts on the FAT file system. Over the next few months, I’ll be publishing a similar series on NTFS. Much of the information contained in these posts will come from Brian Carrier’s excellent book, File System Forensic Analysis, articles from [...]
      trustedsignal

  • RSS Where is my data?

    • DNA Rention Limits – More of the Same 11 November 2009
      DNA - 6 years retention
      585
    • PunterNet, PR, and Bad Driving 5 October 2009
      Harriet Harman is not having a good time. She is accused of failing to stop at road traffic accident, she was embroiled in the  expenses claims fiasco, and she is the deputy leader of a party that just got dropped by the biggest selling paper in the UK. But, this is not why she is [...]
      585
    • Electronic Discovery: MS and Autonomy 3 October 2009
      If the rummors are true, this would be big news in the ED world, Full Article If Microsoft, as rumored, were to buy Autonomy, there would be a seismic ripple felt through eDiscovery-related markets.  First, Microsoft would own two of the leading search products in the market (Autonomy and FAST).  Second, Microsoft would have applications to provide [...]
      585

  • RSS Data Triage

  • Pages

  •  

    June 2009
    M T W T F S S
    « May    
    1234567
    891011121314
    15161718192021
    22232425262728
    2930  

  • Archives

  • Meta

  • RSS Wired: Threat Level

    • Former Morgan Stanley Coder Gets 2 Years in Prison for TJX Hack 22 December 2009
      The two great friends talked every day and shared information about all of their exploits — sexual, narcotic and hacking — according to prosecutors. Now another thing they’ll have to share information about is their experience in federal prison. While accused TJX hacker kingpin Albert Gonzalez awaits a possible sentence of 17 years or more […]
      Kim Zetter
    • Obama Appoints Former Microsoft Security Chief New Cybersecurity Czar 22 December 2009
      It took seven months but President Obama has finally found someone to take the cybersecurity czar job no one wanted. Howard Schmidt,  a former Microsoft security executive and a one-time cybersecurity adviser to President George W. Bush, has been appointed to the position of cybersecurity coordinator, according to a White House announcement Tuesday. Schmidt […]
      Kim Zetter
    • 7-Eleven Hack From Russia Led to ATM Looting in New York 21 December 2009
      Flashback, early 2008: Citibank officials are witnessing a huge spike in fraudulent withdrawals from New York area ATMs — $180,000 is stolen from cash machines on the Upper East Side in just three days.  After a stakeout, police arrest one man walking out of a bank with thousands of dollars in cash and 12 reprogrammed [...]
      Kevin Poulsen

Archive for June, 2009

Frustration

Posted by Robert Frittmann on 22 June 2009

I am still waiting to hear from the University of Auckland (UofA) as to whether I have been accepted on their BSc programme for semester two, 2009. Today I received my student ID card from Massey University (MU). They seem to be much more organized than UofA. However, I am still holding out for a placing with UofA as transportation to and from class will be much easier if I am studying there than at MU.

One thing that I really appreciated was finding that UofA have a public iCalendar for the important academic dates, including semester start and end dates, study breaks, etc. I have added the UofA iCal to my Google Calendar. I have also sent an email to MU, Unitec, and AUT to enquire whether they also have an academic dates iCalendar. I’d like to collect them all in my Google Calendar.

In the meantime, I have been organizing payment of fees and my living expenses. I started the application process for a student loan using the StudyLink website, and have gotten up to the stage of deciding on living expenses. This is something that I cannot decide on alone, as it affects my wife as well, so I am trying to arrange an appointment with WINZ for my wife and I, to discuss the options available to us. This presented itself to be more difficult than I thought it would be. Just trying to arrange the appointment! I called WINZ to request the appointment, but got the third degree from their officious operator, Makelita (of the Wellington Contact Centre), who would not listen to what it was we were trying to achieve, and only wanted to follow her prescribed script to sign us up as a new beneficiary. As soon as I mentioned that my wife has a permanent disability, this Makelita woman didn’t want to speak to me at all any more, and would only speak to my wife, who according to her script would now become the “primary beneficiary”. Oh, give me a break! We haven’t even decided whether we want to be on a benefit yet, and whether it would be financially viable for us or not, considering that my wife is still working. All I wanted to do was to make an appointment to come in to a WINZ office with my wife, and discuss the options available to us. We may end up signing up as beneficiaries after that discussion, or we may find some other way to meet the living costs while I study. My wife is considering studying as well, and this would also need to be considered in any discussion of living expenses. I am waiting now for Makelita’s manager Susan to contact the local WINZ branch to arrange a suitable time slot for an appointment for us.

Talk about frustrating!

Posted in Uncategorized | Leave a Comment »

Application

Posted by Robert Frittmann on 19 June 2009

I am starting to get feedback now about my applications to study next semester. I have applied to the University of Auckland and to Massey University for semester 2, 2009, and to AUT University for semester 1, 2010. Massey have just accepted me for semester 2, and I am waiting to hear back from Auckland Uni. I would prefer to be going to Auckland uni, only for the fact that my wife works at AUT, which is within walking distance of Auckland Uni, so travel would not be a problem. To go to Massey, I will end up catching the bus every day. Bummer! The other option is that perhaps my wife could move to Massey as well, as long as she could get a comparable position there. I think that is stretching it a bit though, but worth a try if things don’t pan out with Auckland Uni.

Posted in 01. Undergraduate preparation, 01.01 Programme selection | Tagged: , | Leave a Comment »

Amalgamation

Posted by Robert Frittmann on 2 June 2009

Today is Queens Birthday weekend. Not that it means that much to me, as I am on paid leave already, and a public holiday doesn’t alter things much in my present situation. So, rather than going out to enjoy the fine (if a little chilly) weather, I decided to spend the day working on my blog instead. This news, of course, was greeted with a rather chilly reception from my wife. She did manage to drag me away for a short while during the day, but most of it was spent here at the computer.

While assessing the direction that my blog has been taking since I started it a week ago, I was alarmed to find that I have been straying seriously from the focus, which is computer forensic investigation. Admittedly, my studies have not started in earnest yet, and I am still very much in preparation mode. To keep things on target in my blog, I have therefore decided to spawn sister-blogs for my other interests. Today I created a new blog for my interest in online identity, privacy, internet safety, and online presence issues, which I call Cyber Presence (cyberpresence.wordpress.com). I have also created a blog to keep track of my informal studies in cyberpsychology, cyberculture, online behavior, and human-computer interaction issues, which I will call Psyber Psychology (psyberpsych.wordpress.com). My fourth WordPress blog is about my current project of creating a personal ontology of my life, and issues relating to mindmapping, the semantic web, and social semantic desktops. This blog will be called Personal Ontology (personalontology.wordpress.com).

I guess this may all sound more like separation, rather than amalgamation, at first. But in the process of separating out the various strands I have been able to get a better picture of how they all fit together. Computer forensic investigation is about detecting criminal activity as it relates to computers. Cyberpsychology will help the forensic investigator to “know thy enemy” as Sun Tzu would say. Tracking a cybercriminal across the ‘net requires a certain amount of “getting inside their head”. This also links in with my interest in online identity, privacy, and online presence. A cybercriminal could easily have a secondary presence that shines with ethical meekness. Issues relating to emerging frameworks for online authentication may well impact on how cybersleuths track down the bad guys. I haven’t developed my theories on personal ontology well enough yet to link that in as well, but I know that it is related somehow.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , , , , | Leave a Comment »

Classification

Posted by Robert Frittmann on 1 June 2009

My wife, with over eight years of close observation of my personality, has come to the conclusion that I must have Asperger’s Syndrome. A quick look over the diagnostic criteria for Asperger’s reveals some consistencies with her assertion. Of particular note is the “Imposition of routines and interests on self, in aspects of life”. My recent efforts in creating a personal ontology, using the PersonalBrain mindmapping software, may have contributed to my wife’s diagnosis. Sure, there may have been one or two other criteria in the list that collude also. Those who know me almost as well as my wife might even find other propinquity.

Creating a personal ontology is something that I have been considering for a long time now. A visual platform, such as a graphical mindmap, is much more alluring to me than trying to force an existing textual platform, such as DAML or OWL (or a knowledgebase or a wiki) to conform to my own understanding of what a personal ontology should be. So, what exactly is a personal ontology? I found this little gem on the gapingvoid website…

An ontology as defined by dictionary.com is:

“An explicit formal specification of how to represent the objects, concepts and other entities that are assumed to exist in some area of interest and the relationships that hold among them.”

A personal ontology by extension is simply one persons ontology as opposed to a global, all encompassing ontology [...]. A personal ontology on the other hand is more relevant to the individual.

In simple terms, I am trying to create a classification of myself, and anything and everything to do with myself. Does this sound like a particularly Asperger’s thing to do? Well, maybe, I guess, but I do have a good reason for doing it. I am finding it harder to keep track of everything going on around me, both in real life and in cyberspace. Maybe this is a symptom of my steadily advancing age. Maybe it is to do with the rapid advancement of technology. Whatever the reason, I think that traditional solutions such as memory improvement, stress management, and time management will not be as effective as practical creativity.

The outcome of such an undertaking must be effective in reducing the chaos that surrounds me. What I expect to get out of my personal ontology is a logical, easily traversed, searchable, and portable catalog of my life, with both online and offline components. The ideal goal is to have a mindmap on a PDA or Tablet PC that contains navigable links to my documents, links to websites I frequent, metadata, secure login credentials and personal private data. This information will be collated from, and relevant to, all aspects of my life.

To begin my personal ontology, I have downloaded the latest version of PersonalBrain, from TheBrain Technologies website. The home thought of my brain is my own name, and fanning out from that starting point are the major aspects of my life, which after some brainstorming came to:

  • Citizenship
  • Creativity
  • Culture
  • Education
  • Employment
  • Ethics
  • Faith
  • Family
  • Finance
  • Friends
  • Goals
  • Health
  • Interests
  • Perspective (Worldview)
  • Recreation

While this is not an exhaustive list for an ontology, it is a starting point. I will no doubt add to this list as I go, and possibly rename some of them. From there I created a new thought under each one, for the goals of each aspect, and then linked them all back under the Goals aspect itself. So I can define goals for each aspect of my life, which are then accessible as a single collection under the aspect of Goals. I have also begun to add extra thoughts under each aspect.

Employment Mindmap

Employment Mindmap

Educational Mindmap

Educational Mindmap

I don’t see this project as having an expected completion date, as it will require constant modification, like a wiki or knowledgebase. There is currently no Mobile version of PersonalBrain, but I anticipate a Java-based version in the not-too-distant future. Either way, if I can get my personal ontology to achieve what I plan for it, while at least running on a laptop or Tablet PC, it should help to unscramble the pandemonium in my bookmarks / favorites, My Documents, and other aspects of both my online and real-world lives.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Posted in Uncategorized | Tagged: , , , , , , , , | Leave a Comment »