Death Of A Thousand Cuts- Finding Evidence Everywhere! presented at Blackhat Europe 2006

by Johnny Long (Hackers for charity),

Tags: Security Forensics

Summary : In this day and age, forensics evidence lurks everywhere. This talk takes attendees on a brisk walk through the modern technological landscape in search of hidden digital data. Some hiding places are more obvious than others, but far too many devices are overlooked in a modern forensics investigation. As we touch on each device, we’ll talk about the possibilities for the forensic investigator, and take a surprising and fun look at the nooks and crannies of many devices considered commonplace in today’s society. We’ll look at iPods (and other MP3 players), Sony PSP devices (and other personal video products), digital cameras, printers, fax machines, all-in-one devices, dumb phones, “smart” phones, cell phones, various network devices and even wristwatches, sunglasses, pens and all sorts of other devices that contain potential evidence. For each device, we’ll look at what can be hidden and talk about various detection and extraction techniques,avoiding at all coststhe obvious “oh I knew that” path of forensics investigation. All this will of course be tempered with Johnny’s usual flair, some fun “where’s the evidence” games, and some really cool giveaways.