Discere Dev Update
Discere is approaching a usable alpha release. I just need to add support for zip/jar/tar/etc archives, and incorporate my prior PST handler from black friar, then add rudimentary document tagging. Spreadsheets are still a bane – I don’t know what the point is really, they never come out in a readable format without human intervention; I’m wondering about rendering them from an HTML table extraction.
I thought I would just post the above dev log update since I have so little time to blog right now. As a quick explanation, Discere is a part of my dissertation work, and is a subset of my Blackfriar project. Discere is intended to be an eDiscovery / Document review system with robust index/search capabilities, while Black Friar is the overarching project linking digital forensic acquisition / preservation data into a reviewable / produce-able format. All of it relies on a substantial number of Open Source projects to leverage existing, robust projects into a tool usable by anyone. It is also cross-platform to address the increasing number of Mac and Linux systems found in the legal environment (trust me, half of my law school classmates are on macs right now, and I am noticing an increase in usage with clients I do expert work for).
Just a quick update
Law school is going well at Tulane. I continue to balance my full time law school schedule, with work, and with continued research. The balance is very delicate, which has left me little time for posting though so many topics have come up recently in a variety of areas that I am itching to expound upon. I will be giving twitter a try to bring attention to some of these issues until I can get back to posting lengthy opinion pieces.
I have a forthcoming paper which will appear in the Journal of Information Ethics co-written by a colleague of mine. More information when it appears, but the topic is ethics in digital forensics research dealing with consent for grey market data sources.
Computers vs Human – Competitors or Complementary?
I think at some point in a computer scientist’s studies the computers themselves become less of a thing, a tool, and instead become more of an extension of the self like an arm or a hand. I’ve always felt the true power of computers comes not in completely automated processes, but in combining the analytical strength of computers with the very powerful pattern recognition abilities of the human mind. To some extent my research is trending in that direction with the idea digital forensics needs to move away from a synchronous process to an asynchronous one. You can see a previous post summarizing my AAFS presentation on Black Friar.
P2P lawsuits examined with graph theory
P2P infringement cases are fascinating for several reasons. They are the essence of my argument the intersection of law and technology is going to be a significant one in the future once courts become more widely cognizant of the difference between abstraction and implementation. A case I am keeping tabs on now ACHTE/NEUNTE v DOES 1-2,094 is interesting because of the argument advanced regarding the BitTorrent protocol.
To review, with BitTorrent and most modern P2P protocols an individual offers to share a file. Various users locate files of interest to them. Traditionally, in the BitTorrent model the users locate a torrent file from a search engine or some other source, the torrent file points to a tracker which delivers a list of contacts to the program who have portions of the desired file. The program requests parts of the file from a variety of sources and reassembles the file once all the parts are downloaded.
The Brits crack some emails
This is an interesting tid bit from across the pond:
Police took months to break encrypted messages on his computer. They found he had been in direct contact with Awlaki, who is accused of having links to the attempted bombing of a plane over Detroit during Christmas in 2009 and an attempt last year to explode ink printer bombs on freight planes heading to the US.
- The Guardian
The plot came to light after expert from the Metropolitan Police Service Counter Terrorism Command spent nine months cracking 300 encrypted emails found on Karim’s hard drive.
- The Register
I say interesting, because encryption is a thorny issue. Generally, common wisdom holds a sufficiently large key size will take forever and a day to brute force. The common wisdom has to be balanced with a host of other factors such as the omnipresent human error, bad encryption (esp any encryption described as ‘proprietary’), but the real unknown is what kind of firepower various governments have at their disposal. It would be interesting to know how the emails were encrypted – a few more details on that and it could be viable to estimate what kind of number crunching 007 has over there.