Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Book Review: Windows Forensic Analysis

Brett Shavers writes: "Harlan Carvey's "Windows Forensic Analysis" is a book that delivers more than promised. The succinct title describes exactly what the book is all about, Windows Forensics Analysis. Unlike the majority of computer forensics books that cover the basics of all things forensics, Harlan's captures the specifics in the analysis of the Windows Operating System. This is what has been missing in the realm of the computer forensics series of publications. The topic of this book is not for the casual reader, but rather for the practicing computer forensic investigator.

Whereas many similar books focus on a broad coverage of the field, this book focuses on subtle particulars relevant to a specific operating system that is applicable to nearly every computer forensic analysis of a Windows operating system. Additionally, as Harlan has not reiterated what has been written before, the most gainful information starts from the first chapter lasting to the end chapter. This is a blessing considering each newly published book on the subject matter usually requires skipping the first several chapters to find new material.

The details of technical explanations are immediately useful for CyberCrime investigators while at the same time, not so technical that an additional reference book is needed to translate what Harlan is describing. With many books of the same genre, technical descriptions of complex topics are written as such; technically difficult to comprehend. However, Harlan has written in a manner that complexity doesn't have to be incomprehensible. This is a very difficult task for this subject matter.

The content will be as current for as long as there exists a need for forensic exams on Windows Operating Systems, which may be a very long time. Harlan has always been in the forefront of live analysis, that is, an analysis of a running computer for evidence of malicious intent and his most recent book covers this aspect of forensic investigations completely.

The reader must be familiar with computer forensics basics, more so than just having read a book on the subject. Those that conduct computer forensic investigations beyond basic data recovery would greatly benefit from the majority of the chapters. In particular, the chapter on Registry Analysis gives information not found anywhere else, but which should have been provided somewhere given the volume of evidential information obtainable in that area of analysis.

In this area of highly technical skills, it is rare that reference books are written in a manner of being easy to read, yet complete in the explanations of difficult to describe topics. The examples in the book are simple to follow and are also realistic as applied to the practical world.

Perhaps the most significant bonus with this book is the accompanying DVD. Harlan not only details the software applications he has written (in Perl for the most part), but he includes them on a DVD with the book. Given the extreme cost of conducting forensic examinations with software purchases, this is a very gratuitous bonus for those that actively conduct electronic investigations, as the tools can be readily applied to many situations. For the majority of any software applications that he does not supply on the DVD, the applications he references are not the highly expensive, commercial tools, but rather freely available.

I would surmise that every forensic examiner will eventually have this book on their desk, as the work that Harlan has done in testing these forensic analysis environments, can be applied quickly by other examiners in their investigations. At this point, Harlan's newest book is my most prized reference in my library.

The only suggestion for Harlan would be to get started on another book, on my favorite topic, Registry Analysis."

Submission + - Solar powered aircraft breaks record (

BigBadBus writes: "British firm QinetiQ have announced that their Zephyr solar powered aircraft has broken the world record for long duration flight. The flimsy craft made an unnofficial record of 54 hours non-stop flying, but because the flight was an unnounced secret voyage, this record will not stand. A second, 33 hour flight may just claim the record though. Zephyr flies at 58,000 feet."

Submission + - A New Music Business Model (

An anonymous reader writes: With the music industry crumbling before our eyes, a group of musicians are taking matters into their own hands. Enter the music services industry. It's interesting; before the 20th century, music was always a services-only industry. With the death of DRM, unrealistic RIAA, etc., are we moving back towards music services as a legitimate business model for musicians?

Blackberry "Spy" Software Released 91

Noryungi writes "Maybe the French were on to something after all. It turns out that there is a software available to easily spy on Blackberries, recording voice conversations and all messages (emails or SMS text message) that transmit through the portable device. Of course, the software has to be installed by the owner of the Blackberry, but it would not be surprising to find out that someone has found a way to silently auto-install that software on RIM devices. ZDNet reports that RIM isn't concerned: 'Ian Robertson, senior manager of security and research at RIM, said users need not be particularly worried about the capability of FlexiSPY. "While it's the subject of some debate, I don't consider it a virus nor a Trojan, as it does require conscientious effort from the user to load the program," he said. Robertson said an average user that maintains good [gadget] hygiene would never see the software loaded onto their device without their knowledge.'"
Hardware Hacking

Submission + - hacking through broadband over powerline

Lloyd Dettering writes: "My 5 PCs have been hacked by someone on the behalf of the Canadian Depository for Securities, a private company, owned, according to their website, (this info might not be stated on their website any longer, but the info is available from "Intercorporate Ownership" published by Statistics Canada), by major banks, the Toronto Stock Exchange and the Investment Dealers Association of Canada (many of whose members have been involved in boiler-room stock scams in the past). Reason? I had my spreadsheet, containing financial data on all listed Canadian companies converted into a database for publishing on the Internet, available to all investors. For a very small fee, which would allow me to hire others to continue the work of the data input (so I could turn my attention to other things), the retail investor would be able to compare up to 50 stocks at a time. They don't want this service to be initiated as investors would then be able, after selecting the best stock for their needs, to use the services of discount brokers. First, they placed viruses, spyware and even a rootkit on my PC when I continued to download files (which are public files but on which they claim 'joint-ownership' with the Canadian Securities Administrators, the members of which are the heads of the various Provincial and Territorial Commissions across Canada. I asked their resident moron, David Scott, who made this claim of ownership, how could they own the files when they stated on their website,, that the filers are responsible for any errors). I ceased trying to download any files from but whenever I try downloading files from the SEC's website,, they interrupt my Automatic Downloader, stopping it and later allowing it to restart after the program has reported 'cannot download file' for over 60 files. My 2 phones have also been wiretapped by these scum. They even placed viruses on files I'd downloaded from the SEC's website to make it appear that I'd downloaded the files with viruses from, which the SEC has assured me the viruses didn't and wouldn't come from them (I'd never had this problem before with any files downloaded from I've been unable to get any help from any police agency in Canada (I had a meeting with an R.C.M.P. sergeant who only came to the meeting to lie his head off) nor from any of the elected representatives in either the Federal government in Ottawa or the Provincial government in Toronto. I'm sure they all know what's going on but the Liberals and Conservatives get their campaign finances from these people and turn a blind eye to their illegal activities. The O.P.P. (Ontario Provincial Police) cannot help me, even though they have the expertise, as they have first to be invited by the local Keystone Kops, the Niagara Regional Police Service (N.R.P.S.) and, although I requested this O.P.P. invitation several months ago from N.R.P.S. Chief, Wendy Southall, a figurehead installed to make those who really run N.R.P.S. look 'progressive', I am yet to receive any response from her. My home was even broken into (and copies of the letters I'd sent to the MPs and MPPs stolen. My Transaction Register which contains a record of all my deposits, withdrawals and purchases was also stolen. Perhaps they wanted to see what I'd done with the money I'd received from refinancing my home. Hire a lawyer maybe? David Scott, a 24K moron, had told me, when I told him I'd take the matter to court, that they, CDS Inc., didn't want to go to court but wouldn't allow me access to the files on either) by these scum on March 27th, 2006 but the Ontario Civilian Commission on Police Services has agreed with N.R.P.S. that my complaint is 'frivolous'. According to a survey by some United Nations body, Canada is supposed to be the 'best place in the world to live'. But it's well-known that the U.N. is full of corruption. Perhaps someone was bribed to make this claim. After all, we have thousands of highly qualified immigrants, lured to this country, who can only find low-paying jobs beneath their abilities. Yesterday's "Toronto Star" ran an article on this. Small wonder that when Canada's Constitution was 'repatriated' there was a huge celebration in Ottawa as we can no longer appeal to the Privy Council in the United Kingdom and the politicians and their friends can do whatever they like with, and to, us. The Ontario government even passed a 'threshold' law which states that if you're injured in an automobile accident there would be a $15,000 'deductible' from any damages you're awarded. Presumably, pain, something subjective to a sufferer, can be quantified and priced. This allows the lawyers to intimidate victims even though there's a law on intimidation in the Criminal Code. But the U.N., that farcical body, has stamped Canada as 'the best country in the world to live in'.

I don't know if this will ever get to for publication as my mouse keeps eluding my control and errors keep appearing in this 'scoop'."

Submission + - Direct marketing using airline bookings

Overtone writes: Air travelers have to give their real name to fly. New advertising startup Jetera has formed a business to exploit this. In their words "Jetera's patent-pending offering is based on the merging of airline passenger reservation information with consumer data provided by third parties to create a detailed record of the traveller very soon after a flight has been booked. The record will then be associated with one or more relevant groups of goods and services, triggering the dispatch to the traveller via various media of marketing and information content before, during and after the flight." This means direct mailing to your home and ads on the seatback screen in front of you. Jetera plans to launch with their first airline customer by the end of 2007. Ouch! Can a groundswell of slashdotters force them to offer a 5-year opt-out on their website?

Submission + - Leopard, Hi-Def, and DRM

An anonymous reader writes: With all the controversy about the horrors of Vista DRM on HD content, I have not heard a peep about playing HD content on OS X Leopard. Will Apple have to implement the same strict controls as Vista because the Studios "forced" them too? Steve stated Apple loves Blu-Ray, but what are the playback restrictions going to be?

Spam is Back With A Vengence 510

Ant writes "The Red Tape Chronicles reports that just last December (2006), the FTC published an optimistic state-of-spam report. It cites research indicating spam had leveled off or even dropped during the previous year. It now appears spammers had simply gone back to the drawing board. There's more spam now than ever before. In fact, there's twice as much spam now as opposed to this time last year. And the messages themselves are causing more trouble. About half of all spam sent now is "image spam," containing server-clogging pictures that are up to 10 times the size of traditional text spam. And most image spam is stock-related, pump-and-dump scams which can harm investors who don't even use e-mail. About one-third of all spam is stock spam now."

How to Protect a Home When Away in Winter? 433

kidMike writes "I have just accepted a new job in another state, requiring me to relocate. I'm going to keep my house in New England. As I watch the winter storm problems and electrical outages across the country, how do Slashdotters protect their houses (or cabins) when they are away in the winter? Is there a device that will call me if the temp in the house drops below a certain level? How about a broken pipe flooding the house? How can I keep advised of problems happening hundreds of miles away? (There will still be broadband at the house.)"

Submission + - The Perfect General Lab

wdhowellsr writes: "I am currently setting up a lab that will need to provide me with the ability to test equipment for electronic systems from low voltage dc to super high voltage ac. I'm currently getting a Fluke 43b meter to be the primary testing equipment and will be wiring the entire lab to every possible variation of ac and dc voltage. My question to you is what would you consider the perfect lab not just for electronics but for computers, chemistry, and biology. I've tried to find resources on the web that would give me information regarding this but have been unable to find anything. Hold Nothing Back, William D. Howell"

Submission + - Interlink sues Nintendo on Wiimote

Patent-Monkey writes: "Dvorak reports on his blog that Nintendo is being sued by Interlink on its Wiimote using US patent 6,850,221. Interlink has successfully partnered with Microsoft on XBox. While this may be stresful for Nintendo, Interlink's claims cover "a housing for location at least partly between a first finger and a thumb of a user's hand...a contoured step having a first face for generally providing a rest location for the first finger of the user's hand..."."

Submission + - Google not in bed with CIA

shadowmage13 writes: "Slashdot previously reported on claims that Google has secret involvement with the CIA. Opposing these claims that Google is "in bed" with the CIA, a blog post from Matt Cutts' blog says that the statements are completely untrue in the classic lighthearted Google defense fashion. How much reason is there to still worry or is it pretty clear that this blog post is true?"

Slashdot Top Deals

Advertising is a valuable economic factor because it is the cheapest way of selling goods, particularly if the goods are worthless. -- Sinclair Lewis