I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
@timmedin Barrel maker is correct. The word "cooper" apparently derived from earlier languages... according to some quick Internet research
@BryanTheSnail @4n6woman And getting them mixed up is a very common programming error...
@timmedin Quick quiz: if your last name is Cooper then one of your ancestors was a...?
@BryanTheSnail And of course Linux dd works as does mounting images via loopback.
@BryanTheSnail DFF claims to support EXT4 but I've not tried it. Sleuthkit works at the fs and blk level but not higher.
@4n6woman I don't know from EnScript, but % in most programming languages is "modulus"-- aka "remainder after integer division". 8 % 3 = 2
RT @AFoDBlog: Looks like no keylogger on Samsung laptops after all. http://engt.co/eHpjXa [then why did cust support say there was?]
1
RT @bgarnett17: SIFTing w/ E01's ramslack.wordpress.com by @CdtDelta #dfir [Excellent! One less blog post I have to write! Thanks @CdtDelta!]
@competentgirl Oh yeah, I *love* that conversation. "What sort of firewall are you using?" "OpenBSD"
@davehull I've been meaning to write a Perl XS module for parsing wtmp files but haven't had the time.
"We're running with the shadows of the night. So baby take my hand it will be all right. Surrender all your dreams to me tonight..."
@competentgirl Ah, no CIR... Welcome to consumer-grade broadband.
@ericjhuber Apropos of you recent blog post, there are all sorts of interesting on-disk artifacts left behind by Dropbox...
RT @jgarcia62, @r0bertmart1nez, @Shadowserver: Samsung installs keylogger on its laptops: http://bit.ly/h4UaEN [class action in 3,2,1...]
1
1
@davehull The structs are so regular, I bet you could build a wtmp detector by looking for the increasing time values...