Forensic Computing

One concept that pervades digital forensics, reverse engineering, exploit analysis, even computing theory is that in order to fully understand information, you need to know the context the information is used in.
For example, categorize the following four pieces of information as either code or data:
1) push 0×6F6C6C65
2) “hello” (without the quotes)
3) 448378203247
4) 110100001100101011011000110110001101111
Some common answers [...]

It’s been quite some time (over a month) since I made a post (to here or the forensically sound yahoo group). I’ve had a whirlwind of client work, including teaching at a number of SANS conferences. I did get a bit of press coverage while at the San Jose SANS conference. The press came to [...]