Subscribe to Anti-Forensics
General Topics
Saudi Arabia Bans BlackBerry’s
So what do you do when you can’t eavesdrop on your citizens personal and private communications? Just ban the service or device allowing this atrocious thing called privacy of course. It is now official, the Saudi Communications and Information Technology Commission has informed local cell service providers in Saudi Arabia that all BlackBerry device service must be [...]
The Risks of Windows Hibernation – The hiberfil.sys and Web Browsing
You can use Windows Hibernate to conserve batteries, electricity, save the environment, the world and the polar bears. However, did you know that by putting your computer into “hibernation” mode that you are essentially creating a snapshot of the contents of your computers RAM which is then saved to the root of the hard drive as “hiberfil.sys”?
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System by Bill Blunden
The Rootkit Arsenal is primarily focused on rootkits, every aspect of a rootkit in fact. What I thought was really great was Blunden’s entire section on anti-forensics and computer forensics where acquisition methods, examination methods and other techniques are explained in detail.
How to Delete Google History – Google Chrome Artifacts and Google Chrome History
As of this December in 2009, the Google Chrome web browser is the worlds fourth most widely used web browser. As an example, nearly 7% of all Anti-Forensics.com visitors are using the Chrome web browser. This article will cover Google Chrome search history, artifacts and logs that are created by the Chrome web browser when [...]
How to Delete Google History – Clear Google Toolbar History
There are many people who use the popular Google Toolbar with the Mozilla Firefox and Microsoft Internet Explorer web browsers. The Google Toolbar can be used to conduct keyword searches with the Google search engine and the toolbar will conveniently save those searches so that they can be viewed later. Normally, to delete these searches [...]
Beat EnCase File Signature Analysis on a Windows System
Use a hex editor to modify the file signature of a WinRAR archive to that of an executable file to beat the EnCase forensic software’s file signature analysis.
Gmail – The Spammer’s Paradise
Google Mail is a powerful engine for spammers. Email sent through Google’s web mail contain no origin IP address in the email’s header. This means that spammers do not have to deal with rotating or masking their sending IP address which will get blacklisted fairly quickly when mass mailing.
Disable Thumbnail Caching and Wipe Thumbs.db files on a Windows XP System
The thumbs.db file on a Windows XP system can be a treasure chest of 96 x 96 pixel artifacts. By default, in the standard Windows XP home and professional editions, a thumbs.db file is created in folders viewed in the thumbnail view which contain jpegs, bitmaps, GIFs, PNGs and other files.
Delete USB Device History from the Windows Registry (USBSTOR key) and the setupapi.log
This article covers the USBSTOR registry key and the setupapi.log file and methods to delete them. These two artifacts can contain data regarding USB devices that have been plugged into a system. There are other things you should be aware of as well which are covered in the article. Sometimes just deleting a registry key or file is not enough.
Obama Administration Keeping Quiet On Anti-Privacy Agreement (Anti-Counterfeiting Trade Agreement)
Parts of the agreement (ACTA, Anti-Counterfeiting Trade Agreement) will allow border agents and officials in airports to seize your digital equipment such as laptops, mp3 players and phones to search for copyright protected material. People who are found to be in violation can have their equipment seized and destroyed as well as a fine.
Recent Comments