Thursday, October 29, 2015

Digital Forensic Tool- Write-Blocker

Write-Blocker
   
         A write-blocker is a security tool that prevents unnecessary or malicious data from getting into the digital records that are being saved in the collection's computer. Specifically, a write-blocker allows for the computer to pull data from the connected media without the computer sending any information to the connected media, which stops any unwanted data transferring. There are different types of hardware write-blockers, the most common being a write-blocker that connects using a USB port. A specific brand of write-blocker is the T8-R2 Forensic USB Bridge which uses the Tableau IMager (TIM) and has transfer speeds up to ninety percent. The T8-R2 is compatible with USB thumb drives, external USB disk drives, Apple iPod's and USB based cameras with card reader capability. The T8-R2 works with USB 2.0 and FireWire400 to connect to computers which enhances usability with forensic hosts and software tools. Specific operating systems that the T8-R2 works with are Windows, Macintosh OS X, and most Linux distributions. The T8-R2 has a one year warranty for parts and workmanship from the date of purchase.

 Goldman, Ben. (2015). Outfitting a Born Digital Archives Program. Practical Technology for Archives. Retrieved    from http://practicaltechnologyforarchives.org/issue2_goldman/.Guidance Software. (2015). Tableau T8-R2 Forensic USB Bridge. Retrieved from Guidance Software: https://www.guidancesoftware.com/products/Pages/tableau/products/forensic-bridges/t8-r2.aspx



Images retrieved from: https://www.guidancesoftware.com/products/Pages/tableau/products/forensic-bridges/t8-r2.aspx



Posted by at No comments:

What You Would Need for Your Work Space

Find the Article Here

          This article written by Ben Goldman provides instructions and the costs of how to set up a work space for harvesting digital data. The article is divided into six steps to allow for archivists to set up their space from scratch. Goldman emphasizes assessing the collection to determine whether spending money and time to create a workstation and supporting infrastructure for digital archiving is worth the effort. He suggests completing an inventory to determine current storage needs. The next step is to partner with the institution's IT department to determine technical requirements such as increased amounts of memory, install software, establish dark archive storage or obtain equipment. The workstation being created has to be protected from outside interference such as viruses. Goldman suggests the work space be exempted from other uses and possibly isolated on the local network through firewall specifications. Goldman compares having a quarantined work space to a room that archives use for new acquisitions. Then the computer's hardware specifications need to be considered by making sure the computer has the memory and operating ability for the data that needs to be collected. Obtaining different types of hardware to read floppy disks drives, memory card readers and optical media drives depending on the technology the data in the collection is stored on. Lastly, Goldman discusses different types of software that would be needed such as virus protection and digital forensic tools.

 Goldman, Ben. (2015). Outfitting a Born Digital Archives Program. Practical Technology for Archives. Retrieved from http://practicaltechnologyforarchives.org/issue2_goldman/.

Image retrieved from: http://practicaltechnologyforarchives.org/issue2_goldman/

Posted by at No comments:

Interview with Kam Woods of BitCurator

Find the Interview Here           

           Kam Woods, who is the Technical Lead for BitCurator, was interviewed by Butch Lazorchak in May of 2015. The interview discusses the latest efforts to apply digital forensics to digital preservation. Woods began working on BitCurator late in 2010 when he started using open source digital forensics tools that were written by a coworker. Woods noticed the uses these tools could have in digital preservation. Woods defines digital forensics as "the process of recovering, analyzing, and reporting on data found on digital devices" (Lazorchak, paragraph 6). He goes on to describe how digital forensics is usually a term related to law enforcement and security practices that helps identify items of interest. Digital forensics relates to archival practices such as providing accurate chain of custody, showing provenance and storing data in a way that lessens the chance of tampering, destruction or loss. Woods states that a goal of BitCurator Access is to give collecting institutions better ways to approach the contents of complex digital objects such as disk images. The current software BitCurator is developing will run as a web service and allow any user to run the software in a web browser to be able to navigate collections of disk images in various types of formats. 

 Lazorchak, B. (2015, May 15). Digital Forensics and Digital Preservation: An Interview with Kam Woods of BitCurator. The Signal. Library of Congress. Retrieved from http://blogs.loc.gov/digitalpreservation/2015/05/digital-forensics-and-digital-preservation-an-interview-with-kam-woods-of-bitcurator-2/
Image retrieved from http://blogs.loc.gov/digitalpreservation/2015/05/digital-forensics-and-digital-preservation-an-interview-with-kam-woods-of-bitcurator-2/
Posted by at No comments:

BitCurator

BitCurator's Web Page    
     
       BitCurator is a project that is a collaboration between the School of Library and Information Science at the University of North Carolina, Chapel Hill and the Maryland Institute for Technology in the Humanities to implement digital forensics tools in collecting institutions. From 2011 to 2014 the project was funded by the Andrew W. Mellon Foundation and the project's ongoing maintenance and software development is done by the BitCurator Consortium. The project also has two external partners: a Professional Expert Panel and a Development Advisory Group. The Professional Expert Panel is made up of individuals who are implementing digital forensics tools and methods in each of their own collecting institutions to find better ways to implement digital forensic tools in to workflows of collections and collection management environments. The Development Advisory Group address the need for using digital forensics to make collections publicly accessible. The Development Advisory Group are individuals who have significant experience with software development. 

     The software that BitCurator releases is free and open sourced under an open source license so that any library or archive may have access to the tools. The BitCurator software can be installed in a Linux environment, run as a virtual machine in most current operating systems, or the software can be used as individual software tools, packages, support scripts and documentation. 

 The Current Features of BitCurator are:
       - Pre-imaging data triage
       - Forensic disk imaging
       - File system analysis and reporting
       - Identification of private and individually identifying information
       - Export of technical and other metadata 

 BitCurator Consortium. (2015, October 29). About the Project. Retrieved from BitCurator:  http://www.bitcurator.net/bitcurator/

 BitCurator Consortium. (2015, October 29). Software. Retrieved from BitCurator: 
 http://www.bicurator.net/bitcurator/
Image retrieved from: http://www.bitcurator.net/

Posted by at No comments:

Why Archives Need Digital Forensics


Christopher Lee's article "Digital Forensics Meets the Archivist (And They Seem to Like Each Other)"

          More and more archives are having to collect materials that are born digital. Archivists are having to determine the best ways to harvest all of this digital content. Digital forensic practices are tools that can make collecting digital content more efficient and less time consuming. Whenever collecting institutions are dealing with digital content, there is usually a lot of it since there is typically a lot of content on external hard drives. Digital forensics allows for archivists to navigate through digital materials while maintaining provenance, original order and chain of custody. Digital records have multiple levels of representation that range from "aggregations of records all the way down to bits as physically inscribed on a storage medium" as Christopher Lee puts it in his article Digital Forensics Meets the Archivist (And They Seem to Like Each Other). Each of these levels have to be considered when archiving digital content to determine whether or not the information is significant to the record and therefore the collection itself. Information exists in the structures of the computer systems where the materials were made that can be used not only to better understand the content of the materials, but to provide access to more metadata for the record. 

Lee, C. A. (2012). Digital Forensics Meets the Archivist (And They Seem to Like Each Other). Provenance: The Journal Of The Society Of Georgia Archivists, 302-7.

                                                        Image retrieved from: http://computer.howstuffworks.com/computer-forensic5.htm
Posted by at No comments:
Subscribe to: Posts (Atom)