Presenting our counter-forensics DIY Dead Man Switch @ DEF CON 32
BusKill goes to DEF CON 32 - BusKill
https://www.buskill.in/defcon32/
Join BusKill at DEF CON 32 for our presentation titled "Open Hardware Design for BusKill Cord" in the Demo Lab
Gov agency asking me for an “unaltered copy” of ~15 or so e-mails (HTML!)
I received several machine-generate e-mails which are all mostly the same: a notification. They are HTML emails with no plaintext MIME part. Yikes! And to complicate matters further, the messages traversed my anonaddy forwarding account which PGP encrypts every message to me before forwarding it to my normal email account.
The gov wants me to give them an “unaltered copy” of these e-mails. This gov office actually blocks my mail server so I am generally unwilling to send them email. This means I will be giving them the emails on paper hardcopy.
So wtf, this is tricky. They want an “unaltered copy”. If I were to print the MBOX files, it would be useless to them because it’s a base64 blob that only I can decrypt. My mail client is mutt so the HTML is detected and piped through w3m to give me a text version that is readable enough.
But in general, how do you give unaltered copies of an HTML email on paper form? This is not necessarily for a court but it could go down that path. Would a court want to see raw HTML tags? Or do courts prefer the HTML to be rendered for readability?
Normally I copy the w3m-rendered text of email into LaTeX and typeset it to look pretty and copy-paste the useful headers into a well-styled header in a monospaced font. And I omit the useless headers. But I get the impression my way of working would not pass for “unaltered”.
I could perhaps try to feed the HTML into wkhtmltopdf
. In the end, HTML rendering always varies depending on the rendering tool. Normies use MS Outlook, and I have to figure that the gov is normally dealing with normies. So maybe I should install Evolution or Thunderbird. Any suggestions for a tool that is particularly good at making HTML email presentable on paper without looking too custom?
#askFedi
Old School MS-DOS Commands for DFIR
Old School MS-DOS Commands for DFIR
https://www.youtube.com/watch?v=SfG25LmNkT0
In this episode, we'll look at numerous old-school MS-DOS commands from the 80's and 90's that are still very valid and useful today -- even in Windows 11! L...
Looking for podcasts, newsletters etc
I'm new to the field - I was software developer before. I'm curious if there are any cool resources (podcasts, newsletters, etc) that you follow and can recommend! :)
Is this course any good?
Hal Pomeranz Linux Forensics Intro : Hal Pomeranz : Free Download, Borrow, and Streaming : Internet Archive
https://archive.org/details/HalLinuxForensics
Course materials and lab virtual machine for introductory course in Linux Forensics
Not an active blog, but with very complete articles
Another Forensics Blog
https://az4n6.blogspot.com/
Digital Forensics and Incident Response Research,Python Scripts and Musings
Welcome!
This is the start of the Digital Forensics community on Infosec.Pub. Dedicated to the art + science of this field. Please keep posts related to the community topic and respectful towards others.