Difference between pages "Joachim Metz" and "Talk:Tools:Memory Imaging"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(Created page with "~~~~ http://www.storm.net.nz/projects/16 no longer seems to exists if someone know an alternative location for this please add it to the article and remove this comment.")
 
Line 1: Line 1:
Joachim Metz is a Digital researcher, IT/IS specialist.
+
[[User:Joachim Metz|Joachim]] 21:43, 28 August 2012 (PDT) http://www.storm.net.nz/projects/16 no longer seems to exists if someone know an alternative location for this please add it to the article and remove this comment.
 
+
In 2006 he started working in the field of computer forensics as a digital forensic investigator at Hoffmann Investigations.
+
At that time Hoffmann Investigations carried out digital forensic investigations for organisations (private law).
+
 
+
Before that he worked in multiple Information Communication Technology (ICT) disciplines like: system and network administration, programming, deployment, etc. and also Information Security (IS).
+
He has been working in the field of digital forensics for several years now.
+
 
+
''Philosophy warning''
+
 
+
In his opinion digital forensic investigators should be transparent in both their findings and methods.
+
The statement "the tool provided me with the evidence" just does not cut it.
+
In his work he experienced a lot of serious errors in 'digital forensic software' and corresponding human interpretation, e.g. tools that represent the FAT access date as a date and time value and is interpreted as such. He has put a lot of effort in providing alternatives and means to verify findings by breaking open file formats and improving file recovery methods.
+
 
+
''Ancient history alert''
+
 
+
For him breaking open file formats dates back to Might and Magic 3 save games and recovering deleted and corrupted files under DOS using PCTOOLS.
+
 
+
''Marketing alert''
+
 
+
Some of his recent work are file format libraries like: [[libewf]], [[liblnk]], [[libmsiecf]], [[libnk2]], [[libpff]] and [[libesedb]]
+
and the proof-of-concept carving tool called [[ReviveIt (revit)|revit]], which keeps surprising him because of its versatile application even in recovering NTFS-compressed files.
+
 
+
More info can be found on [http://code.google.com/p/libyal/ libyal].
+
 
+
The challenge he likes about the field of digital forensics is that there is a lot out there still to be discovered ;-)
+
 
+
[[Category:People]]
+

Latest revision as of 23:43, 28 August 2012

Joachim 21:43, 28 August 2012 (PDT) http://www.storm.net.nz/projects/16 no longer seems to exists if someone know an alternative location for this please add it to the article and remove this comment.