|
|
| Line 1: |
Line 1: |
| − | [[File:Joachim Metz.jpeg|right|Digital Chalk Outline]] | + | [[User:Joachim Metz|Joachim]] 21:43, 28 August 2012 (PDT) http://www.storm.net.nz/projects/16 no longer seems to exists if someone know an alternative location for this please add it to the article and remove this comment. |
| − | | + | |
| − | Joachim Metz is a Digital researcher, IT/IS specialist.
| + | |
| − | | + | |
| − | In 2006 he started working in the field of computer forensics as a digital forensic investigator at Hoffmann Investigations.
| + | |
| − | At that time Hoffmann Investigations carried out digital forensic investigations for organisations (private law).
| + | |
| − | | + | |
| − | Before that he worked in multiple Information Communication Technology (ICT) disciplines like: system and network administration, programming, deployment, etc. and also Information Security (IS).
| + | |
| − | He has been working in the field of digital forensics for several years now.
| + | |
| − | | + | |
| − | ''Philosophy warning''
| + | |
| − | | + | |
| − | In his opinion digital forensic investigators should be transparent in both their findings and methods.
| + | |
| − | The statement "the tool provided me with the evidence" just does not cut it.
| + | |
| − | In his work he experienced a lot of serious errors in 'digital forensic software' and corresponding human interpretation, e.g. tools that represent the FAT access date as a date and time value and is interpreted as such. He has put a lot of effort in providing alternatives and means to verify findings by breaking open file formats and improving file recovery methods.
| + | |
| − | | + | |
| − | ''Ancient history alert''
| + | |
| − | | + | |
| − | For him breaking open file formats dates back to Might and Magic 3 save games and recovering deleted and corrupted files under DOS using PCTOOLS.
| + | |
| − | | + | |
| − | ''Marketing alert''
| + | |
| − | | + | |
| − | Some of his recent work are file format libraries like: [[libewf]], [[liblnk]], [[libmsiecf]], [[libnk2]], [[libpff]] and [[libesedb]]
| + | |
| − | and the proof-of-concept carving tool called [[ReviveIt (revit)|revit]], which keeps surprising him because of its versatile application even in recovering NTFS-compressed files.
| + | |
| − | | + | |
| − | More info can be found on [http://code.google.com/p/libyal/ libyal].
| + | |
| − | | + | |
| − | The challenge he likes about the field of digital forensics is that there is a lot out there still to be discovered ;-)
| + | |
| − | | + | |
| − | [[Category:People]]
| + | |
